www.captodayonline.com Open in urlscan Pro
192.124.249.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://captodayonline.com/
Effective URL:
https://www.captodayonline.com/
Submission: On September 14 via manual (September 14th 2021, 5:03:20 am UTC) from IN — Scanned from DE

Summary HTTP 253 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 14 domains to perform 253 HTTP transactions. The main IP is 192.124.249.164, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is www.captodayonline.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on July 18th 2021. Valid for: a year.

This is the only time www.captodayonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 70	192.124.249.164 192.124.249.164	30148 (SUCURI-SEC) (SUCURI-SEC)
4	142.250.178.10 142.250.178.10	15169 (GOOGLE) (GOOGLE)
1	104.26.8.198 104.26.8.198	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 86	116.202.46.88 116.202.46.88	24940 (HETZNER-AS) (HETZNER-AS)
2	216.58.212.228 216.58.212.228	15169 (GOOGLE) (GOOGLE)
1	172.67.39.148 172.67.39.148	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.178.8 142.250.178.8	15169 (GOOGLE) (GOOGLE)
1	54.235.81.255 54.235.81.255	14618 (AMAZON-AES) (AMAZON-AES)
7	142.250.178.3 142.250.178.3	15169 (GOOGLE) (GOOGLE)
15	142.250.178.2 142.250.178.2	15169 (GOOGLE) (GOOGLE)
2	142.250.187.238 142.250.187.238	15169 (GOOGLE) (GOOGLE)
1 2	52.48.134.198 52.48.134.198	16509 (AMAZON-02) (AMAZON-02)
5	172.217.169.70 172.217.169.70	15169 (GOOGLE) (GOOGLE)
1	64.233.167.156 64.233.167.156	15169 (GOOGLE) (GOOGLE)
22	142.250.200.34 142.250.200.34	15169 (GOOGLE) (GOOGLE)
10	142.250.179.226 142.250.179.226	15169 (GOOGLE) (GOOGLE)
12	142.250.187.193 142.250.187.193	15169 (GOOGLE) (GOOGLE)
5	142.250.178.6 142.250.178.6	15169 (GOOGLE) (GOOGLE)
3	34.241.251.11 34.241.251.11	16509 (AMAZON-02) (AMAZON-02)
7	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
253	21

70 192.124.249.164 (Menifee, United States) 2 redirects

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10164.sucuri.net

captodayonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.captodayonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.178.10 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.8.198 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.broadstreetads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

86 116.202.46.88 (Krefeld, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88.46.202.116.clients.your-server.de

servedbyadbutler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.228 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s28-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.39.148 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.178.8 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.235.81.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-81-255.compute-1.amazonaws.com

ad.broadstreetads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.178.3 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.178.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.187.238 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s34-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.134.198 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-134-198.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.169.70 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s09-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.200.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s30-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.179.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s31-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.187.193 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s33-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.178.6 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.241.251.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-251-11.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
86	servedbyadbutler.com 1 redirects servedbyadbutler.com	874 KB
70	captodayonline.com 2 redirects captodayonline.com www.captodayonline.com	760 KB
34	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	253 KB
16	doubleclick.net ad.doubleclick.net stats.g.doubleclick.net googleads4.g.doubleclick.net	99 KB
15	googletagservices.com www.googletagservices.com	285 KB
12	adsafeprotected.com 1 redirects pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	96 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	234 KB
5	2mdn.net s0.2mdn.net	278 KB
4	googleapis.com fonts.googleapis.com	4 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	google.com www.google.com	1 KB
2	broadstreetads.com cdn.broadstreetads.com ad.broadstreetads.com	5 KB
1	googletagmanager.com www.googletagmanager.com	44 KB
1	addtoany.com static.addtoany.com	29 KB
253	14

	Domain	Requested by
86	servedbyadbutler.com	1 redirects www.captodayonline.com servedbyadbutler.com
67	www.captodayonline.com	www.captodayonline.com
22	pagead2.googlesyndication.com	ad.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
15	www.googletagservices.com	servedbyadbutler.com www.googletagservices.com ad.doubleclick.net
12	tpc.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
10	googleads4.g.doubleclick.net	ad.doubleclick.net
7	dt.adsafeprotected.com	www.captodayonline.com
6	fonts.gstatic.com	fonts.googleapis.com
5	s0.2mdn.net	www.captodayonline.com ad.doubleclick.net
5	ad.doubleclick.net	www.googletagservices.com
4	fonts.googleapis.com	www.captodayonline.com
3	static.adsafeprotected.com	pixel.adsafeprotected.com www.captodayonline.com
3	captodayonline.com	2 redirects www.captodayonline.com
2	pixel.adsafeprotected.com	1 redirects servedbyadbutler.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.google.com	www.captodayonline.com
1	www.gstatic.com	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ad.broadstreetads.com	cdn.broadstreetads.com
1	www.googletagmanager.com	www.captodayonline.com
1	static.addtoany.com	www.captodayonline.com
1	cdn.broadstreetads.com	www.captodayonline.com
253	22

This site contains links to these domains. Also see Links.

Domain
servedbyadbutler.com
captodayonline.com
captoday-jobs.careerwebsite.com
cap.dragonforms.com

Subject Issuer	Validity	Valid
captodayonline.com Go Daddy Secure Certificate Authority - G2	`2021-07-18` - `2022-08-17`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
broadstreetads.com Cloudflare Inc ECC CA-3	`2021-06-03` - `2022-06-02`	a year	crt.sh
servedbyadbutler.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-01` - `2022-08-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.broadstreetads.com Amazon	`2020-11-26` - `2021-12-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
*.adsafeprotected.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-26` - `2022-06-17`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://www.captodayonline.com/
Frame ID: 0708AAA0281CAD825A0243C48DA8EB7A
Requests: 145 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: FF94991F66502B52AF5048866E2079B5
Requests: 13 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: DB8BA0D72566A69DDD080330FC3C9044
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: 02E560BB6505B600049F427AD5678E05
Requests: 9 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: 995F87A183B876D17B582D8CD963F740
Requests: 9 HTTP requests in this frame

Frame: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
Frame ID: 4460CAEC443DF78AA8DEE8602C65D9D9
Requests: 9 HTTP requests in this frame

Frame: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
Frame ID: 7383AD2C43405F0CE106AA2765ABB7F2
Requests: 9 HTTP requests in this frame

Frame: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
Frame ID: 96ACB8DDD8C385D5A39573A4534A85F4
Requests: 11 HTTP requests in this frame

Frame: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
Frame ID: B5933246A137BB0D045C6FAC7A511115
Requests: 9 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N5192.3733510CAPTODAY/B25421940.310816217;dc_ver=78.227;dc_eid=40004001,44728098;sz=300x250;u_sd=1;nel=1;dc_adk=379953403;ord=lzlvv5;click0=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591615%26setID%3D311039%26channelID%3D0%26CID%3D579301%26banID%3D520487461%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792352395%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D5904fd7c23eff39fb3816986d56efa027c566266%26location%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fwww.captodayonline.com%2F$0;xdt=0;crlt=2f7-oxl6W';sttr=80;prcl=s
Frame ID: 6F603C249AB995E5099794F070245310
Requests: 10 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N5192.3733510CAPTODAY/B25899775.310383592;dc_ver=78.227;sz=300x250;u_sd=1;nel=1;dc_adk=1633536228;ord=23zq6o;click0=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591620%26setID%3D387791%26channelID%3D0%26CID%3D579305%26banID%3D520487475%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792430153%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dc15c7b7c1d343c7b07017404873b6519e8c34292%26location%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.captodayonline.com%2F$0;xdt=0;crlt=2f7-oxl6W';sttr=95;prcl=s
Frame ID: E296DEE298CE2A8A01C5BEFC567C5F0B
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4F63B95125B7D63160B11D4399B3D068
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 23F7987FEC993195A6396D63762EF30D
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 1EE98BEDD9AB4FCD80E8926ADD390F5F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5FA203779D8B694909662AA83C7C091F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 354BA0120F5F452AC6EFBFEC3867886C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9C5612578BBBFA481DFD86CAA2F6A407
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js
Frame ID: 391C1D9E6C27F28CC8448A0FD967FC05
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js
Frame ID: A59FAB6BC1F3A24C53E639A742DB4E2E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CAP TODAY - Pathology/Laboratory Medicine/Laboratory Management

Page URL History Show full URLs

http://captodayonline.com/ HTTP 301
https://captodayonline.com/ HTTP 301
https://www.captodayonline.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

jQuery Mobile (Mobile Frameworks) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]mobile(?:-([\d.]))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

253
Requests

100 %
HTTPS

0 %
IPv6

14
Domains

22
Subdomains

21
IPs

3
Countries

2980 kB
Transfer

7361 kB
Size

52
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://servedbyadbutler.com/redirect.spark?MID=161097&plid=1591604&setID=146005&channelID=0&CID=579290&banID=520487450&PID=0&textadID=0&tc=1&mt=1631595792421465&sw=1600&sh=1200&spr=1&hc=01442316866f962209ee0bc06498d5f5796052b0&location=

Search URL Search Domain Scan URL

URL: https://captodayonline.com/2020/ProductGuides/02-20_CAPTODAY_AnatomicPathology.pdf
Title: Anatomic Pathology

Search URL Search Domain Scan URL

URL: http://captoday-jobs.careerwebsite.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://captodayonline.com/marketplace-index-by-company/
Title: Marketplace

Search URL Search Domain Scan URL

URL: https://captodayonline.com/category/marketplace/
Title: This month’s issue

Search URL Search Domain Scan URL

URL: https://cap.dragonforms.com/loading.do?omedasite=CTD_landing
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://servedbyadbutler.com/redirect.spark?MID=161097&plid=1591346&setID=188685&channelID=0&CID=578919&banID=520486698&PID=0&textadID=0&tc=1&mt=1631595792432683&sw=1600&sh=1200&spr=1&hc=b3799cac45ff7f28c69a726a800b5ce1d5d4d91c&location=

Search URL Search Domain Scan URL

URL: https://captodayonline.com/qa-column-0821
Title: Read answer

Search URL Search Domain Scan URL

URL: https://servedbyadbutler.com/redirect.spark?MID=161097&plid=1591563&setID=428275&channelID=0&CID=578963&banID=520486772&PID=0&textadID=0&tc=1&mt=1631595792433738&sw=1600&sh=1200&spr=1&hc=d26b7cccc08c800ebfce86dc95cf31d78b35c761&location=

Search URL Search Domain Scan URL

URL: https://servedbyadbutler.com/redirect.spark?MID=161097&plid=1591622&setID=428275&channelID=0&CID=579306&banID=520487478&PID=0&textadID=0&tc=1&mt=1631595792433740&sw=1600&sh=1200&spr=1&hc=b85bf7875c98b04edc5bf4c94145b4eec2ba7b33&location=

Search URL Search Domain Scan URL

URL: https://servedbyadbutler.com/redirect.spark?MID=161097&plid=1591608&setID=387791&channelID=0&CID=579294&banID=520487454&PID=0&textadID=0&tc=1&mt=1631595792430235&sw=1600&sh=1200&spr=1&hc=9f9a70f58c26f4162d26e350db2d063273c40c81&location=

Search URL Search Domain Scan URL

URL: https://servedbyadbutler.com/redirect.spark?MID=161097&plid=1591564&setID=188685&channelID=0&CID=578967&banID=520486776&PID=0&textadID=0&tc=1&mt=1631595792432704&sw=1600&sh=1200&spr=1&hc=89900be9b1efc1e410971598de33c94c130bdd73&location=

Search URL Search Domain Scan URL

URL: https://servedbyadbutler.com/redirect.spark?MID=161097&plid=1591355&setID=311039&channelID=0&CID=578938&banID=520486728&PID=0&textadID=0&tc=1&mt=1631595792329806&sw=1600&sh=1200&spr=1&hc=ce86fb9ca225ee4628e048f836d86c3b5e049424&location=

Search URL Search Domain Scan URL

URL: https://servedbyadbutler.com/redirect.spark?MID=161097&plid=1591608&setID=387791&channelID=0&CID=579294&banID=520487454&PID=0&textadID=0&tc=1&mt=1631595792430049&sw=1600&sh=1200&spr=1&hc=f9f689dcabefe3d31053197da9907baf2bd02c4d&location=

Search URL Search Domain Scan URL

URL: https://servedbyadbutler.com/go2/;ID=161097;size=300x250;setID=376181

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://captodayonline.com/ HTTP 301
https://captodayonline.com/ HTTP 301
https://www.captodayonline.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://servedbyadbutler.com/adserve/;ID=161097;size=300x250;setID=376181;type=img;click=CLICK_MACRO_PLACEHOLDER HTTP 302
https://servedbyadbutler.com/getad.img/;libID=3074970

Request Chain 218

https://pixel.adsafeprotected.com/rfw/st/538813/55572345/skeleton.js?adsafe_url=https%3A%2F%2Fwww.captodayonline.com%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:352ecd36-2b53-3487-e4a8-97fe8416fc2e,c:oa6TcO,sl:inView,em:true,fr:true,thd:1,mn:app13ie,pt:1-5-15,wc:0.0.1600.1200,ac:1080.250.300.250,am:i,cc:1080.250.300.250,piv:100,obst:0,th:0,reas:,br:c,abv:na,an:n,oam:0,nbld:0,mtim:530,fm:sIXvFCK+11*.538813-55572345%7C111%7C121%7C131%7C14%7C15%7C16%7C17%7C18%7C19,idMap:11*,rp:n,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:553,oid:0fd75b05-1519-11ec-8062-062810ec67f6,v:19.8.243,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

253 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.captodayonline.com/
Redirect Chain

http://captodayonline.com/
https://captodayonline.com/
https://www.captodayonline.com/

1001 KB
44 KB

2665ms
1513ms

Document
text/html

192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

87972a42b2d2689e00e0a40269ed9234ed4ec0b5cf5809b9b5a40230521cf919

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.captodayonline.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Tue, 14 Sep 2021 05:03:11 GMT
content-type: text/html; charset=UTF-8
x-sucuri-id: 19014
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
link: <https://www.captodayonline.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-origin: *
x-cache-nxaccel: BYPASS
content-encoding: br
x-sucuri-cache: EXPIRED

Redirect headers

server: nginx
date: Tue, 14 Sep 2021 05:03:08 GMT
content-type: text/html; charset=UTF-8
location: https://www.captodayonline.com/
x-sucuri-id: 19014
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Tue, 14 Sep 2021 06:03:08 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
access-control-allow-origin: *
x-cache-nxaccel: BYPASS
x-sucuri-cache: EXPIRED

GET
H2 200 formidableforms.css
www.captodayonline.com/wordpress/wp-content/plugins/formidable/css/ 82 KB
12 KB 461ms
460ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/formidable/css/formidableforms.css

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

44850806d9e7307561024be4c3cf523e662393d1451372ef0f61ca511dcbf176

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/formidable/css/formidableforms.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache-nxaccel: MISS
x-sucuri-cache: MISS
content-length: 11927
x-xss-protection: 1; mode=block
last-modified: Sat, 11 Sep 2021 11:26:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "14713-5cbb68067baf2-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
www.captodayonline.com/wordpress/wp-includes/css/dist/block-library/ 79 KB
11 KB 463ms
462ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-includes/css/dist/block-library/style.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 10523
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Aug 2021 10:58:06 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "13abe-5ca60200472c5-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 owl.carousel.min.css
www.captodayonline.com/wordpress/wp-content/plugins/content-randomizer/assets/css/ 5 KB
2 KB 459ms
458ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/content-randomizer/assets/css/owl.carousel.min.css

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

12e211aa8bea66a35dbd298b48405ce8ef87d4ca20f3c3e82557da2e582420a8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/content-randomizer/assets/css/owl.carousel.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache-nxaccel: MISS
x-sucuri-cache: MISS
content-length: 1149
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Dec 2018 20:43:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1201-57d8e4d769b80-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 newscodes.css
www.captodayonline.com/wordpress/wp-content/plugins/newscodes-news-magazine-and-blog-elements/lib/css/ 43 KB
5 KB 432ms
430ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/newscodes-news-magazine-and-blog-elements/lib/css/newscodes.css

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

f16b0eba165116b42a55bcda7142f1a5d541cf32e188d3e28f61faefa4bc00f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/newscodes-news-magazine-and-blog-elements/lib/css/newscodes.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache-nxaccel: MISS
x-sucuri-cache: MISS
content-length: 5065
x-xss-protection: 1; mode=block
last-modified: Sat, 12 May 2018 06:48:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "aac2-56bfca522b880-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 newscodes-styles.css
www.captodayonline.com/wordpress/wp-content/plugins/newscodes-news-magazine-and-blog-elements/lib/css/ 215 KB
11 KB 467ms
464ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/newscodes-news-magazine-and-blog-elements/lib/css/newscodes-styles.css

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

b2b50f2423e1261647720a7a2490804f15546cd8e00fd53931da27b9a826af0f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/newscodes-news-magazine-and-blog-elements/lib/css/newscodes-styles.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache-nxaccel: MISS
x-sucuri-cache: MISS
content-length: 10952
x-xss-protection: 1; mode=block
last-modified: Sat, 12 May 2018 06:48:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "35c3e-56bfca522b880-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.css
www.captodayonline.com/wordpress/wp-content/plugins/pdf-print/css/ 1 KB
793 B 462ms
459ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/pdf-print/css/frontend.css

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

dc8da374c97584d47b3b29ac809c6cf10c70cfc491dfb1f064963b0fccc1be29

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/pdf-print/css/frontend.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache-nxaccel: MISS
x-sucuri-cache: MISS
content-length: 356
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Aug 2021 09:24:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5ca-5ca5ecfa6b571-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 styles.css
www.captodayonline.com/wordpress/wp-content/plugins/related-posts-by-taxonomy/includes/assets/css/ 416 B
721 B 429ms
426ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/related-posts-by-taxonomy/includes/assets/css/styles.css

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

715d95401a0252ab3f290b8d318f8f6bfd0bf1163f025767fa065200c5e6f883

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/related-posts-by-taxonomy/includes/assets/css/styles.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache-nxaccel: MISS
x-sucuri-cache: MISS
content-length: 283
x-xss-protection: 1; mode=block
last-modified: Mon, 14 Dec 2020 19:04:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1a0-5b671514885d2-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpsm.css
www.captodayonline.com/wordpress/wp-content/plugins/wp-site-mapping/css/ 149 B
534 B 460ms
457ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/wp-site-mapping/css/wpsm.css

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

b9aaf1a696437a66958ec63b814088f9acbbf0ac1581f187203c5fca1030172f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/wp-site-mapping/css/wpsm.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache-nxaccel: MISS
x-sucuri-cache: MISS
content-length: 97
x-xss-protection: 1; mode=block
last-modified: Mon, 29 Jun 2015 18:57:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "95-519aca9c6ca40-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
www.captodayonline.com/wordpress/wp-content/themes/jarida/ 147 KB
28 KB 465ms
462ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/themes/jarida/style.css

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

723e2214e2572b9e2da79bd199d50405e3e7401593815beeb795d0f2a13c650a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/themes/jarida/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache-nxaccel: MISS
x-sucuri-cache: MISS
content-length: 28503
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Sep 2021 12:14:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "24c6c-5cb021e5059f9-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
www.captodayonline.com/wordpress/wp-content/themes/jarida-child/ 32 KB
7 KB 462ms
459ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/themes/jarida-child/style.css

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

fee9fb12b42ae8318557e4c74bb10631f593e502182e1de8e37de1fea871b5ad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/themes/jarida-child/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache-nxaccel: MISS
x-sucuri-cache: MISS
content-length: 6922
x-xss-protection: 1; mode=block
last-modified: Fri, 10 Sep 2021 07:06:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "7fe5-5cb9ebff21e9e-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
968 B 76ms
26ms Stylesheet
text/css 142.250.178.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C300italic%2Cregular%2Citalic%2C700%2C700italic

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f10.1e100.net

Software

ESF /

Resource Hash

c34906f621bed08d975d42900c107ad05e7633d06ecb202739f5a9a99af910f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 03:26:24 GMT
server: ESF
date: Tue, 14 Sep 2021 05:03:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Sep 2021 05:03:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 75ms
26ms Stylesheet
text/css 142.250.178.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3Aregular%2C700

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f10.1e100.net

Software

ESF /

Resource Hash

f66257ab22784df391afb687663d08dd4e33bf0c17fa871287a57e8f9d1caa80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 03:20:21 GMT
server: ESF
date: Tue, 14 Sep 2021 05:03:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Sep 2021 05:03:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 77ms
27ms Stylesheet
text/css 142.250.178.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A400%2C300%7COpen+Sans%3A700%2C400%2C400i%7CRoboto%3A700%2C400

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f10.1e100.net

Software

ESF /

Resource Hash

34adbebfe1cac62723b338516b5eb6bdeceaedc6aafa134d6a2e4cee323f48c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 05:03:11 GMT
server: ESF
date: Tue, 14 Sep 2021 05:03:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Sep 2021 05:03:11 GMT

GET
H2 200 eventon_styles.css
www.captodayonline.com/wordpress/wp-content/plugins/eventON/assets/css/ 98 KB
18 KB 471ms
469ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/eventON/assets/css/eventon_styles.css

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

781e1f1e4fb0b65f39b7ae8379a55490947bbd51238b8c139bf84ddc52cdd48b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/eventON/assets/css/eventon_styles.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache-nxaccel: MISS
x-sucuri-cache: MISS
content-length: 17888
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Sep 2019 11:46:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "186eb-5924592e978db-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 font-awesome.css
www.captodayonline.com/wordpress/wp-content/plugins/eventON/assets/fonts/ 37 KB
8 KB 436ms
434ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/eventON/assets/fonts/font-awesome.css

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

697e247c48b06b85ed0b993d6498c7b80c728474c204a1efde10043f280ef064

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/eventON/assets/fonts/font-awesome.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache-nxaccel: MISS
x-sucuri-cache: MISS
content-length: 7434
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Sep 2019 11:16:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "9210-59245263bb2c6-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 eventon_dynamic_styles.css
www.captodayonline.com/wordpress/wp-content/plugins/eventON/assets/css/ 11 KB
3 KB 474ms
471ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/eventON/assets/css/eventon_dynamic_styles.css

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

1fe530b67564cbcee821fe58c5809d6407b1d3fff2e24931357e3c30e04658bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/eventON/assets/css/eventon_dynamic_styles.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache-nxaccel: MISS
x-sucuri-cache: MISS
content-length: 2320
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Oct 2019 13:01:05 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "2cd4-59451a5063a9b-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 upw-theme-standard.min.css
www.captodayonline.com/wordpress/wp-content/plugins/ultimate-posts-widget/css/ 1018 B
791 B 464ms
462ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/ultimate-posts-widget/css/upw-theme-standard.min.css

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

cf833e5c78cd390e236192f2fb887cd9608fb8700c2b3465c4d26a85491ba7bf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/ultimate-posts-widget/css/upw-theme-standard.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache-nxaccel: MISS
x-sucuri-cache: MISS
content-length: 353
x-xss-protection: 1; mode=block
last-modified: Fri, 21 May 2021 16:08:39 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "3fa-5c2d945d9ebb9-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 el_styles.css
www.captodayonline.com/wordpress/wp-content/plugins/eventon-event-lists/assets/ 355 B
634 B 438ms
436ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/eventon-event-lists/assets/el_styles.css

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

625e47e7780fa457ab11354af29bf45a4b51b38fcf3d89821b1cdbb85e48b99a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/eventon-event-lists/assets/el_styles.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache-nxaccel: MISS
x-sucuri-cache: MISS
content-length: 196
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Apr 2017 19:11:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "163-54c47ec377640-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 evosl_styles.css
www.captodayonline.com/wordpress/wp-content/plugins/eventon-event-slider/assets/css/ 37 KB
5 KB 471ms
469ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/eventon-event-slider/assets/css/evosl_styles.css

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

d0d1374a6a21a9a52db9eb9178bd37d3ff04be6eee1fd62125d83cfd538024d2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/eventon-event-slider/assets/css/evosl_styles.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache-nxaccel: MISS
x-sucuri-cache: MISS
content-length: 5113
x-xss-protection: 1; mode=block
last-modified: Fri, 10 Feb 2017 20:43:08 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "952e-5483325302f00-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 addtoany.min.css
www.captodayonline.com/wordpress/wp-content/plugins/add-to-any/ 1 KB
924 B 440ms
439ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/add-to-any/addtoany.min.css

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/add-to-any/addtoany.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache-nxaccel: MISS
x-sucuri-cache: MISS
content-length: 487
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Aug 2021 09:22:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5ef-5ca5ec91e82bb-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
www.captodayonline.com/wordpress/wp-includes/js/jquery/ 87 KB
31 KB 455ms
454ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-includes/js/jquery/jquery.min.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-includes/js/jquery/jquery.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 30908
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Aug 2021 10:58:06 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "15db1-5ca602006fb36-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.captodayonline.com/wordpress/wp-includes/js/jquery/ 11 KB
5 KB 474ms
473ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-includes/js/jquery/jquery-migrate.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 4169
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Aug 2021 10:58:06 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "2bd8-5ca602006ef7e-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scroll-post-excerpt.js Show response
www.captodayonline.com/wordpress/wp-content/plugins/scroll-post-excerpt/ 2 KB
1 KB 453ms
452ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/scroll-post-excerpt/scroll-post-excerpt.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

3889ed2f335131213a72755064450719b184dc3e86c2bab322376e3903ed77de

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/scroll-post-excerpt/scroll-post-excerpt.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache-nxaccel: MISS
x-sucuri-cache: MISS
content-length: 1007
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Aug 2021 09:24:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "84d-5ca5ed0aaf68c-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 addtoany.min.js Show response
www.captodayonline.com/wordpress/wp-content/plugins/add-to-any/ 129 B
573 B 454ms
453ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/add-to-any/addtoany.min.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/add-to-any/addtoany.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache-nxaccel: MISS
x-sucuri-cache: MISS
content-length: 126
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Aug 2021 09:22:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "81-5ca5ec91e82bb-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 init-2.min.js Show response
cdn.broadstreetads.com/ 11 KB
5 KB 80ms
27ms Script
application/javascript 104.26.8.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.broadstreetads.com/init-2.min.js
Requested by: Host: www.captodayonline.com
URL: https://www.captodayonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16534145c570e8757046ab7f239531e4a9c80a4204fd3b696d99f1bf4f843b8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:11 GMT
via: 1.1 7cfba11baf6016eafce83142b99c8ff8.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 339650
x-cache: Hit from cloudfront
access-control-allow-methods: GET, HEAD
content-encoding: br
last-modified: Tue, 13 Apr 2021 02:04:35 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1618279473/ctime:1618279473/gid:20/gname:staff/md5:e060e1756873b8312c728e295a001693/mode:33188/mtime:1618279473/uid:501/uname:katzgrau
etag: W/"e060e1756873b8312c728e295a001693"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MiDepe%2BTeDSyWApnue9aXGPMGsXBaOs58OMwK3%2BfkYZp7gllby46V%2FqhDpD9ESrPPnzhoelqYcp14FW3BnyFCpe0IhwCeBLHm72ayESiUALU2zevYF4zqoT%2F%2FoGXh1T4VnOJG6XfMCY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=31536000
x-amz-cf-pop: PRG50-C1
cf-ray: 68e71141fdf02788-PRG
x-amz-cf-id: H7bck_f_xsPXpFJ5J2RNe6MAT7pvtFJ-w9ykPRVAE3fmCPByFdUq5g==

GET
H2 200 wp-emoji-release.min.js Show response
www.captodayonline.com/wordpress/wp-includes/js/ 18 KB
5 KB 133ms
133ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-includes/js/wp-emoji-release.min.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-includes/js/wp-emoji-release.min.js
pragma: no-cache
cookie: _nx-nocache=1; _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 4930
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Aug 2021 10:58:06 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "4705-5ca602007f91e-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 CTLogo2x-11_Final.jpg
captodayonline.com/wordpress/wp-content/uploads/2019/02/ 9 KB
10 KB 465ms
463ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://captodayonline.com/wordpress/wp-content/uploads/2019/02/CTLogo2x-11_Final.jpg

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

8eefcdc9ec63a3773147d5fb0da8f264dcc4e83b9a548bff79026f65e8531a58

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
x-content-type-options: nosniff
x-cache-nxaccel: MISS
x-sucuri-cache: MISS
content-length: 9540
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Feb 2019 19:38:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "2544-5816719433321"
vary: User-Agent
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Leilani_Valdes_110.jpg.webp
www.captodayonline.com/wordpress/wp-content/uploads/2021/04/ 3 KB
3 KB 463ms
463ms Image
image/webp 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.captodayonline.com/wordpress/wp-content/uploads/2021/04/Leilani_Valdes_110.jpg.webp

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

2c27fa37d6359445c1944dd8ab39dcff31738c8bdb77e421ea4f4609e8d9e1ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/uploads/2021/04/Leilani_Valdes_110.jpg.webp
pragma: no-cache
cookie: _nx-nocache=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 2758
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Apr 2021 17:41:39 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "ac6-5c0f7c6453a12"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 001_CAP_0721_portal.jpg.webp
www.captodayonline.com/wordpress/wp-content/uploads/2021/07/ 38 KB
38 KB 462ms
462ms Image
image/webp 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.captodayonline.com/wordpress/wp-content/uploads/2021/07/001_CAP_0721_portal.jpg.webp

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

b5f270fe61c68a3eaedb1931d219d13327fa1412a1c73d6bdf818ffac2e3a19e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/uploads/2021/07/001_CAP_0721_portal.jpg.webp
pragma: no-cache
cookie: _nx-nocache=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 38842
x-xss-protection: 1; mode=block
last-modified: Mon, 19 Jul 2021 19:36:16 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "97ba-5c77f0cff4d7e"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pixel.jpg
www.captodayonline.com/ 271 B
700 B 125ms
124ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.captodayonline.com/pixel.jpg

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

259eb78b308e33c67162994708164c97f80b8fc17b9b011bd8a452ef8e180326

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /pixel.jpg
pragma: no-cache
cookie: _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 271
x-xss-protection: 1; mode=block
last-modified: Fri, 06 Aug 2021 20:35:47 GMT
server: nginx
etag: "10f-5c8e9fafc909d"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.js Show response
www.captodayonline.com/wordpress/wp-content/themes/jarida-child/js/ 274 KB
82 KB 139ms
139ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/themes/jarida-child/js/jquery.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/themes/jarida-child/js/jquery.js
pragma: no-cache
cookie: _nx-nocache=1; _nx-nocache=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Sep 2021 12:14:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "4472c-5cb021e500021-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-ui.min.js Show response
www.captodayonline.com/wordpress/wp-content/themes/jarida-child/js/ 235 KB
64 KB 137ms
136ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/themes/jarida-child/js/jquery-ui.min.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/themes/jarida-child/js/jquery-ui.min.js
pragma: no-cache
cookie: _nx-nocache=1; _nx-nocache=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Sep 2021 12:14:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "3ab2b-5cb021e4ff851-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-compear-public2.js Show response
www.captodayonline.com/wordpress/wp-content/plugins/wp-compear/public/js/ 10 KB
4 KB 129ms
124ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/wp-compear/public/js/wp-compear-public2.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

33b53209b217e090865c03d72ade86ad00aa749167eb3f0af970f09f1127178a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/wp-compear/public/js/wp-compear-public2.js
pragma: no-cache
cookie: _nx-nocache=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 3410
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Feb 2020 09:10:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "29ff-59d800f194010-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Xifin.jpg
www.captodayonline.com/wordpress/wp-content/uploads/2020/01/ 2 KB
2 KB 134ms
134ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.captodayonline.com/wordpress/wp-content/uploads/2020/01/Xifin.jpg

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

dd05316535bb07e27cd7e71d5c22743839484eab193b92df3247f7d34c7ef8af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/uploads/2020/01/Xifin.jpg
pragma: no-cache
cookie: _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 1549
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Jan 2020 01:44:23 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60d-59c23d91232bc"
vary: User-Agent
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 BeckmanCoulter.jpg
www.captodayonline.com/wordpress/wp-content/uploads/2020/01/ 5 KB
6 KB 127ms
127ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.captodayonline.com/wordpress/wp-content/uploads/2020/01/BeckmanCoulter.jpg

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

021509972df8c3147873411dba47e5e19ace133537a1d1872c1d0ea1d36064a3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/uploads/2020/01/BeckmanCoulter.jpg
pragma: no-cache
cookie: _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 5558
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Jan 2020 21:37:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "15b6-59c0c488b0cec"
vary: User-Agent
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Sysmex2.jpg
www.captodayonline.com/wordpress/wp-content/uploads/2019/12/ 3 KB
3 KB 126ms
125ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.captodayonline.com/wordpress/wp-content/uploads/2019/12/Sysmex2.jpg

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

1015adc72eed80e54069a85f93be4c1732eca42801fde66d2c89928f34b52cd7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/uploads/2019/12/Sysmex2.jpg
pragma: no-cache
cookie: _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 2836
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jan 2020 21:52:19 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "b14-59c48d6d063d0"
vary: User-Agent
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

;libID=3074970
servedbyadbutler.com/getad.img/
Redirect Chain

https://servedbyadbutler.com/adserve/;ID=161097;size=300x250;setID=376181;type=img;click=CLICK_MACRO_PLACEHOLDER
https://servedbyadbutler.com/getad.img/;libID=3074970

37 KB
37 KB

11ms
11ms

Image
image/jpeg

116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/getad.img/;libID=3074970
Requested by: Host: www.captodayonline.com
URL: https://www.captodayonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 5a81e2b778cad9e615675547cb003fd8f04d1eea3910fe6f2fb5ff99cc58a406

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Tue, 20 Apr 2021 04:27:35 GMT
server: nginx
etag: "607e5837-937b"
content-type: image/jpeg
access-control-allow-origin: https://www.captodayonline.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="PIQH_BRD_ARCHIVAL-TISSUE-STATIC_STANDARD_BST-1239673_STATIC_300X250.jpg"
accept-ranges: bytes
content-length: 37755
expires: Tue, 13 Sep 2022 22:03:12 PDT

Redirect headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
server: nginx
location: https://servedbyadbutler.com/getad.img/;libID=3074970
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 vertical-scroll-recent-post.css
www.captodayonline.com/wordpress/wp-content/plugins/vertical-scroll-recent-post/ 2 KB
1 KB 132ms
126ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/vertical-scroll-recent-post/vertical-scroll-recent-post.css

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

c3a00a75c23be07932691585848331a4835a9d3757ae14b562d5858978e44d80

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/vertical-scroll-recent-post/vertical-scroll-recent-post.css
pragma: no-cache
cookie: _nx-nocache=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 617
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Aug 2021 09:24:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "61d-5ca5ed183f56a-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hustle-icons.min.css
www.captodayonline.com/wordpress/wp-content/plugins/hustle/assets/hustle-ui/css/ 3 KB
1 KB 432ms
427ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/hustle/assets/hustle-ui/css/hustle-icons.min.css

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

575222ea10db811ac8e4ffceb957f05d4bef4f243114cf3f3d170cf8fea740ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/hustle/assets/hustle-ui/css/hustle-icons.min.css
pragma: no-cache
cookie: _nx-nocache=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 793
x-xss-protection: 1; mode=block
last-modified: Sat, 21 Aug 2021 12:27:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "aae-5ca10e89f418f-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hustle-global.min.css
www.captodayonline.com/wordpress/wp-content/plugins/hustle/assets/hustle-ui/css/ 44 KB
4 KB 446ms
441ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/hustle/assets/hustle-ui/css/hustle-global.min.css

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

56a7634e780a81c7a2a3d32ae6aafd6dca96d49191f40e604e481d7f49296765

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/hustle/assets/hustle-ui/css/hustle-global.min.css
pragma: no-cache
cookie: _nx-nocache=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 3386
x-xss-protection: 1; mode=block
last-modified: Sat, 21 Aug 2021 12:27:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "aef8-5ca10e89f418f-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hustle-optin.min.css
www.captodayonline.com/wordpress/wp-content/plugins/hustle/assets/hustle-ui/css/ 80 KB
7 KB 153ms
153ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/hustle/assets/hustle-ui/css/hustle-optin.min.css

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

f183478cc8cdab31b2153c9dccd9cc5cae51f70cbc1e31188d251b444a01b41a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/hustle/assets/hustle-ui/css/hustle-optin.min.css
pragma: no-cache
cookie: _nx-nocache=1; _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 6787
x-xss-protection: 1; mode=block
last-modified: Sat, 21 Aug 2021 12:27:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1409c-5ca10e89f4577-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hustle-popup.min.css
www.captodayonline.com/wordpress/wp-content/plugins/hustle/assets/hustle-ui/css/ 45 KB
4 KB 128ms
127ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/hustle/assets/hustle-ui/css/hustle-popup.min.css

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

26be1cb3b1d6b918b1aea1381e92f097478c9f841a9b84c77ad2e70adb914156

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/hustle/assets/hustle-ui/css/hustle-popup.min.css
pragma: no-cache
cookie: _nx-nocache=1; _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 3298
x-xss-protection: 1; mode=block
last-modified: Sat, 21 Aug 2021 12:27:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "b419-5ca10e89f4577-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hustle-slidein.min.css
www.captodayonline.com/wordpress/wp-content/plugins/hustle/assets/hustle-ui/css/ 14 KB
2 KB 131ms
131ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/hustle/assets/hustle-ui/css/hustle-slidein.min.css

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

77775b5de518e431e04e0a56aebae975ae0167de08872b44fa583cca39bee32f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/hustle/assets/hustle-ui/css/hustle-slidein.min.css
pragma: no-cache
cookie: _nx-nocache=1; _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 1286
x-xss-protection: 1; mode=block
last-modified: Sat, 21 Aug 2021 12:27:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "3856-5ca10e89f4577-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
739 B 33ms
29ms Stylesheet
text/css 142.250.178.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3Aregular%2Cbold%2C700&display=swap

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f10.1e100.net

Software

ESF /

Resource Hash

4cccc3d4fe1b7cd4f3ed2c066b67bf08eb37dca00ef9888edc499a78d126b531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 05:03:12 GMT
server: ESF
date: Tue, 14 Sep 2021 05:03:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Sep 2021 05:03:12 GMT

GET
H2 200 evoslider.js Show response
www.captodayonline.com/wordpress/wp-content/plugins/eventon-event-slider/assets/js/ 50 KB
8 KB 136ms
136ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/eventon-event-slider/assets/js/evoslider.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

ac110d6a3657450816bd39550313cd79995496cf9cd7b3d1d202f8df441bee21

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/eventon-event-slider/assets/js/evoslider.js
pragma: no-cache
cookie: _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 7316
x-xss-protection: 1; mode=block
last-modified: Fri, 10 Feb 2017 20:43:08 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "c71c-5483325302f00-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SL_script.js Show response
www.captodayonline.com/wordpress/wp-content/plugins/eventon-event-slider/assets/js/ 6 KB
2 KB 127ms
126ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/eventon-event-slider/assets/js/SL_script.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

5d1576bd25ac7eaf4376031bf1b0e24c07cc59838d687c1b1b36432711909730

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/eventon-event-slider/assets/js/SL_script.js
pragma: no-cache
cookie: _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 1065
x-xss-protection: 1; mode=block
last-modified: Fri, 10 Feb 2017 20:43:08 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1662-5483325302f00-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dtgsnonce.js Show response
www.captodayonline.com/wordpress/wp-content/plugins/data-tables-generator-by-supsystic/app/assets/js/ 41 B
512 B 133ms
133ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/data-tables-generator-by-supsystic/app/assets/js/dtgsnonce.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

2e599dfaffe056d6e6f7f19cd3e1d47169ac4468bd9fb2f9f4033940f7fc7584

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/data-tables-generator-by-supsystic/app/assets/js/dtgsnonce.js
pragma: no-cache
cookie: _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: br
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Aug 2021 09:23:29 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"29-5ca5ecda372fb"
vary: Accept-Encoding User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 owl.carousel.min.js Show response
www.captodayonline.com/wordpress/wp-content/plugins/content-randomizer/assets/js/ 39 KB
11 KB 131ms
130ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/content-randomizer/assets/js/owl.carousel.min.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/content-randomizer/assets/js/owl.carousel.min.js
pragma: no-cache
cookie: _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 10522
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Dec 2018 20:43:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "9dd1-57d8e4d769b80-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 newscodes.js Show response
www.captodayonline.com/wordpress/wp-content/plugins/newscodes-news-magazine-and-blog-elements/lib/js/ 14 KB
4 KB 131ms
131ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/newscodes-news-magazine-and-blog-elements/lib/js/newscodes.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

0583be2dbbb5950d9e45270fcba7432c9297977c97e13359d205497871892258

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/newscodes-news-magazine-and-blog-elements/lib/js/newscodes.js
pragma: no-cache
cookie: _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 4006
x-xss-protection: 1; mode=block
last-modified: Sat, 12 May 2018 06:48:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "36d1-56bfca522b880-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-advertize-it.js Show response
www.captodayonline.com/wordpress/wp-content/plugins/wp-advertize-it/javascript/ 2 KB
1 KB 127ms
126ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/wp-advertize-it/javascript/wp-advertize-it.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

e67155dc4d29a7b3e80105728a979986583e7b46c18bc9b178e91b9fb170cf21

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/wp-advertize-it/javascript/wp-advertize-it.js
pragma: no-cache
cookie: _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 682
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Oct 2018 18:47:57 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "702-579769fc2d140-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-site-mapping.js Show response
www.captodayonline.com/wordpress/wp-content/plugins/wp-site-mapping/javascript/ 588 B
767 B 125ms
124ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/wp-site-mapping/javascript/wp-site-mapping.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

3cc7850691b15a01ee0617bf84b553e5b556590fab8bcc00cf46d16c813a792c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/wp-site-mapping/javascript/wp-site-mapping.js
pragma: no-cache
cookie: _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 283
x-xss-protection: 1; mode=block
last-modified: Mon, 29 Jun 2015 18:57:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "24c-519aca9c6ca40-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
989 B 110ms
37ms Script
text/javascript 216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&hl=en_US

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s28-in-f4.1e100.net

Software

GSE /

Resource Hash

0dec9aeb51462b308a63c0764200387b953392d7012b91c096b2ca88ddb59ba0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Tue, 14 Sep 2021 05:03:12 GMT

GET
H2 200 core.min.js Show response
www.captodayonline.com/wordpress/wp-includes/js/jquery/ui/ 20 KB
7 KB 142ms
142ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-includes/js/jquery/ui/core.min.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-includes/js/jquery/ui/core.min.js
pragma: no-cache
cookie: _nx-nocache=1; _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 6865
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Aug 2021 10:58:06 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5133-5ca602006c86e-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 datepicker.min.js Show response
www.captodayonline.com/wordpress/wp-includes/js/jquery/ui/ 35 KB
11 KB 132ms
131ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-includes/js/jquery/ui/datepicker.min.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

9fd95260ee110232e2e143adfb5c5f0df7ffee9d2513288ff4102d9e401c663c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-includes/js/jquery/ui/datepicker.min.js
pragma: no-cache
cookie: _nx-nocache=1; _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 10743
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Aug 2021 10:58:06 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8d34-5ca602006eb96-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hustle-ui.min.js Show response
www.captodayonline.com/wordpress/wp-content/plugins/hustle/assets/hustle-ui/js/ 101 KB
29 KB 148ms
148ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/hustle/assets/hustle-ui/js/hustle-ui.min.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

0969d06336bfabbe2ce45a111e772ee05034d5765676a38fffc5f49ca714fede

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/hustle/assets/hustle-ui/js/hustle-ui.min.js
pragma: no-cache
cookie: _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 28679
x-xss-protection: 1; mode=block
last-modified: Sat, 21 Aug 2021 12:27:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1941e-5ca10e89f4d47-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 underscore.min.js Show response
www.captodayonline.com/wordpress/wp-includes/js/ 19 KB
8 KB 135ms
135ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-includes/js/underscore.min.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-includes/js/underscore.min.js
pragma: no-cache
cookie: _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 7319
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Aug 2021 10:58:06 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "4a84-5ca602007b6b6-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 front.min.js Show response
www.captodayonline.com/wordpress/wp-content/plugins/hustle/assets/js/ 44 KB
14 KB 157ms
157ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/hustle/assets/js/front.min.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

0316b72f495eccd250501fdb25c8f9253f9ccd364e70d64e092ee5580c7ffa0e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/hustle/assets/js/front.min.js
pragma: no-cache
cookie: _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 14286
x-xss-protection: 1; mode=block
last-modified: Sat, 21 Aug 2021 12:27:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "b170-5ca10e8a00caf-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tie-scripts.js Show response
www.captodayonline.com/wordpress/wp-content/themes/jarida/js/ 63 KB
18 KB 150ms
150ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/themes/jarida/js/tie-scripts.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

650d721f07cb4a6d23313e4fb253a58ae16dbdd91e85692c1610cded90136e8e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/themes/jarida/js/tie-scripts.js
pragma: no-cache
cookie: _nx-nocache=1; _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 18178
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Sep 2021 12:14:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "fdf8-5cb021e50a819-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 eventon_functions.js Show response
www.captodayonline.com/wordpress/wp-content/plugins/eventON/assets/js/ 3 KB
1 KB 133ms
132ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/eventON/assets/js/eventon_functions.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

8873d132587d9fbf2dd4cf2b04d44360c3b42837d233ecf2f94ed864d2c7eb5d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/eventON/assets/js/eventon_functions.js
pragma: no-cache
cookie: _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 964
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Sep 2019 11:16:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "ce6-592452659b279-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 handlebars.js Show response
www.captodayonline.com/wordpress/wp-content/plugins/eventON/assets/js/ 74 KB
23 KB 153ms
152ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/eventON/assets/js/handlebars.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

f89307b17472793b30b3fb736c887960743145d282b8d8e6bcd71316d63a0cb7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/eventON/assets/js/handlebars.js
pragma: no-cache
cookie: _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 22694
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Sep 2019 11:16:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "12630-59245265b6411-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.mobile.min.js Show response
www.captodayonline.com/wordpress/wp-content/plugins/eventON/assets/js/ 13 KB
3 KB 132ms
132ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/eventON/assets/js/jquery.mobile.min.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

f85fb393b0934a0f339cb2b0c253c86e4f6c0eca7040263c41a834833846bd17

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/eventON/assets/js/jquery.mobile.min.js
pragma: no-cache
cookie: _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 2743
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Sep 2019 11:16:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "3549-59245265e6982-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.mousewheel.min.js Show response
www.captodayonline.com/wordpress/wp-content/plugins/eventON/assets/js/ 1 KB
1 KB 126ms
125ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/eventON/assets/js/jquery.mousewheel.min.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

c8104390115f92b27003b1e4e503ef59343ccfef4ac19751093544e8cfaeae26

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/eventON/assets/js/jquery.mousewheel.min.js
pragma: no-cache
cookie: _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 716
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Sep 2019 11:16:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "570-59245265ecb2a-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 eventon_script.js Show response
www.captodayonline.com/wordpress/wp-content/plugins/eventON/assets/js/ 41 KB
11 KB 156ms
153ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/eventON/assets/js/eventon_script.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

8a682316d9be7e6c5dc89edfde8caf97e5c2c73b0c850e56168d9b701a5c5061

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/eventON/assets/js/eventon_script.js
pragma: no-cache
cookie: _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 10462
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Sep 2019 11:16:17 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "a45d-59245265b5089-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-embed.min.js Show response
www.captodayonline.com/wordpress/wp-includes/js/ 1 KB
1 KB 130ms
127ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-includes/js/wp-embed.min.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-includes/js/wp-embed.min.js
pragma: no-cache
cookie: _nx-nocache=1; _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 765
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Aug 2021 10:58:06 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "592-5ca602007ce26-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vertical-scroll-recent-post.js Show response
www.captodayonline.com/wordpress/wp-content/plugins/vertical-scroll-recent-post/ 8 KB
3 KB 124ms
123ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/vertical-scroll-recent-post/vertical-scroll-recent-post.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

935692b608b2c063bdea285ca554ea0f958dd9c5373d23d23ffd278696af3ec1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/plugins/vertical-scroll-recent-post/vertical-scroll-recent-post.js
pragma: no-cache
cookie: _nx-nocache=1; _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 2197
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Aug 2021 09:24:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1eb4-5ca5ed183f56a-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 84 KB
29 KB 75ms
29ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11639
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 14 May 2021 06:41:59 GMT
server: cloudflare
etag: W/"14f2c-5c2448a7281f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 68e71145dc022794-PRG
cf-bgj: minify

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 112 KB
44 KB 93ms
43ms Script
application/javascript 142.250.178.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5SJ4BKF

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d0f54d1ee1881fcbd96963d778a6eb43daf76ed9d8a2d3dde8d64a83a8a02bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44292
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Sep 2021 05:03:12 GMT

GET
H/1.1 200
OK 7035.js Show response
ad.broadstreetads.com/ndisplay/ 0
356 B 489ms
101ms Script
application/javascript 54.235.81.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.broadstreetads.com/ndisplay/7035.js
Requested by: Host: cdn.broadstreetads.com
URL: https://cdn.broadstreetads.com/init-2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.81.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-81-255.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 14 Sep 2021 05:03:12 GMT
Connection: keep-alive
Content-Length: 0
x-hostname: ip-10-149-200-209
content-type: application/javascript

GET
H2 200 body-bg7.png
www.captodayonline.com/wordpress/wp-content/themes/jarida/images/patterns/ 21 KB
21 KB 460ms
460ms Image
image/png 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.captodayonline.com/wordpress/wp-content/themes/jarida/images/patterns/body-bg7.png

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/themes/jarida/images/patterns/body-bg7.png
pragma: no-cache
cookie: _nx-nocache=1; _nx-nocache=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 21146
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Sep 2021 12:14:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "529a-5cb021e50cb41"
vary: User-Agent
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 top-shadow.png
www.captodayonline.com/wordpress/wp-content/themes/jarida/images/ 6 KB
6 KB 471ms
470ms Image
image/png 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.captodayonline.com/wordpress/wp-content/themes/jarida/images/top-shadow.png

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/wordpress/wp-content/themes/jarida/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

e68b5dff23d173599878ccfd05892f57a52ea1330cf5f32e4645df7b718bba10

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/themes/jarida/images/top-shadow.png
pragma: no-cache
cookie: _nx-nocache=1; _nx-nocache=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/wordpress/wp-content/themes/jarida/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/wordpress/wp-content/themes/jarida/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 5679
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Sep 2021 12:14:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "162f-5cb021e50c371"
vary: User-Agent
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
fonts.gstatic.com/s/oswald/v40/ 24 KB
24 KB 70ms
19ms Font
font/woff2 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v40/TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C300%7COpen+Sans%3A700%2C400%2C400i%7CRoboto%3A700%2C400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

6c76479768857b5db034bf4673213a475a39fa49b80aa09b21d024291dac1253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.captodayonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 20:12:22 GMT
x-content-type-options: nosniff
age: 550250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24104
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:16:59 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 20:12:22 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 96ms
46ms Font
font/woff2 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C300italic%2Cregular%2Citalic%2C700%2C700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.captodayonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 17:28:10 GMT
x-content-type-options: nosniff
age: 128102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15720
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 17:28:10 GMT

GET
H2 200 tiefontello.woff
www.captodayonline.com/wordpress/wp-content/themes/jarida/fonts/ 17 KB
18 KB 450ms
450ms Font
application/font-woff 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/themes/jarida/fonts/tiefontello.woff

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/wordpress/wp-content/themes/jarida/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

2f7278cc9f52fbafcb479c7c60c14d119a396c6b2b2c0a968f637a1562f69efa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.captodayonline.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: _nx-nocache=1; _nx-nocache=1
:path: /wordpress/wp-content/themes/jarida/fonts/tiefontello.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/wordpress/wp-content/themes/jarida/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.captodayonline.com/wordpress/wp-content/themes/jarida/style.css
Origin: https://www.captodayonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 17876
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Sep 2021 12:14:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "45d4-5cb021e50ea81"
vary: User-Agent
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.js Show response
servedbyadbutler.com/ 55 KB
11 KB 13ms
12ms Script
application/javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/app.js
Requested by: Host: www.captodayonline.com
URL: https://www.captodayonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: d667eb81ed1272cb8be644bb1277bd4a3b2a38adf5a134e68ada86c5414220f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
last-modified: Fri, 13 Aug 2021 18:07:41 GMT
server: nginx
etag: W/"6116b4ed-da29"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
expires: Tue, 14 Sep 2021 05:33:12 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 66ms
38ms Font
font/woff2 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C300italic%2Cregular%2Citalic%2C700%2C700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.captodayonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 10:01:32 GMT
x-content-type-options: nosniff
age: 68500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 10:01:32 GMT

GET
H2 200 ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 17 KB
17 KB 83ms
56ms Font
font/woff2 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C300italic%2Cregular%2Citalic%2C700%2C700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

32c08e1eb8a5b0469f36408aff182967571b49017470c32152e9a44023785270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.captodayonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 13:37:34 GMT
x-content-type-options: nosniff
age: 228338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17352
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:43 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Sep 2022 13:37:34 GMT

GET
H2 200 Alicia_Algeciras-Schimnich.jpg.webp
www.captodayonline.com/wordpress/wp-content/uploads/2021/08/ 4 KB
5 KB 461ms
461ms Image
image/webp 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.captodayonline.com/wordpress/wp-content/uploads/2021/08/Alicia_Algeciras-Schimnich.jpg.webp

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

7575915a6afe615c5aea0544fab19317be2288ea44f9970d1fcb53d5d2b18242

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/uploads/2021/08/Alicia_Algeciras-Schimnich.jpg.webp
pragma: no-cache
cookie: _nx-nocache=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 4202
x-xss-protection: 1; mode=block
last-modified: Fri, 13 Aug 2021 16:34:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "106a-5c9736d62b998"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Bull_Tony.jpg.webp
www.captodayonline.com/wordpress/wp-content/uploads/2021/08/ 5 KB
5 KB 461ms
461ms Image
image/webp 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.captodayonline.com/wordpress/wp-content/uploads/2021/08/Bull_Tony.jpg.webp

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

e280ffa93f9b891fa6b5c413515c80f10bca1f3017b78d796f095d120b2b023b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/uploads/2021/08/Bull_Tony.jpg.webp
pragma: no-cache
cookie: _nx-nocache=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 4634
x-xss-protection: 1; mode=block
last-modified: Fri, 13 Aug 2021 16:39:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "121a-5c9737fb9adb1"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Reyes-Gil_Morayma.jpg.webp
www.captodayonline.com/wordpress/wp-content/uploads/2021/08/ 3 KB
4 KB 128ms
128ms Image
image/webp 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.captodayonline.com/wordpress/wp-content/uploads/2021/08/Reyes-Gil_Morayma.jpg.webp

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

54dad513902bf20eb6a19099646812c86f24cde7351c462dfc7e827d1a985d1f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/uploads/2021/08/Reyes-Gil_Morayma.jpg.webp
pragma: no-cache
cookie: _nx-nocache=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 3580
x-xss-protection: 1; mode=block
last-modified: Fri, 13 Aug 2021 16:50:02 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "dfc-5c973a483efb4"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Raich_Mick.jpg
www.captodayonline.com/wordpress/wp-content/uploads/2019/09/ 9 KB
10 KB 142ms
142ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.captodayonline.com/wordpress/wp-content/uploads/2019/09/Raich_Mick.jpg

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

36e5beaa00abc016e80155d4a55ebb392d2b04008f96ee58a934ed13c96a663c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/uploads/2019/09/Raich_Mick.jpg
pragma: no-cache
cookie: _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 9330
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Sep 2019 16:59:57 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "2472-59249f369c531"
vary: User-Agent
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 631-EUROIMMUN.jpg.webp
www.captodayonline.com/wordpress/wp-content/uploads/2021/08/ 90 KB
90 KB 180ms
180ms Image
image/webp 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.captodayonline.com/wordpress/wp-content/uploads/2021/08/631-EUROIMMUN.jpg.webp

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

0591da51145b56284a068a6857f03cc383af4205ad1ab4a0e42f453fc270e3c6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wordpress/wp-content/uploads/2021/08/631-EUROIMMUN.jpg.webp
pragma: no-cache
cookie: _nx-nocache=1; _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 91830
x-xss-protection: 1; mode=block
last-modified: Fri, 13 Aug 2021 20:23:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "166b6-5c976a032eb5b"
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ;ID=161097;size=300x250;setID=311039;type=js;sw=1600;sh=1200;spr=1;kw=;pid=3588639;place=1;rnd=3588639;click=CLICK_MACRO_PLACEHOLDER Show response
servedbyadbutler.com/adserve/ 2 KB
2 KB 28ms
28ms Script
application/x-javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;ID=161097;size=300x250;setID=311039;type=js;sw=1600;sh=1200;spr=1;kw=;pid=3588639;place=1;rnd=3588639;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: www.captodayonline.com
URL: https://www.captodayonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 9797a260bdebad827419ad4a661f7dd858a44b93e843824647c379418aefd4ff

Request headers

Referer: https://www.captodayonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
server: nginx
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/x-javascript
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;libID=3166821
servedbyadbutler.com/getad.img/ 27 KB
27 KB 16ms
16ms Image
image/png 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/getad.img/;libID=3166821
Requested by: Host: www.captodayonline.com
URL: https://www.captodayonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 018a1483a50eeca87137a42262b23115c001693573fb579d32859478a009d4d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Wed, 16 Jun 2021 16:50:21 GMT
server: nginx
etag: "60ca2bcd-6b1b"
content-type: image/png
access-control-allow-origin: https://www.captodayonline.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="Agena-Banner-SC2Vv3-300x250-v01.png"
accept-ranges: bytes
content-length: 27419
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 ;ID=161097;size=1x1;type=pixel;setID=311039;plid=1591355;BID=520486728;place=1;wt=1631595802;rnd=30553;v=1
servedbyadbutler.com/adserve/ 43 B
325 B 16ms
16ms Image
image/gif 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/adserve/;ID=161097;size=1x1;type=pixel;setID=311039;plid=1591355;BID=520486728;place=1;wt=1631595802;rnd=30553;v=1
Requested by: Host: www.captodayonline.com
URL: https://www.captodayonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
server: nginx
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-disposition: filename="blank.gif"
content-type: image/gif;charset=utf-8
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;ID=161097;size=300x250;setID=311039;type=js;sw=1600;sh=1200;spr=1;kw=;pid=3588639;place=2;rnd=3588639;click=CLICK_MACRO_PLACEHOLDER Show response
servedbyadbutler.com/adserve/ 2 KB
2 KB 20ms
20ms Script
application/x-javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;ID=161097;size=300x250;setID=311039;type=js;sw=1600;sh=1200;spr=1;kw=;pid=3588639;place=2;rnd=3588639;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: www.captodayonline.com
URL: https://www.captodayonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 7d015cce3de9dbf5673f465f85e64c90397c339d2f66807adb4384dab78b8c13

Request headers

Referer: https://www.captodayonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
server: nginx
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/x-javascript
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ 8 KB
4 KB 97ms
28ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/adserve/;ID=161097;size=300x250;setID=311039;type=js;sw=1600;sh=1200;spr=1;kw=;pid=3588639;place=2;rnd=3588639;click=CLICK_MACRO_PLACEHOLDER

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

sffe /

Resource Hash

0b6cec745f5a40eb153f0706b709df292d27ddc40cef71204585a8f400306124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.captodayonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 14 Sep 2021 04:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3983
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:20:02 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 14 Sep 2021 05:07:35 GMT

GET
H2 200 ;ID=161097;size=1x1;type=pixel;setID=311039;plid=1591615;BID=520487461;place=2;wt=1631595802;rnd=28015;v=1
servedbyadbutler.com/adserve/ 43 B
325 B 14ms
14ms Image
image/gif 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/adserve/;ID=161097;size=1x1;type=pixel;setID=311039;plid=1591615;BID=520487461;place=2;wt=1631595802;rnd=28015;v=1
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/adserve/;ID=161097;size=300x250;setID=311039;type=js;sw=1600;sh=1200;spr=1;kw=;pid=3588639;place=2;rnd=3588639;click=CLICK_MACRO_PLACEHOLDER
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
server: nginx
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-disposition: filename="blank.gif"
content-type: image/gif;charset=utf-8
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;ID=161097;size=728x90;setID=146005;type=async;domid=placement_146005_0;place=0;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLAC... Show response
servedbyadbutler.com/adserve/ 1 KB
1 KB 24ms
24ms Script
application/x-javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;ID=161097;size=728x90;setID=146005;type=async;domid=placement_146005_0;place=0;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 7a49e11fdf8c5ee9345cd15bde5c1f3c4da39eec375ea478d7e108c7fc4790b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
server: nginx
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/x-javascript
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;ID=161097;size=160x600;setID=188685;type=async;domid=placement_188685_0;place=0;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLA... Show response
servedbyadbutler.com/adserve/ 1 KB
1 KB 35ms
35ms Script
application/x-javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;ID=161097;size=160x600;setID=188685;type=async;domid=placement_188685_0;place=0;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: fc0c4b5b6d914f3705023bd3213e4589cd9e88ee7c3bb68b111240f9e608d1f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
server: nginx
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/x-javascript
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;ID=161097;size=160x600;setID=145718;type=async;domid=placement_145718_0;place=0;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLA... Show response
servedbyadbutler.com/adserve/ 3 KB
3 KB 37ms
37ms Script
application/x-javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;ID=161097;size=160x600;setID=145718;type=async;domid=placement_145718_0;place=0;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: b7f6c365b5a0d02f02c11abbad2c387e020e57bc2d40539c13c62c8d85b91b2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
server: nginx
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/x-javascript
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;ID=161097;size=300x250;setID=311039;type=async;domid=placement_311039_0;place=0;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLA... Show response
servedbyadbutler.com/adserve/ 2 KB
2 KB 17ms
17ms Script
application/x-javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;ID=161097;size=300x250;setID=311039;type=async;domid=placement_311039_0;place=0;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: d0fca88fcf134d331b92bc2399862901c84cb41038154cc2d96a37fe98de2afe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
server: nginx
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/x-javascript
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;ID=161097;size=300x250;setID=428275;type=async;domid=placement_428275_0;place=0;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLA... Show response
servedbyadbutler.com/adserve/ 1 KB
1 KB 38ms
37ms Script
application/x-javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;ID=161097;size=300x250;setID=428275;type=async;domid=placement_428275_0;place=0;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3f854c479a4e52dc4f085cd8c82764b5d925254c2af905490e6f1cf7e41049b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
server: nginx
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/x-javascript
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;ID=161097;size=300x250;setID=387791;type=async;domid=placement_387791_0;place=0;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLA... Show response
servedbyadbutler.com/adserve/ 2 KB
2 KB 32ms
32ms Script
application/x-javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;ID=161097;size=300x250;setID=387791;type=async;domid=placement_387791_0;place=0;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 282165eed082eba7502a1fd01bdc47a65bc4053ee5fc8496b9e3aa62b25e77a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
server: nginx
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/x-javascript
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;ID=161097;size=160x600;setID=145718;type=async;domid=placement_145718_1;place=1;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLA... Show response
servedbyadbutler.com/adserve/ 3 KB
3 KB 35ms
35ms Script
application/x-javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;ID=161097;size=160x600;setID=145718;type=async;domid=placement_145718_1;place=1;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e030af062a5c9278acc7efd5698a7013aae82d0ffd028b6f711d0650f98e9771

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
server: nginx
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/x-javascript
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;ID=161097;size=300x250;setID=428275;type=async;domid=placement_428275_1;place=1;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLA... Show response
servedbyadbutler.com/adserve/ 1 KB
1 KB 35ms
35ms Script
application/x-javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;ID=161097;size=300x250;setID=428275;type=async;domid=placement_428275_1;place=1;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 61c293880924875a5b1170d9908d4c03bdb9cf6b37be3feebb0b585bb3989a7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
server: nginx
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/x-javascript
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;ID=161097;size=300x250;setID=387791;type=async;domid=placement_387791_1;place=1;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLA... Show response
servedbyadbutler.com/adserve/ 1 KB
1 KB 31ms
31ms Script
application/x-javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;ID=161097;size=300x250;setID=387791;type=async;domid=placement_387791_1;place=1;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: a50ff2590b2c85da1f9a07c7eb91408df549dd48d652ac75ef0c0d283ef70b3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
server: nginx
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/x-javascript
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;ID=161097;size=160x600;setID=188685;type=async;domid=placement_188685_1;place=1;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F Show response
servedbyadbutler.com/adserve/ 1 KB
1 KB 33ms
33ms Script
application/x-javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;ID=161097;size=160x600;setID=188685;type=async;domid=placement_188685_1;place=1;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 9c260edc399b3f8551e1419aac342fcc11f55c760437bb704658fec413f9ce7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
server: nginx
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/x-javascript
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;ID=161097;size=160x600;setID=145718;type=async;domid=placement_145718_2;place=2;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLA... Show response
servedbyadbutler.com/adserve/ 3 KB
3 KB 35ms
35ms Script
application/x-javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;ID=161097;size=160x600;setID=145718;type=async;domid=placement_145718_2;place=2;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 4994d259cb63949761b1067f41ce1e6da1e747ae15cda411bf2133aa8b6c0f04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
server: nginx
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/x-javascript
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;ID=161097;size=300x250;setID=428275;type=async;domid=placement_428275_2;place=2;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLA... Show response
servedbyadbutler.com/adserve/ 2 KB
2 KB 31ms
31ms Script
application/x-javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;ID=161097;size=300x250;setID=428275;type=async;domid=placement_428275_2;place=2;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 9ca49341a110c6c9ceb0761fcf6e58f9792f25a758ae991c821b508b55963186

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
server: nginx
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/x-javascript
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;ID=161097;size=300x250;setID=387791;type=async;domid=placement_387791_2;place=2;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLA... Show response
servedbyadbutler.com/adserve/ 1 KB
1 KB 29ms
29ms Script
application/x-javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;ID=161097;size=300x250;setID=387791;type=async;domid=placement_387791_2;place=2;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 3ef5913113b240959b1292831e033ef340d85732471b01b7a4b44ee2815de125

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
server: nginx
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/x-javascript
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;ID=161097;size=160x600;setID=188685;type=async;domid=placement_188685_2;place=2;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F Show response
servedbyadbutler.com/adserve/ 2 KB
2 KB 31ms
31ms Script
application/x-javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;ID=161097;size=160x600;setID=188685;type=async;domid=placement_188685_2;place=2;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 1ef2b677c98682220dd7199f746b13def5e61601a6842a28326b96970bcd9797

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
server: nginx
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/x-javascript
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;ID=161097;size=160x600;setID=145718;type=async;domid=placement_145718_3;place=3;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLA... Show response
servedbyadbutler.com/adserve/ 3 KB
3 KB 33ms
33ms Script
application/x-javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;ID=161097;size=160x600;setID=145718;type=async;domid=placement_145718_3;place=3;pid=3588639;sw=1600;sh=1200;spr=1;rnd=3588639;referrer=https%3A%2F%2Fwww.captodayonline.com%2F;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 972cfbf0fdd02ce498950b46ae07216c8b01f816cf0f2d85f6a10834a1e910c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
server: nginx
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/x-javascript
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 67ms
18ms Script
text/javascript 142.250.187.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SJ4BKF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4863
date: Tue, 14 Sep 2021 03:42:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Tue, 14 Sep 2021 05:42:09 GMT

GET
H2 200 ;MID=161097;type=eligibleimpression;placementID=1591572;setID=311039;channelID=0;CID=579276;BID=520487436;TAID=0;place=0;mt=1631595792414173;hc=4a98f0c18b27ac02b03b1e54fe53cf42514dc4c4 Show response
servedbyadbutler.com/adserve/ 0
319 B 59ms
23ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;MID=161097;type=eligibleimpression;placementID=1591572;setID=311039;channelID=0;CID=579276;BID=520487436;TAID=0;place=0;mt=1631595792414173;hc=4a98f0c18b27ac02b03b1e54fe53cf42514dc4c4
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.captodayonline.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame FF94 8 KB
4 KB 50ms
30ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

sffe /

Resource Hash

0b6cec745f5a40eb153f0706b709df292d27ddc40cef71204585a8f400306124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 04:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3983
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:20:02 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 14 Sep 2021 05:07:35 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/538813/55572345/ Frame FF94 46 KB
13 KB 180ms
60ms Script
application/javascript 52.48.134.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/538813/55572345/skeleton.js
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.134.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-134-198.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a0137b3e5208b9dbcb910442df7c1a3456513aa88be876bef5f3dfefb5a28b25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
x-server-name: app13.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 ;MID=161097;type=eligibleimpression;placementID=1591604;setID=146005;channelID=0;CID=579290;BID=520487450;TAID=0;place=0;mt=1631595792421504;hc=52eed83aeee98a745e251d82960fa1b3941fe233 Show response
servedbyadbutler.com/adserve/ 0
318 B 56ms
26ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;MID=161097;type=eligibleimpression;placementID=1591604;setID=146005;channelID=0;CID=579290;BID=520487450;TAID=0;place=0;mt=1631595792421504;hc=52eed83aeee98a745e251d82960fa1b3941fe233
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.captodayonline.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;libID=3216948
servedbyadbutler.com/getad.img/ 44 KB
45 KB 10ms
10ms Image
image/gif 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/getad.img/;libID=3216948
Requested by: Host: www.captodayonline.com
URL: https://www.captodayonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 330b4e91e534bfe47e58e1c43b91804e2628f43c16c4f8c3c774e1e77e76ecc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 00:04:47 GMT
server: nginx
etag: "611ef19f-b175"
content-type: image/gif
access-control-allow-origin: https://www.captodayonline.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="728X90_coffee (2) (1).gif"
accept-ranges: bytes
content-length: 45429
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 ;MID=161097;type=eligibleimpression;placementID=1591608;setID=387791;channelID=0;CID=579294;BID=520487454;TAID=0;place=2;mt=1631595792430093;hc=6707f14c0c5821ecb13d06b561622dd81ece1ece Show response
servedbyadbutler.com/adserve/ 0
318 B 56ms
26ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;MID=161097;type=eligibleimpression;placementID=1591608;setID=387791;channelID=0;CID=579294;BID=520487454;TAID=0;place=2;mt=1631595792430093;hc=6707f14c0c5821ecb13d06b561622dd81ece1ece
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.captodayonline.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;libID=3219698
servedbyadbutler.com/getad.img/ 107 KB
107 KB 11ms
10ms Image
image/jpeg 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/getad.img/;libID=3219698
Requested by: Host: www.captodayonline.com
URL: https://www.captodayonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: c1bf8db6f3c310c9cc93ade9846782a1b25866501b14cfb187776eaad23fe3a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Mon, 23 Aug 2021 17:47:33 GMT
server: nginx
etag: "6123df35-1aaf5"
content-type: image/jpeg
access-control-allow-origin: https://www.captodayonline.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="CAP Today_Ultimate Ad_300x250px_FINAL1.jpg"
accept-ranges: bytes
content-length: 109301
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 ;MID=161097;type=eligibleimpression;placementID=1591608;setID=387791;channelID=0;CID=579294;BID=520487454;TAID=0;place=1;mt=1631595792430283;hc=9c2cad1d0fbb3f64fcefb5d7a54251f746a44f9a Show response
servedbyadbutler.com/adserve/ 0
318 B 53ms
24ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;MID=161097;type=eligibleimpression;placementID=1591608;setID=387791;channelID=0;CID=579294;BID=520487454;TAID=0;place=1;mt=1631595792430283;hc=9c2cad1d0fbb3f64fcefb5d7a54251f746a44f9a
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.captodayonline.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;MID=161097;type=eligibleimpression;placementID=1591620;setID=387791;channelID=0;CID=579305;BID=520487475;TAID=0;place=0;mt=1631595792430208;hc=bb073c9b0f55b182ba597f13363632b26561efc5 Show response
servedbyadbutler.com/adserve/ 0
318 B 25ms
24ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;MID=161097;type=eligibleimpression;placementID=1591620;setID=387791;channelID=0;CID=579305;BID=520487475;TAID=0;place=0;mt=1631595792430208;hc=bb073c9b0f55b182ba597f13363632b26561efc5
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.captodayonline.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame DB8B 8 KB
4 KB 29ms
28ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

sffe /

Resource Hash

0b6cec745f5a40eb153f0706b709df292d27ddc40cef71204585a8f400306124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 04:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3983
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:20:02 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 14 Sep 2021 05:07:35 GMT

GET
H2 200 ;MID=161097;type=eligibleimpression;placementID=1591358;setID=428275;channelID=0;CID=578944;BID=520486740;TAID=0;place=2;mt=1631595792431931;hc=89428f13087c7c7d3e819185b668cc1bcccc9e85 Show response
servedbyadbutler.com/adserve/ 0
318 B 20ms
20ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;MID=161097;type=eligibleimpression;placementID=1591358;setID=428275;channelID=0;CID=578944;BID=520486740;TAID=0;place=2;mt=1631595792431931;hc=89428f13087c7c7d3e819185b668cc1bcccc9e85
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.captodayonline.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 02E5 8 KB
4 KB 33ms
33ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

sffe /

Resource Hash

0b6cec745f5a40eb153f0706b709df292d27ddc40cef71204585a8f400306124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 04:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3983
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:20:02 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 14 Sep 2021 05:07:35 GMT

GET
H2 200 ;MID=161097;type=eligibleimpression;placementID=1591359;setID=188685;channelID=0;CID=578945;BID=520486741;TAID=0;place=2;mt=1631595792432095;hc=af0dee73a838f2a7582ca49da731b50394f72492 Show response
servedbyadbutler.com/adserve/ 0
318 B 15ms
14ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;MID=161097;type=eligibleimpression;placementID=1591359;setID=188685;channelID=0;CID=578945;BID=520486741;TAID=0;place=2;mt=1631595792432095;hc=af0dee73a838f2a7582ca49da731b50394f72492
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.captodayonline.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 995F 8 KB
4 KB 60ms
26ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

sffe /

Resource Hash

0b6cec745f5a40eb153f0706b709df292d27ddc40cef71204585a8f400306124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 04:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3983
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 19:20:02 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 14 Sep 2021 05:07:35 GMT

GET
H2 200 ;MID=161097;type=eligibleimpression;placementID=1591346;setID=188685;channelID=0;CID=578919;BID=520486698;TAID=0;place=0;mt=1631595792432718;hc=0b62ebed8f49d4ec7d2f8c685ad394632e105f20 Show response
servedbyadbutler.com/adserve/ 0
318 B 14ms
14ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;MID=161097;type=eligibleimpression;placementID=1591346;setID=188685;channelID=0;CID=578919;BID=520486698;TAID=0;place=0;mt=1631595792432718;hc=0b62ebed8f49d4ec7d2f8c685ad394632e105f20
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.captodayonline.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;libID=3215742
servedbyadbutler.com/getad.img/ 33 KB
34 KB 12ms
12ms Image
image/gif 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/getad.img/;libID=3215742
Requested by: Host: www.captodayonline.com
URL: https://www.captodayonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 2d6f950cc3d54e70ea3e0c6582e5c870e66eaf5c6d252ad734a59b5bc8019848

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Thu, 19 Aug 2021 18:48:25 GMT
server: nginx
etag: "611ea779-84dd"
content-type: image/gif
access-control-allow-origin: https://www.captodayonline.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="CAP-Abbott-Sept-160x600.gif"
accept-ranges: bytes
content-length: 34013
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 ;MID=161097;type=eligibleimpression;placementID=1591564;setID=188685;channelID=0;CID=578967;BID=520486776;TAID=0;place=1;mt=1631595792432756;hc=74a2712fc9f31025c13479987bd6fc765938ddfe Show response
servedbyadbutler.com/adserve/ 0
318 B 16ms
15ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;MID=161097;type=eligibleimpression;placementID=1591564;setID=188685;channelID=0;CID=578967;BID=520486776;TAID=0;place=1;mt=1631595792432756;hc=74a2712fc9f31025c13479987bd6fc765938ddfe
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.captodayonline.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;libID=3215846
servedbyadbutler.com/getad.img/ 37 KB
37 KB 12ms
11ms Image
image/jpeg 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/getad.img/;libID=3215846
Requested by: Host: www.captodayonline.com
URL: https://www.captodayonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: f97ff350e92182eba6948dbdc8b0894d7286b165cb1cfb9869d052076779e29f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 00:04:42 GMT
server: nginx
etag: "611ef19a-9341"
content-type: image/jpeg
access-control-allow-origin: https://www.captodayonline.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="GenDataHC_CAPtoday_160x600.jpg"
accept-ranges: bytes
content-length: 37697
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 ;MID=161097;type=eligibleimpression;placementID=1591622;setID=428275;channelID=0;CID=579306;BID=520487478;TAID=0;place=1;mt=1631595792433808;hc=00e3b6dc13b1a00a350eaba5f3fc1bca3ff3fb23 Show response
servedbyadbutler.com/adserve/ 0
318 B 19ms
14ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;MID=161097;type=eligibleimpression;placementID=1591622;setID=428275;channelID=0;CID=579306;BID=520487478;TAID=0;place=1;mt=1631595792433808;hc=00e3b6dc13b1a00a350eaba5f3fc1bca3ff3fb23
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.captodayonline.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;libID=3217092
servedbyadbutler.com/getad.img/ 19 KB
20 KB 13ms
11ms Image
image/jpeg 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/getad.img/;libID=3217092
Requested by: Host: www.captodayonline.com
URL: https://www.captodayonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3d731b708a91daea9e5d037fc038c4703bec22de421e825d12e0cdb189de0a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 08:30:54 GMT
server: nginx
etag: "611f683e-4d4e"
content-type: image/jpeg
access-control-allow-origin: https://www.captodayonline.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="CAPDelta.jpg"
accept-ranges: bytes
content-length: 19790
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 ;MID=161097;type=eligibleimpression;placementID=1591558;setID=145718;channelID=0;CID=578952;BID=520486755;TAID=0;place=1;mt=1631595792433712;hc=39dde61fad6a60388f4ea2f36d09844620ae05b1 Show response
servedbyadbutler.com/adserve/ 0
318 B 13ms
13ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;MID=161097;type=eligibleimpression;placementID=1591558;setID=145718;channelID=0;CID=578952;BID=520486755;TAID=0;place=1;mt=1631595792433712;hc=39dde61fad6a60388f4ea2f36d09844620ae05b1
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.captodayonline.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 index.html Show response
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/ Frame 4460 15 KB
4 KB 13ms
12ms Document
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 62ae6d51bfae8054a6624754a1ee12f81e5f9a88165d5547ea2ae3995e85096e

Request headers

:method: GET
:authority: servedbyadbutler.com
:scheme: https
:path: /creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.captodayonline.com/
accept-encoding: gzip, deflate, br
cookie: adbutler_376181=520487444%5E376181%5E579284%5Ehttps%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackclk%2FN7437.830836CAPTODAYONLINE.COM%2FB25121492.299816954%3Bdc_trk_aid%3D493308581%3Bdc_trk_cid%3D150028609%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bgdpr%3D%24%7BGDPR%7D%3Bgdpr_consent%3D%24%7BGDPR_CONSENT_755%7D%3Bltd%3D%3Fhttps%3A%2F%2Fwww.pik3ca-testing.com%2F%3FMDMID%3D%24INS2%24%26utm_source%3DCAP%2520Today%26utm_medium%3Ddisplay%26utm_campaign%3Dpiqh_hcp_disp_brd_onc_2021%26utm_content%3DPIQH_BRD_FMI-STATIC_STANDARD_PIQ-1238065_STATIC_300X250%26omap_code%3DPIQ-1238065%26product%3DDigital%2520eTOC%26site%3DPIQRABC%253A%253Ab%253A%253A2021042148624%5E1591579%5E1631595792326221%5E00bdc8b618b7911dedd340b2883ba873b3ed2ba5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/

Response headers

server: nginx
date: Tue, 14 Sep 2021 05:03:12 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=31536000
expires: Tue, 13 Sep 2022 22:03:12 PDT
access-control-allow-origin: https://www.captodayonline.com
access-control-allow-credentials: true
content-disposition: inline; filename=index.html
content-encoding: gzip

GET
H2 200 ;MID=161097;type=eligibleimpression;placementID=1591558;setID=145718;channelID=0;CID=578952;BID=520486755;TAID=0;place=3;mt=1631595792433720;hc=26222b86e06f8b9d1272c743c07ceab321bfd0ad Show response
servedbyadbutler.com/adserve/ 0
318 B 16ms
14ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;MID=161097;type=eligibleimpression;placementID=1591558;setID=145718;channelID=0;CID=578952;BID=520486755;TAID=0;place=3;mt=1631595792433720;hc=26222b86e06f8b9d1272c743c07ceab321bfd0ad
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.captodayonline.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 index.html Show response
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/ Frame 7383 15 KB
4 KB 12ms
11ms Document
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 1a8cecac7e7afca5c1958b10903a42e954688050a68ae0afc3f8bd11e32a5cc2

Request headers

:method: GET
:authority: servedbyadbutler.com
:scheme: https
:path: /creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.captodayonline.com/
accept-encoding: gzip, deflate, br
cookie: adbutler_376181=520487444%5E376181%5E579284%5Ehttps%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackclk%2FN7437.830836CAPTODAYONLINE.COM%2FB25121492.299816954%3Bdc_trk_aid%3D493308581%3Bdc_trk_cid%3D150028609%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bgdpr%3D%24%7BGDPR%7D%3Bgdpr_consent%3D%24%7BGDPR_CONSENT_755%7D%3Bltd%3D%3Fhttps%3A%2F%2Fwww.pik3ca-testing.com%2F%3FMDMID%3D%24INS2%24%26utm_source%3DCAP%2520Today%26utm_medium%3Ddisplay%26utm_campaign%3Dpiqh_hcp_disp_brd_onc_2021%26utm_content%3DPIQH_BRD_FMI-STATIC_STANDARD_PIQ-1238065_STATIC_300X250%26omap_code%3DPIQ-1238065%26product%3DDigital%2520eTOC%26site%3DPIQRABC%253A%253Ab%253A%253A2021042148624%5E1591579%5E1631595792326221%5E00bdc8b618b7911dedd340b2883ba873b3ed2ba5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/

Response headers

server: nginx
date: Tue, 14 Sep 2021 05:03:12 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=31536000
expires: Tue, 13 Sep 2022 22:03:12 PDT
access-control-allow-origin: https://www.captodayonline.com
access-control-allow-credentials: true
content-disposition: inline; filename=index.html
content-encoding: gzip

GET
H2 200 ;MID=161097;type=eligibleimpression;placementID=1591558;setID=145718;channelID=0;CID=578952;BID=520486755;TAID=0;place=0;mt=1631595792433727;hc=4264cff9a54111a3e2dd1cdfe16fa2f337c4a259 Show response
servedbyadbutler.com/adserve/ 0
318 B 15ms
15ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;MID=161097;type=eligibleimpression;placementID=1591558;setID=145718;channelID=0;CID=578952;BID=520486755;TAID=0;place=0;mt=1631595792433727;hc=4264cff9a54111a3e2dd1cdfe16fa2f337c4a259
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.captodayonline.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 index.html Show response
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/ Frame 96AC 15 KB
4 KB 14ms
13ms Document
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 62c777d18b2971d7ee055ed932ff45ece7ea2dbf654791891c8f9103dd85afc0

Request headers

:method: GET
:authority: servedbyadbutler.com
:scheme: https
:path: /creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.captodayonline.com/
accept-encoding: gzip, deflate, br
cookie: adbutler_376181=520487444%5E376181%5E579284%5Ehttps%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackclk%2FN7437.830836CAPTODAYONLINE.COM%2FB25121492.299816954%3Bdc_trk_aid%3D493308581%3Bdc_trk_cid%3D150028609%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bgdpr%3D%24%7BGDPR%7D%3Bgdpr_consent%3D%24%7BGDPR_CONSENT_755%7D%3Bltd%3D%3Fhttps%3A%2F%2Fwww.pik3ca-testing.com%2F%3FMDMID%3D%24INS2%24%26utm_source%3DCAP%2520Today%26utm_medium%3Ddisplay%26utm_campaign%3Dpiqh_hcp_disp_brd_onc_2021%26utm_content%3DPIQH_BRD_FMI-STATIC_STANDARD_PIQ-1238065_STATIC_300X250%26omap_code%3DPIQ-1238065%26product%3DDigital%2520eTOC%26site%3DPIQRABC%253A%253Ab%253A%253A2021042148624%5E1591579%5E1631595792326221%5E00bdc8b618b7911dedd340b2883ba873b3ed2ba5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/

Response headers

server: nginx
date: Tue, 14 Sep 2021 05:03:12 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=31536000
expires: Tue, 13 Sep 2022 22:03:12 PDT
access-control-allow-origin: https://www.captodayonline.com
access-control-allow-credentials: true
content-disposition: inline; filename=index.html
content-encoding: gzip

GET
H2 200 ;MID=161097;type=eligibleimpression;placementID=1591558;setID=145718;channelID=0;CID=578952;BID=520486755;TAID=0;place=2;mt=1631595792433717;hc=f4f982cbd1c2a78a492d77d656dc353123345f1f Show response
servedbyadbutler.com/adserve/ 0
318 B 15ms
15ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;MID=161097;type=eligibleimpression;placementID=1591558;setID=145718;channelID=0;CID=578952;BID=520486755;TAID=0;place=2;mt=1631595792433717;hc=f4f982cbd1c2a78a492d77d656dc353123345f1f
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.captodayonline.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 index.html Show response
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/ Frame B593 15 KB
4 KB 13ms
13ms Document
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 39a5910e2e0b47c42db14375b624670912974b57ffcbcb576233eb871046cbd4

Request headers

:method: GET
:authority: servedbyadbutler.com
:scheme: https
:path: /creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.captodayonline.com/
accept-encoding: gzip, deflate, br
cookie: adbutler_376181=520487444%5E376181%5E579284%5Ehttps%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackclk%2FN7437.830836CAPTODAYONLINE.COM%2FB25121492.299816954%3Bdc_trk_aid%3D493308581%3Bdc_trk_cid%3D150028609%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bgdpr%3D%24%7BGDPR%7D%3Bgdpr_consent%3D%24%7BGDPR_CONSENT_755%7D%3Bltd%3D%3Fhttps%3A%2F%2Fwww.pik3ca-testing.com%2F%3FMDMID%3D%24INS2%24%26utm_source%3DCAP%2520Today%26utm_medium%3Ddisplay%26utm_campaign%3Dpiqh_hcp_disp_brd_onc_2021%26utm_content%3DPIQH_BRD_FMI-STATIC_STANDARD_PIQ-1238065_STATIC_300X250%26omap_code%3DPIQ-1238065%26product%3DDigital%2520eTOC%26site%3DPIQRABC%253A%253Ab%253A%253A2021042148624%5E1591579%5E1631595792326221%5E00bdc8b618b7911dedd340b2883ba873b3ed2ba5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/

Response headers

server: nginx
date: Tue, 14 Sep 2021 05:03:12 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=31536000
expires: Tue, 13 Sep 2022 22:03:12 PDT
access-control-allow-origin: https://www.captodayonline.com
access-control-allow-credentials: true
content-disposition: inline; filename=index.html
content-encoding: gzip

GET
H2 200 ;MID=161097;type=eligibleimpression;placementID=1591563;setID=428275;channelID=0;CID=578963;BID=520486772;TAID=0;place=0;mt=1631595792433857;hc=0d573f9652449037333bbeb1588acde8a493153e Show response
servedbyadbutler.com/adserve/ 0
318 B 14ms
13ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;MID=161097;type=eligibleimpression;placementID=1591563;setID=428275;channelID=0;CID=578963;BID=520486772;TAID=0;place=0;mt=1631595792433857;hc=0d573f9652449037333bbeb1588acde8a493153e
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.captodayonline.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;libID=3215841
servedbyadbutler.com/getad.img/ 55 KB
55 KB 11ms
11ms Image
image/jpeg 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/getad.img/;libID=3215841
Requested by: Host: www.captodayonline.com
URL: https://www.captodayonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 9c89d2f3c5d48ce25f02d8fb6453de9a40cf698848decb115d541b08939ceee6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 00:04:47 GMT
server: nginx
etag: "611ef19f-db15"
content-type: image/jpeg
access-control-allow-origin: https://www.captodayonline.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="Cytospin Banner_USCAP_7.28.jpg"
accept-ranges: bytes
content-length: 56085
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H3 200 impl_v78.js Show response
www.googletagservices.com/dcm/ 37 KB
15 KB 26ms
26ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v78.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

sffe /

Resource Hash

07000140ab52c28ef2a522fae638638b2783786e8e2ae8cb883cc1f0a0c00df0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.captodayonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 07 Sep 2021 08:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 593489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15595
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 17:50:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 08:11:43 GMT

GET
H3 200 impl_v78.js Show response
www.googletagservices.com/dcm/ Frame FF94 37 KB
15 KB 33ms
33ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v78.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

sffe /

Resource Hash

07000140ab52c28ef2a522fae638638b2783786e8e2ae8cb883cc1f0a0c00df0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 08:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 593489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15595
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 17:50:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 08:11:43 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 65ms
33ms XHR
text/plain 142.250.187.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1741081018&t=pageview&_s=1&dl=https%3A%2F%2Fwww.captodayonline.com%2F&ul=en-us&de=UTF-8&dt=CAP%20TODAY%20-%20Pathology%2FLaboratory%20Medicine%2FLaboratory%20Management&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=608211657&gjid=412247990&cid=365076421.1631595793&tid=UA-17445858-1&_gid=794065427.1631595793&_r=1&gtm=2wg9d05SJ4BKF&z=364383504

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.captodayonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.captodayonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 impl_v78.js Show response
www.googletagservices.com/dcm/ Frame DB8B 37 KB
15 KB 26ms
26ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v78.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

sffe /

Resource Hash

07000140ab52c28ef2a522fae638638b2783786e8e2ae8cb883cc1f0a0c00df0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 08:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 593489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15595
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 17:50:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 08:11:43 GMT

GET
H3 200 impl_v78.js Show response
www.googletagservices.com/dcm/ Frame 02E5 37 KB
15 KB 26ms
26ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v78.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

sffe /

Resource Hash

07000140ab52c28ef2a522fae638638b2783786e8e2ae8cb883cc1f0a0c00df0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 08:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 593489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15595
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 17:50:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 08:11:43 GMT

GET
H3 200 impl_v78.js Show response
www.googletagservices.com/dcm/ Frame 995F 37 KB
15 KB 26ms
26ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v78.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

sffe /

Resource Hash

07000140ab52c28ef2a522fae638638b2783786e8e2ae8cb883cc1f0a0c00df0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 08:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 593489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15595
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 17:50:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 08:11:43 GMT

GET
H2 200 B25421940.310816217;dc_ver=78.227;dc_eid=40004001,44728098;sz=300x250;u_sd=1;nel=1;dc_adk=379953403;ord=lzlvv5;click0=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D159... Show response
ad.doubleclick.net/ddm/adi/N5192.3733510CAPTODAY/ Frame 6F60 39 KB
20 KB 102ms
53ms Document
text/html 172.217.169.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N5192.3733510CAPTODAY/B25421940.310816217;dc_ver=78.227;dc_eid=40004001,44728098;sz=300x250;u_sd=1;nel=1;dc_adk=379953403;ord=lzlvv5;click0=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591615%26setID%3D311039%26channelID%3D0%26CID%3D579301%26banID%3D520487461%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792352395%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D5904fd7c23eff39fb3816986d56efa027c566266%26location%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fwww.captodayonline.com%2F$0;xdt=0;crlt=2f7-oxl6W';sttr=80;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v78.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s09-in-f6.1e100.net

Software

cafe /

Resource Hash

b56a9a33293d6a118550f104a4fdb44731fe751879d29822ad81c9bccb1d1ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ad.doubleclick.net
:scheme: https
:path: /ddm/adi/N5192.3733510CAPTODAY/B25421940.310816217;dc_ver=78.227;dc_eid=40004001,44728098;sz=300x250;u_sd=1;nel=1;dc_adk=379953403;ord=lzlvv5;click0=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591615%26setID%3D311039%26channelID%3D0%26CID%3D579301%26banID%3D520487461%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792352395%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D5904fd7c23eff39fb3816986d56efa027c566266%26location%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fwww.captodayonline.com%2F$0;xdt=0;crlt=2f7-oxl6W';sttr=80;prcl=s
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.captodayonline.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 14 Sep 2021 05:03:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 19747
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 14-Sep-2021 05:18:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 B25011516.304393627;dc_ver=78.227;sz=300x250;u_sd=1;nel=1;dc_adk=1703049611;ord=5phess;click0=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591572%26setID%3D311039%26... Show response
ad.doubleclick.net/ddm/adj/N464015.830836CAPTODAYONLINE.CO/ Frame FF94 39 KB
20 KB 115ms
71ms Script
text/javascript 172.217.169.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N464015.830836CAPTODAYONLINE.CO/B25011516.304393627;dc_ver=78.227;sz=300x250;u_sd=1;nel=1;dc_adk=1703049611;ord=5phess;click0=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591572%26setID%3D311039%26channelID%3D0%26CID%3D579276%26banID%3D520487436%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792414044%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D8ba3f007197332641e5a048b3599a07f4a94444c%26location%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.captodayonline.com%2F$0;xdt=0;crlt=2f7-oxl6W';sttr=89;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v78.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s09-in-f6.1e100.net

Software

cafe /

Resource Hash

24dfc62f3e0b7216633ff376a39eef03443b6a834f0a0ea02be34f9e20cf9d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19847
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d71062573728dd040ee2671a0ecebd71.js Show response
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/ Frame 4460 73 KB
73 KB 16ms
15ms Script
application/x-javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 6ec59ec27cd440112396e5f8ac359dbbaf7937000f255919f9c36b5f74b6e3fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: "611feeed-1220b"
content-type: application/x-javascript
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="d71062573728dd040ee2671a0ecebd71.js"
accept-ranges: bytes
content-length: 74251
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 d71062573728dd040ee2671a0ecebd71.js Show response
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/ Frame 7383 73 KB
73 KB 12ms
12ms Script
application/x-javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 6ec59ec27cd440112396e5f8ac359dbbaf7937000f255919f9c36b5f74b6e3fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: "611feeed-1220b"
content-type: application/x-javascript
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="d71062573728dd040ee2671a0ecebd71.js"
accept-ranges: bytes
content-length: 74251
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 d71062573728dd040ee2671a0ecebd71.js Show response
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/ Frame 96AC 73 KB
73 KB 13ms
12ms Script
application/x-javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 6ec59ec27cd440112396e5f8ac359dbbaf7937000f255919f9c36b5f74b6e3fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: "611feeed-1220b"
content-type: application/x-javascript
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="d71062573728dd040ee2671a0ecebd71.js"
accept-ranges: bytes
content-length: 74251
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 d71062573728dd040ee2671a0ecebd71.js Show response
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/ Frame B593 73 KB
73 KB 11ms
11ms Script
application/x-javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 6ec59ec27cd440112396e5f8ac359dbbaf7937000f255919f9c36b5f74b6e3fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: "611feeed-1220b"
content-type: application/x-javascript
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="d71062573728dd040ee2671a0ecebd71.js"
accept-ranges: bytes
content-length: 74251
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 B25899775.310383592;dc_ver=78.227;sz=300x250;u_sd=1;nel=1;dc_adk=1633536228;ord=23zq6o;click0=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591620%26setID%3D387791%26... Show response
ad.doubleclick.net/ddm/adi/N5192.3733510CAPTODAY/ Frame E296 39 KB
20 KB 64ms
63ms Document
text/html 172.217.169.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N5192.3733510CAPTODAY/B25899775.310383592;dc_ver=78.227;sz=300x250;u_sd=1;nel=1;dc_adk=1633536228;ord=23zq6o;click0=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591620%26setID%3D387791%26channelID%3D0%26CID%3D579305%26banID%3D520487475%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792430153%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dc15c7b7c1d343c7b07017404873b6519e8c34292%26location%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.captodayonline.com%2F$0;xdt=0;crlt=2f7-oxl6W';sttr=95;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v78.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s09-in-f6.1e100.net

Software

cafe /

Resource Hash

5a02d683fb9fff7fbe1eb5abe1dc664e412fbf4c28b3d34aa7a9de4e8ce260cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ad.doubleclick.net
:scheme: https
:path: /ddm/adi/N5192.3733510CAPTODAY/B25899775.310383592;dc_ver=78.227;sz=300x250;u_sd=1;nel=1;dc_adk=1633536228;ord=23zq6o;click0=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591620%26setID%3D387791%26channelID%3D0%26CID%3D579305%26banID%3D520487475%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792430153%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dc15c7b7c1d343c7b07017404873b6519e8c34292%26location%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.captodayonline.com%2F$0;xdt=0;crlt=2f7-oxl6W';sttr=95;prcl=s
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.captodayonline.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 14 Sep 2021 05:03:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 19928
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 14-Sep-2021 05:18:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
466 B 70ms
21ms XHR
text/plain 64.233.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-17445858-1&cid=365076421.1631595793&jid=608211657&gjid=412247990&_gid=794065427.1631595793&_u=YEBAAEAAAAAAAC~&z=1300131555

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.captodayonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 14 Sep 2021 05:03:12 GMT
content-type: text/plain
access-control-allow-origin: https://www.captodayonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 14 KB
14 KB 43ms
18ms Font
font/woff2 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C300%7COpen+Sans%3A700%2C400%2C400i%7CRoboto%3A700%2C400

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.captodayonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 09:39:06 GMT
x-content-type-options: nosniff
age: 69846
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 09:39:06 GMT

GET
H2 200 hustle-icons-font.ttf
www.captodayonline.com/wordpress/wp-content/plugins/hustle/assets/hustle-ui/fonts/ 12 KB
12 KB 145ms
144ms Font
application/font-sfnt 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captodayonline.com/wordpress/wp-content/plugins/hustle/assets/hustle-ui/fonts/hustle-icons-font.ttf

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/wordpress/wp-content/plugins/hustle/assets/hustle-ui/css/hustle-icons.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

c8ccfa5c23b7fb8848ee26de498408961555235ec2c49e15e65a9bba6692d89f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.captodayonline.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: _nx-nocache=1; _ga=GA1.2.365076421.1631595793; _gid=GA1.2.794065427.1631595793; _gat_UA-17445858-1=1
:path: /wordpress/wp-content/plugins/hustle/assets/hustle-ui/fonts/hustle-icons-font.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.captodayonline.com
referer: https://www.captodayonline.com/wordpress/wp-content/plugins/hustle/assets/hustle-ui/css/hustle-icons.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.captodayonline.com/wordpress/wp-content/plugins/hustle/assets/hustle-ui/css/hustle-icons.min.css
Origin: https://www.captodayonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
x-content-type-options: nosniff
x-nocache: 1
x-sucuri-cache: MISS
content-length: 12260
x-xss-protection: 1; mode=block
last-modified: Sat, 21 Aug 2021 12:27:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "2fe4-5ca10e89f495f"
vary: User-Agent
content-type: application/font-sfnt
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
set-cookie: _nx-nocache=1 _nx-nocache=1; Max-Age=300; Path=/; HttpOnly
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 B25192014.290828513;dc_ver=78.227;dc_eid=40004000;sz=300x250;u_sd=1;nel=1;dc_adk=1337641711;ord=9s7npk;click0=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591358%26s... Show response
ad.doubleclick.net/ddm/adj/N8276.3733510CAPTODAY/ Frame 02E5 39 KB
19 KB 75ms
50ms Script
text/javascript 172.217.169.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N8276.3733510CAPTODAY/B25192014.290828513;dc_ver=78.227;dc_eid=40004000;sz=300x250;u_sd=1;nel=1;dc_adk=1337641711;ord=9s7npk;click0=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591358%26setID%3D428275%26channelID%3D0%26CID%3D578944%26banID%3D520486740%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792431891%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D9827d29ef89101cbf5632651b3cf609a74d29dab%26location%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.captodayonline.com%2F$0;xdt=0;crlt=2f7-oxl6W';sttr=169;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v78.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.169.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s09-in-f6.1e100.net

Software

cafe /

Resource Hash

3cd555e7d1c24b053f112a2c2b7e8259144242ae5d34e101945923601c05f7f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19867
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 B25192014.290918712;dc_ver=78.227;sz=160x600;u_sd=1;nel=1;dc_adk=2539680007;ord=1mmg85;click0=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591359%26setID%3D188685%26... Show response
ad.doubleclick.net/ddm/adj/N8276.3733510CAPTODAY/ Frame 995F 39 KB
19 KB 55ms
54ms Script
text/javascript 172.217.169.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N8276.3733510CAPTODAY/B25192014.290918712;dc_ver=78.227;sz=160x600;u_sd=1;nel=1;dc_adk=2539680007;ord=1mmg85;click0=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591359%26setID%3D188685%26channelID%3D0%26CID%3D578945%26banID%3D520486741%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792432059%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D3037cc0a6be2ef87ffccf8da447fe69dc04958d9%26location%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.captodayonline.com%2F$0;xdt=0;crlt=2f7-oxl6W';sttr=192;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v78.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.169.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s09-in-f6.1e100.net

Software

cafe /

Resource Hash

375d92799a5a5daa6c82ad4147dcfd4ddecff277151cf6fef22c69c258cffb14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19883
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 593c0560dadefcac354b0d5bb2ebf7bb.png
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame 7383 2 KB
3 KB 13ms
12ms Image
image/png 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/593c0560dadefcac354b0d5bb2ebf7bb.png
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e492a0db4e7692708460131803092a560f4760364f9a17ad561f241cbc41bad0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: "611feeed-9fd"
content-type: image/png
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="593c0560dadefcac354b0d5bb2ebf7bb.png"
accept-ranges: bytes
content-length: 2557
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 c8e5fd14cab4230822bd3fef6cf990ef.svg
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame 7383 5 KB
2 KB 15ms
14ms Image
image/svg+xml 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/c8e5fd14cab4230822bd3fef6cf990ef.svg
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: aa2c6064cbd3eaa020fdab73b13c04cd9d9c30fdcac8f773a441f403855f8727

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: W/"611feeed-1353"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="c8e5fd14cab4230822bd3fef6cf990ef.svg"
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 9a78ef5cd381fe1cc6b2dfe7563acdc4.png
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame 7383 7 KB
8 KB 13ms
12ms Image
image/png 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/9a78ef5cd381fe1cc6b2dfe7563acdc4.png
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 21c10a935359bb31ab899606780958e605406a3ddcd1fcfe6c4a7662d6ce8b4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: "611feeed-1d80"
content-type: image/png
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="9a78ef5cd381fe1cc6b2dfe7563acdc4.png"
accept-ranges: bytes
content-length: 7552
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 212ccd2344f9ab6f9ab92d6effa11b46.png
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame 7383 11 KB
11 KB 16ms
16ms Image
image/png 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/212ccd2344f9ab6f9ab92d6effa11b46.png
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 51cf2fa21350e2eb8f339130360aadb6cebee12c0f192e8948ec393f313c5c76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:34 GMT
server: nginx
etag: "611feeee-2c8f"
content-type: image/png
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="212ccd2344f9ab6f9ab92d6effa11b46.png"
accept-ranges: bytes
content-length: 11407
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 2fe6a651798764cf1a4e5a78b93dc332.png
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame 7383 8 KB
9 KB 15ms
14ms Image
image/png 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/2fe6a651798764cf1a4e5a78b93dc332.png
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 9996e9c20b7219a52932611de860e635febf5e3cd1c658adc4dcb1afda122a8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: "611feeed-2195"
content-type: image/png
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="2fe6a651798764cf1a4e5a78b93dc332.png"
accept-ranges: bytes
content-length: 8597
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 292e52d1ab668e3ccebe6b471da08f11.svg
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame 7383 2 KB
2 KB 16ms
16ms Image
image/svg+xml 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/292e52d1ab668e3ccebe6b471da08f11.svg
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 00e858cc0eaa084c8ba5cfbec2a8132c32539f7906833bc27e1e791986d52a71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: "611feeed-646"
content-type: image/svg+xml
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="292e52d1ab668e3ccebe6b471da08f11.svg"
accept-ranges: bytes
content-length: 1606
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 9b9680492720a96bb23c46778a8b2196.svg
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame 7383 3 KB
3 KB 15ms
15ms Image
image/svg+xml 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/9b9680492720a96bb23c46778a8b2196.svg
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 8f911e0500254a927e11983e0e7ca8c00c485b690f88a87ab34dac4298fbaa00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433680%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Db9b805cd09ac58d90f59ac04fe31caad1598ea58%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: "611feeed-bc7"
content-type: image/svg+xml
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="9b9680492720a96bb23c46778a8b2196.svg"
accept-ranges: bytes
content-length: 3015
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 593c0560dadefcac354b0d5bb2ebf7bb.png
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame 96AC 2 KB
3 KB 15ms
13ms Image
image/png 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/593c0560dadefcac354b0d5bb2ebf7bb.png
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e492a0db4e7692708460131803092a560f4760364f9a17ad561f241cbc41bad0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: "611feeed-9fd"
content-type: image/png
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="593c0560dadefcac354b0d5bb2ebf7bb.png"
accept-ranges: bytes
content-length: 2557
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 c8e5fd14cab4230822bd3fef6cf990ef.svg
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame 96AC 5 KB
2 KB 15ms
13ms Image
image/svg+xml 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/c8e5fd14cab4230822bd3fef6cf990ef.svg
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: aa2c6064cbd3eaa020fdab73b13c04cd9d9c30fdcac8f773a441f403855f8727

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: W/"611feeed-1353"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="c8e5fd14cab4230822bd3fef6cf990ef.svg"
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 9a78ef5cd381fe1cc6b2dfe7563acdc4.png
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame 96AC 7 KB
8 KB 16ms
14ms Image
image/png 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/9a78ef5cd381fe1cc6b2dfe7563acdc4.png
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 21c10a935359bb31ab899606780958e605406a3ddcd1fcfe6c4a7662d6ce8b4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: "611feeed-1d80"
content-type: image/png
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="9a78ef5cd381fe1cc6b2dfe7563acdc4.png"
accept-ranges: bytes
content-length: 7552
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 212ccd2344f9ab6f9ab92d6effa11b46.png
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame 96AC 11 KB
11 KB 16ms
15ms Image
image/png 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/212ccd2344f9ab6f9ab92d6effa11b46.png
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 51cf2fa21350e2eb8f339130360aadb6cebee12c0f192e8948ec393f313c5c76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:34 GMT
server: nginx
etag: "611feeee-2c8f"
content-type: image/png
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="212ccd2344f9ab6f9ab92d6effa11b46.png"
accept-ranges: bytes
content-length: 11407
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 2fe6a651798764cf1a4e5a78b93dc332.png
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame 96AC 8 KB
9 KB 15ms
14ms Image
image/png 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/2fe6a651798764cf1a4e5a78b93dc332.png
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 9996e9c20b7219a52932611de860e635febf5e3cd1c658adc4dcb1afda122a8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: "611feeed-2195"
content-type: image/png
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="2fe6a651798764cf1a4e5a78b93dc332.png"
accept-ranges: bytes
content-length: 8597
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 292e52d1ab668e3ccebe6b471da08f11.svg
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame 96AC 2 KB
2 KB 16ms
15ms Image
image/svg+xml 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/292e52d1ab668e3ccebe6b471da08f11.svg
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 00e858cc0eaa084c8ba5cfbec2a8132c32539f7906833bc27e1e791986d52a71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: "611feeed-646"
content-type: image/svg+xml
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="292e52d1ab668e3ccebe6b471da08f11.svg"
accept-ranges: bytes
content-length: 1606
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 9b9680492720a96bb23c46778a8b2196.svg
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame 96AC 3 KB
3 KB 15ms
14ms Image
image/svg+xml 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/9b9680492720a96bb23c46778a8b2196.svg
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 8f911e0500254a927e11983e0e7ca8c00c485b690f88a87ab34dac4298fbaa00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: "611feeed-bc7"
content-type: image/svg+xml
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="9b9680492720a96bb23c46778a8b2196.svg"
accept-ranges: bytes
content-length: 3015
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 593c0560dadefcac354b0d5bb2ebf7bb.png
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame 4460 2 KB
3 KB 14ms
13ms Image
image/png 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/593c0560dadefcac354b0d5bb2ebf7bb.png
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e492a0db4e7692708460131803092a560f4760364f9a17ad561f241cbc41bad0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: "611feeed-9fd"
content-type: image/png
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="593c0560dadefcac354b0d5bb2ebf7bb.png"
accept-ranges: bytes
content-length: 2557
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 c8e5fd14cab4230822bd3fef6cf990ef.svg
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame 4460 5 KB
2 KB 16ms
15ms Image
image/svg+xml 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/c8e5fd14cab4230822bd3fef6cf990ef.svg
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: aa2c6064cbd3eaa020fdab73b13c04cd9d9c30fdcac8f773a441f403855f8727

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: W/"611feeed-1353"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="c8e5fd14cab4230822bd3fef6cf990ef.svg"
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 9a78ef5cd381fe1cc6b2dfe7563acdc4.png
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame 4460 7 KB
8 KB 17ms
16ms Image
image/png 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/9a78ef5cd381fe1cc6b2dfe7563acdc4.png
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 21c10a935359bb31ab899606780958e605406a3ddcd1fcfe6c4a7662d6ce8b4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: "611feeed-1d80"
content-type: image/png
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="9a78ef5cd381fe1cc6b2dfe7563acdc4.png"
accept-ranges: bytes
content-length: 7552
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 212ccd2344f9ab6f9ab92d6effa11b46.png
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame 4460 11 KB
11 KB 15ms
15ms Image
image/png 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/212ccd2344f9ab6f9ab92d6effa11b46.png
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 51cf2fa21350e2eb8f339130360aadb6cebee12c0f192e8948ec393f313c5c76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:34 GMT
server: nginx
etag: "611feeee-2c8f"
content-type: image/png
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="212ccd2344f9ab6f9ab92d6effa11b46.png"
accept-ranges: bytes
content-length: 11407
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 2fe6a651798764cf1a4e5a78b93dc332.png
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame 4460 8 KB
9 KB 14ms
13ms Image
image/png 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/2fe6a651798764cf1a4e5a78b93dc332.png
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 9996e9c20b7219a52932611de860e635febf5e3cd1c658adc4dcb1afda122a8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: "611feeed-2195"
content-type: image/png
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="2fe6a651798764cf1a4e5a78b93dc332.png"
accept-ranges: bytes
content-length: 8597
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 292e52d1ab668e3ccebe6b471da08f11.svg
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame 4460 2 KB
2 KB 16ms
15ms Image
image/svg+xml 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/292e52d1ab668e3ccebe6b471da08f11.svg
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 00e858cc0eaa084c8ba5cfbec2a8132c32539f7906833bc27e1e791986d52a71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: "611feeed-646"
content-type: image/svg+xml
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="292e52d1ab668e3ccebe6b471da08f11.svg"
accept-ranges: bytes
content-length: 1606
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 9b9680492720a96bb23c46778a8b2196.svg
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame 4460 3 KB
3 KB 15ms
15ms Image
image/svg+xml 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/9b9680492720a96bb23c46778a8b2196.svg
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 8f911e0500254a927e11983e0e7ca8c00c485b690f88a87ab34dac4298fbaa00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433675%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D1c0496bb6a68b1781cb5dc8c749429c680bcb483%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: "611feeed-bc7"
content-type: image/svg+xml
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="9b9680492720a96bb23c46778a8b2196.svg"
accept-ranges: bytes
content-length: 3015
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 593c0560dadefcac354b0d5bb2ebf7bb.png
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame B593 2 KB
3 KB 13ms
13ms Image
image/png 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/593c0560dadefcac354b0d5bb2ebf7bb.png
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e492a0db4e7692708460131803092a560f4760364f9a17ad561f241cbc41bad0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: "611feeed-9fd"
content-type: image/png
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="593c0560dadefcac354b0d5bb2ebf7bb.png"
accept-ranges: bytes
content-length: 2557
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 c8e5fd14cab4230822bd3fef6cf990ef.svg
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame B593 5 KB
2 KB 12ms
12ms Image
image/svg+xml 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/c8e5fd14cab4230822bd3fef6cf990ef.svg
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: aa2c6064cbd3eaa020fdab73b13c04cd9d9c30fdcac8f773a441f403855f8727

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 18:17:54 GMT
server: nginx
etag: W/"611ff1d2-1353"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="c8e5fd14cab4230822bd3fef6cf990ef.svg"
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 9a78ef5cd381fe1cc6b2dfe7563acdc4.png
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame B593 7 KB
8 KB 13ms
13ms Image
image/png 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/9a78ef5cd381fe1cc6b2dfe7563acdc4.png
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 21c10a935359bb31ab899606780958e605406a3ddcd1fcfe6c4a7662d6ce8b4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:18:28 GMT
server: nginx
etag: "611ff1f4-1d80"
content-type: image/png
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="9a78ef5cd381fe1cc6b2dfe7563acdc4.png"
accept-ranges: bytes
content-length: 7552
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 212ccd2344f9ab6f9ab92d6effa11b46.png
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame B593 11 KB
11 KB 14ms
13ms Image
image/png 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/212ccd2344f9ab6f9ab92d6effa11b46.png
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 51cf2fa21350e2eb8f339130360aadb6cebee12c0f192e8948ec393f313c5c76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:34 GMT
server: nginx
etag: "611feeee-2c8f"
content-type: image/png
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="212ccd2344f9ab6f9ab92d6effa11b46.png"
accept-ranges: bytes
content-length: 11407
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 2fe6a651798764cf1a4e5a78b93dc332.png
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame B593 8 KB
9 KB 14ms
13ms Image
image/png 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/2fe6a651798764cf1a4e5a78b93dc332.png
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 9996e9c20b7219a52932611de860e635febf5e3cd1c658adc4dcb1afda122a8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: "611feeed-2195"
content-type: image/png
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="2fe6a651798764cf1a4e5a78b93dc332.png"
accept-ranges: bytes
content-length: 8597
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 292e52d1ab668e3ccebe6b471da08f11.svg
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame B593 2 KB
2 KB 14ms
12ms Image
image/svg+xml 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/292e52d1ab668e3ccebe6b471da08f11.svg
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 00e858cc0eaa084c8ba5cfbec2a8132c32539f7906833bc27e1e791986d52a71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:05:33 GMT
server: nginx
etag: "611feeed-646"
content-type: image/svg+xml
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="292e52d1ab668e3ccebe6b471da08f11.svg"
accept-ranges: bytes
content-length: 1606
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H2 200 9b9680492720a96bb23c46778a8b2196.svg
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame B593 3 KB
3 KB 16ms
10ms Image
image/svg+xml 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/9b9680492720a96bb23c46778a8b2196.svg
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/d71062573728dd040ee2671a0ecebd71.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 8f911e0500254a927e11983e0e7ca8c00c485b690f88a87ab34dac4298fbaa00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433669%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D6c000fd2b734e311a94146b7fb3b159da401ecce%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
last-modified: Fri, 20 Aug 2021 18:17:38 GMT
server: nginx
etag: "611ff1c2-bc7"
content-type: image/svg+xml
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="9b9680492720a96bb23c46778a8b2196.svg"
accept-ranges: bytes
content-length: 3015
expires: Tue, 13 Sep 2022 22:03:12 PDT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 72ms
29ms Image
image/gif 216.58.212.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-17445858-1&cid=365076421.1631595793&jid=608211657&_u=YEBAAEAAAAAAAC~&z=443210399

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.228 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s28-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FF94 125 KB
38 KB 34ms
34ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N464015.830836CAPTODAYONLINE.CO/B25011516.304393627;dc_ver=78.227;sz=300x250;u_sd=1;nel=1;dc_adk=1703049611;ord=5phess;click0=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591572%26setID%3D311039%26channelID%3D0%26CID%3D579276%26banID%3D520487436%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792414044%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D8ba3f007197332641e5a048b3599a07f4a94444c%26location%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.captodayonline.com%2F$0;xdt=0;crlt=2f7-oxl6W';sttr=89;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

sffe /

Resource Hash

1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:12 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1631273423644667"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38649
x-xss-protection: 0
expires: Tue, 14 Sep 2021 05:03:12 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/elements/html/ Frame FF94 8 KB
4 KB 91ms
24ms Script
text/javascript 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 04:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Sep 2021 04:25:53 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FF94 0
545 B 108ms
36ms Ping
image/gif 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvWwfjqK52uGAy6Y5BiQWntZkEgcyvz9Fmrk7f5k9yg-EPKf4zAF9eorTXPmbkqtBoUBVJLN7JygGy3atg_sPw3vX99JdIhtKOzFZe16mN1ixmwhMqA_liS6feTeCYH1dbSzTmUwv_C&sig=Cg0ArKJSzLir729wqc0DEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210909.30557&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.captodayonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 14 Sep 2021 05:03:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FF94 41 KB
15 KB 71ms
19ms Script
text/javascript 142.250.187.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 21:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Sep 2022 21:29:49 GMT

GET
H2 200 01272021-141717036-US-KEY-02216_300x250_Static.jpg
s0.2mdn.net/9750276/ Frame FF94 78 KB
79 KB 80ms
28ms Image
image/jpeg 142.250.178.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9750276/01272021-141717036-US-KEY-02216_300x250_Static.jpg

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f6.1e100.net

Software

sffe /

Resource Hash

e3d05a26f31df5727671b3e54fa6215fc02b0c8dc00ae4579f3b98e1b681c92d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 22:17:17 GMT
server: sffe
age: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80140
x-xss-protection: 0
expires: Wed, 15 Sep 2021 05:03:13 GMT

GET
H2 200 main.gr.19.8.243.js Show response
static.adsafeprotected.com/ Frame FF94 187 KB
60 KB 143ms
66ms Script
application/javascript 34.241.251.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.243.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/538813/55572345/skeleton.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.251.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-251-11.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 3b2994ec6cd1c326c20a981912b23a05f5b1ddd55f3fccabf419e1ee70ee6a56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
last-modified: Tue, 07 Sep 2021 21:28:29 GMT
server: nginx/1.16.1
age: 82284
etag: W/"f8ec101cfd4f34f35efecdff9eecac24"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
DATA 200
OK truncated
/ Frame 96AC 347 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fcaa3cd0858ccbfaf79e65f34addc2d0353d4f98486e96d576765635a9224cf3

Request headers

Referer
Origin: https://servedbyadbutler.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 00a8ebe1d0585ab96eb40441f863b919.svg
servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/ Frame 96AC 1 KB
2 KB 21ms
21ms Image
image/svg+xml 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/media/00a8ebe1d0585ab96eb40441f863b919.svg
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 3f37f005a33d5e0d970cd19f23cbdf1445847f2e00507c166f9183aa0ba079c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://servedbyadbutler.com/creative-161097-3217775/21-Virtuo-Myla-V1c-HTML/index.html?clickTag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&clicktag=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_location=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591558%26setID%3D145718%26channelID%3D0%26CID%3D578952%26banID%3D520486755%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792433687%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dfb484173c79de69c531804c784ea611badc7bac8%26location%3D&__ab_zone_id=145718&__ab_zone_name=CAP%20TODAY%20Portal%20Tower%20%28Right%29&__ab_publisher_id=8653&__ab_publisher_name=Default%20Publisher&__ab_banner_id=520486755&__ab_extra_data=&sw=1600&sh=1200&spr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
last-modified: Fri, 20 Aug 2021 18:05:34 GMT
server: nginx
etag: "611feeee-52e"
content-type: image/svg+xml
access-control-allow-origin: https://servedbyadbutler.com
cache-control: max-age=31536000
access-control-allow-credentials: true
content-disposition: inline; filename="00a8ebe1d0585ab96eb40441f863b919.svg"
accept-ranges: bytes
content-length: 1326
expires: Tue, 13 Sep 2022 22:03:13 PDT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 02E5 125 KB
38 KB 36ms
36ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N8276.3733510CAPTODAY/B25192014.290828513;dc_ver=78.227;dc_eid=40004000;sz=300x250;u_sd=1;nel=1;dc_adk=1337641711;ord=9s7npk;click0=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591358%26setID%3D428275%26channelID%3D0%26CID%3D578944%26banID%3D520486740%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792431891%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D9827d29ef89101cbf5632651b3cf609a74d29dab%26location%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.captodayonline.com%2F$0;xdt=0;crlt=2f7-oxl6W';sttr=169;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

sffe /

Resource Hash

1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1631273423644667"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38649
x-xss-protection: 0
expires: Tue, 14 Sep 2021 05:03:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210908/r20110914/elements/html/ Frame 02E5 8 KB
3 KB 45ms
19ms Script
text/javascript 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210908/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 02:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Sep 2021 02:39:24 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 02E5 0
60 B 39ms
37ms Ping
image/gif 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv5rAUGwHtvSFV4-E0uJlXUnr3AQ_n55tIH8SHq076UFVAeFXVHyKu1yz_4to-NY1aXQ1pgp_IYKNnSFho51TiIVunvzI1h-xczAs-EWdk-aiVLDJcGe-UOnMqTwN5uTJJ4EhlqwfOno2BTVbyR06ub3GHqeOE&sig=Cg0ArKJSzARjHEZFF8QbEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210908.12191&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.captodayonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 14 Sep 2021 05:03:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 02E5 41 KB
15 KB 32ms
31ms Script
text/javascript 142.250.187.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 21:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Sep 2022 21:29:49 GMT

GET
H2 200 13876-20YAMG510_Day_1_Static_Banner_UnBranded_300x250_Actionable.jpg
s0.2mdn.net/9688069/ Frame 02E5 40 KB
40 KB 64ms
64ms Image
image/jpeg 142.250.178.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9688069/13876-20YAMG510_Day_1_Static_Banner_UnBranded_300x250_Actionable.jpg

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f6.1e100.net

Software

sffe /

Resource Hash

845d70cec4fce583c8d39bc4542be2c290662ee9adae97e813b2185c1d9f96ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 19:16:23 GMT
server: sffe
age: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40877
x-xss-protection: 0
expires: Wed, 15 Sep 2021 05:03:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 995F 125 KB
38 KB 42ms
41ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N8276.3733510CAPTODAY/B25192014.290918712;dc_ver=78.227;sz=160x600;u_sd=1;nel=1;dc_adk=2539680007;ord=1mmg85;click0=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591359%26setID%3D188685%26channelID%3D0%26CID%3D578945%26banID%3D520486741%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792432059%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D3037cc0a6be2ef87ffccf8da447fe69dc04958d9%26location%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.captodayonline.com%2F$0;xdt=0;crlt=2f7-oxl6W';sttr=192;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

sffe /

Resource Hash

1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1631273423644667"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38649
x-xss-protection: 0
expires: Tue, 14 Sep 2021 05:03:13 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/elements/html/ Frame 995F 8 KB
3 KB 26ms
26ms Script
text/javascript 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210909/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 04:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Sep 2021 04:25:53 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 995F 0
60 B 43ms
40ms Ping
image/gif 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsunjQDz_HzedDY_tay5r0I42odNhgeEKn8uCokw49SUkMMDX7PxgMfdVlewxt8FX0HoypaUo7B-pYOYeTZo4y5E6Ycwj27snJ-mpH7zLRWmHbixKqAmFSccwVm_BMb2bIpYx3i1vZloeOUi4Z7-mW8PV20OxVQ&sig=Cg0ArKJSzM_SgOzfziSVEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20210909.55254&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.captodayonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 14 Sep 2021 05:03:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 995F 41 KB
15 KB 31ms
31ms Script
text/javascript 142.250.187.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 21:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Sep 2022 21:29:49 GMT

GET
H2 200 AMG510_Prevalent_Static_UnBranded_USA-510-80278_160x600.jpg
s0.2mdn.net/9688069/ Frame 995F 35 KB
35 KB 68ms
68ms Image
image/jpeg 142.250.178.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9688069/AMG510_Prevalent_Static_UnBranded_USA-510-80278_160x600.jpg

Requested by

Host: www.captodayonline.com
URL: https://www.captodayonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f6.1e100.net

Software

sffe /

Resource Hash

bea465ae790d60c884b43b9ddb5c58c06f57af5fc957968dfc0d9f05bfc12386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 May 2021 15:31:30 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35678
x-xss-protection: 0
expires: Wed, 15 Sep 2021 05:03:13 GMT

GET
H3 200 950-US-0521_300x250px_cap_today_banner_ad.jpg
s0.2mdn.net/9202920/ Frame 6F60 49 KB
49 KB 78ms
52ms Image
image/jpeg 142.250.178.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9202920/950-US-0521_300x250px_cap_today_banner_ad.jpg

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N5192.3733510CAPTODAY/B25421940.310816217;dc_ver=78.227;dc_eid=40004001,44728098;sz=300x250;u_sd=1;nel=1;dc_adk=379953403;ord=lzlvv5;click0=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591615%26setID%3D311039%26channelID%3D0%26CID%3D579301%26banID%3D520487461%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792352395%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3D5904fd7c23eff39fb3816986d56efa027c566266%26location%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=0,https%3A%2F%2Fwww.captodayonline.com%2F$0;xdt=0;crlt=2f7-oxl6W';sttr=80;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f6.1e100.net

Software

sffe /

Resource Hash

8b736dff967d4d1911313359e85186b47b423d7b537178571532939d275f35fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
x-content-type-options: nosniff
last-modified: Fri, 11 Jun 2021 16:30:29 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50131
x-xss-protection: 0
expires: Wed, 15 Sep 2021 05:03:13 GMT

GET
H3 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20210908/r20110914/xfa/ Frame 6F60 10 KB
4 KB 20ms
19ms Script
text/javascript 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210908/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

cafe /

Resource Hash

ba1fed68326b59fa643b85cb10c9c02b8ecb32cead23bdfe9e1ecc4b577f9dd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4298
x-xss-protection: 0
server: cafe
etag: 4833159503524199179
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Sep 2021 16:02:43 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210908/r20110914/elements/html/ Frame 6F60 8 KB
3 KB 18ms
18ms Script
text/javascript 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210908/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 02:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Sep 2021 02:39:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F60 125 KB
38 KB 34ms
33ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

sffe /

Resource Hash

1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1631273423644667"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38649
x-xss-protection: 0
expires: Tue, 14 Sep 2021 05:03:13 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6F60 0
23 B 56ms
30ms Ping
image/gif 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_Iw18hTGu7SioBC5Ao_gHsVtFAYr98lYkpBT2pyAWhueWj76SncLa_soEPgjM4C2QgeMY7MEUt6kVyHYQPVM2D4qBbKvJQakR6bMUyHNP2HtEeQfDV704U0pN7HaSNHzvPuYBOfaw&sig=Cg0ArKJSzJc_tOSUpbbkEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20210908.55962&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 14 Sep 2021 05:03:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6F60 41 KB
15 KB 46ms
19ms Script
text/javascript 142.250.187.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 21:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Sep 2022 21:29:49 GMT

GET
H3 200 Kiestra_TLA_Enhance_CAPToday_300x250.png
s0.2mdn.net/9202920/ Frame E296 75 KB
75 KB 46ms
46ms Image
image/png 142.250.178.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9202920/Kiestra_TLA_Enhance_CAPToday_300x250.png

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N5192.3733510CAPTODAY/B25899775.310383592;dc_ver=78.227;sz=300x250;u_sd=1;nel=1;dc_adk=1633536228;ord=23zq6o;click0=https%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D161097%26plid%3D1591620%26setID%3D387791%26channelID%3D0%26CID%3D579305%26banID%3D520487475%26PID%3D0%26textadID%3D0%26tc%3D1%26mt%3D1631595792430153%26sw%3D1600%26sh%3D1200%26spr%3D1%26hc%3Dc15c7b7c1d343c7b07017404873b6519e8c34292%26location%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.captodayonline.com%2F$0;xdt=0;crlt=2f7-oxl6W';sttr=95;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f6.1e100.net

Software

sffe /

Resource Hash

95c8d368cb663be2b2565076cee4ec34be688f1a0f6ae2fe2829b078d7429fef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 Jun 2021 16:19:09 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76655
x-xss-protection: 0
expires: Wed, 15 Sep 2021 05:03:13 GMT

GET
H3 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20210908/r20110914/xfa/ Frame E296 10 KB
4 KB 18ms
18ms Script
text/javascript 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210908/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

cafe /

Resource Hash

ba1fed68326b59fa643b85cb10c9c02b8ecb32cead23bdfe9e1ecc4b577f9dd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 16:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4298
x-xss-protection: 0
server: cafe
etag: 4833159503524199179
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Sep 2021 16:02:43 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210908/r20110914/elements/html/ Frame E296 8 KB
3 KB 19ms
18ms Script
text/javascript 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210908/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 02:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Sep 2021 02:39:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E296 125 KB
38 KB 36ms
36ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

sffe /

Resource Hash

1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1631273423644667"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38649
x-xss-protection: 0
expires: Tue, 14 Sep 2021 05:03:13 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E296 0
23 B 30ms
30ms Ping
image/gif 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvsNyheDjzDZqfqUHOH05wjSeYx5Vo34l2rUAAJ2fi8fAdyf78FuCgPoE8FzuolGIvEpWHBGdkYrOA_eY3pmBJoSN7zSUCdgDnmNlbOcnosXnvrsuYuIepZ7t_Y-JbO3WbS9_Tdhd5L&sig=Cg0ArKJSzBbAZWc1Vrf4EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20210908.84167&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 14 Sep 2021 05:03:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E296 41 KB
15 KB 19ms
19ms Script
text/javascript 142.250.187.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 21:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Sep 2022 21:29:49 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 02E5 0
23 B 33ms
32ms Ping
image/gif 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.captodayonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 14 Sep 2021 05:03:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 995F 0
23 B 33ms
32ms Ping
image/gif 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.captodayonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 14 Sep 2021 05:03:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ 340 KB
133 KB 24ms
18ms Script
text/javascript 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&hl=en_US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

4e4f76389625a4e86c8328c2d1e01de5e3bb22dfd06edb9873313a6da47e4e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.captodayonline.com/
Origin: https://www.captodayonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 03:37:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135849
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 17:56:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 03:37:32 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame FF94 0
23 B 32ms
32ms Ping
image/gif 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.captodayonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 14 Sep 2021 05:03:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6F60 6 KB
4 KB 66ms
35ms XHR
application/json 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210908/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

cafe /

Resource Hash

91746cb03db652c088c5d48bbf469a0c3513e2ba903c92eaeafe7455657731d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4425
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4F63 22 KB
8 KB 19ms
19ms Document
text/html 142.250.187.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.captodayonline.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 09 Sep 2021 21:29:50 GMT
expires: Fri, 09 Sep 2022 21:29:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 372803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6F60 0
23 B 34ms
34ms Ping
image/gif 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 14 Sep 2021 05:03:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 23F7 22 KB
8 KB 20ms
19ms Document
text/html 142.250.187.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.captodayonline.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 09 Sep 2021 21:29:50 GMT
expires: Fri, 09 Sep 2022 21:29:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 372803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame FF94
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/538813/55572345/skeleton.js?adsafe_url=https%3A%2F%2Fwww.captodayonline.com%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:352ecd36-2b53-3487-e4a8-97fe8416fc2e,c:oa...
https://static.adsafeprotected.com/skeleton.js

17 B
241 B

32ms
32ms

Script
application/javascript

34.241.251.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: www.captodayonline.com
URL: https://www.captodayonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.251.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-251-11.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 15585386
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:13 GMT
x-server-name: app24.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 1EE9 80 KB
21 KB 33ms
33ms Script
application/javascript 34.241.251.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: www.captodayonline.com
URL: https://www.captodayonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.251.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-251-11.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: nginx/1.16.1
age: 1732555
etag: W/"9304f57298c3834ff107ea7ccb547996"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E296 6 KB
4 KB 36ms
35ms XHR
application/json 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210908/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

cafe /

Resource Hash

45bba143a1a971b173e41008376b20a54b78528c03d4e474e3bf8c4ab0f31262

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4467
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5FA2 22 KB
8 KB 19ms
19ms Document
text/html 142.250.187.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.captodayonline.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 09 Sep 2021 21:29:50 GMT
expires: Fri, 09 Sep 2022 21:29:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 372803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E296 0
23 B 31ms
31ms Ping
image/gif 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 14 Sep 2021 05:03:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 354B 22 KB
8 KB 19ms
19ms Document
text/html 142.250.187.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 09 Sep 2021 21:29:50 GMT
expires: Fri, 09 Sep 2022 21:29:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 372803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9C56 22 KB
8 KB 19ms
19ms Document
text/html 142.250.187.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 09 Sep 2021 21:29:50 GMT
expires: Fri, 09 Sep 2022 21:29:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 372803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 18ms
18ms Font
font/woff2 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C300%7COpen+Sans%3A700%2C400%2C400i%7CRoboto%3A700%2C400

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.captodayonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 15:19:49 GMT
x-content-type-options: nosniff
age: 222204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Sep 2022 15:19:49 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 272ms
87ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=538813&asId=352ecd36-2b53-3487-e4a8-97fe8416fc2e&tv=%7Bc:oa6TfP,pingTime:-2,time:739,type:a,im:%7BpBlk:569,sf:0,pom:1,prf:%7BbdA:17,bdZ:202,beA:537,beZ:538,mfA:1067,cmA:1069,inA:1069,inZ:1073,prA:1073,prZ:1081,si:1089,poA:1090,bl:1106,poZ:1106,cmZ:1106,mfZ:1106,loA:1173,loZ:1175,ltA:1275,ltZ:1275%7D%7D,sca:%7Bdfp:%7Bdf:2,sz:300.250,dom:img%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:551%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:739,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:551,wc:0.0.1600.1200,ac:1080.250.300.250,am:i,cc:1080.250.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B204~100%5D,as:%5B204~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:sIXvFCK+11*.538813-55572345%7C111%7C121%7C131%7C14%7C15%7C16%7C17%7C18%7C19,idMap:11*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,slid:%5Bplacement_311039_0_iframe,placement_311039_0,main-content%5D,sinceFw:184,readyFired:true%7D&br=c
Requested by: Host: www.captodayonline.com
URL: https://www.captodayonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Sep 2021 05:03:13 GMT
X-Server-Name: dt35.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js Show response
pagead2.googlesyndication.com/bg/ Frame 4F63 35 KB
13 KB 18ms
18ms Script
text/javascript 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

sffe /

Resource Hash

491bc99f9e57e9159b7d5f4a39760bdf5d14fe7edb4232c1b4fdc911b1414c68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 07:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 250160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Sep 2022 07:33:53 GMT

GET
H3 200 SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js Show response
pagead2.googlesyndication.com/bg/ Frame 23F7 35 KB
13 KB 18ms
18ms Script
text/javascript 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

sffe /

Resource Hash

491bc99f9e57e9159b7d5f4a39760bdf5d14fe7edb4232c1b4fdc911b1414c68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 07:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 250160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Sep 2022 07:33:53 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6F60 17 KB
6 KB 34ms
33ms Script
text/javascript 142.250.187.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210908/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 14 Sep 2021 05:03:13 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E296 17 KB
6 KB 55ms
54ms Script
text/javascript 142.250.187.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210908/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 14 Sep 2021 05:03:13 GMT

GET
H3 200 SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js Show response
pagead2.googlesyndication.com/bg/ Frame 5FA2 35 KB
13 KB 19ms
18ms Script
text/javascript 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

sffe /

Resource Hash

491bc99f9e57e9159b7d5f4a39760bdf5d14fe7edb4232c1b4fdc911b1414c68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 07:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 250160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Sep 2022 07:33:53 GMT

GET
H3 200 SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js Show response
pagead2.googlesyndication.com/bg/ Frame 354B 35 KB
13 KB 24ms
24ms Script
text/javascript 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

sffe /

Resource Hash

491bc99f9e57e9159b7d5f4a39760bdf5d14fe7edb4232c1b4fdc911b1414c68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 07:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 250160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Sep 2022 07:33:53 GMT

GET
H3 200 SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C56 35 KB
13 KB 29ms
29ms Script
text/javascript 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

sffe /

Resource Hash

491bc99f9e57e9159b7d5f4a39760bdf5d14fe7edb4232c1b4fdc911b1414c68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 07:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 250160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Sep 2022 07:33:53 GMT

GET
H2 200 ;MID=161097;type=viewableimpression;placementID=1591346;setID=188685;channelID=0;CID=578919;BID=520486698;TAID=0;place=0;mt=1631595792432712;hc=cc93806dd87d9f47ec8712dd9c89b638a635ca97 Show response
servedbyadbutler.com/adserve/ 0
318 B 14ms
14ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;MID=161097;type=viewableimpression;placementID=1591346;setID=188685;channelID=0;CID=578919;BID=520486698;TAID=0;place=0;mt=1631595792432712;hc=cc93806dd87d9f47ec8712dd9c89b638a635ca97
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.captodayonline.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;MID=161097;type=viewableimpression;placementID=1591558;setID=145718;channelID=0;CID=578952;BID=520486755;TAID=0;place=0;mt=1631595792433720;hc=cb55305fee1357e3aae19b86ea56d64db4ff3535 Show response
servedbyadbutler.com/adserve/ 0
318 B 15ms
15ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;MID=161097;type=viewableimpression;placementID=1591558;setID=145718;channelID=0;CID=578952;BID=520486755;TAID=0;place=0;mt=1631595792433720;hc=cb55305fee1357e3aae19b86ea56d64db4ff3535
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.captodayonline.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;MID=161097;type=viewableimpression;placementID=1591572;setID=311039;channelID=0;CID=579276;BID=520487436;TAID=0;place=0;mt=1631595792414143;hc=2f4774d595cc7bccc9cc54f6723c700f1b52acf1 Show response
servedbyadbutler.com/adserve/ 0
318 B 15ms
15ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;MID=161097;type=viewableimpression;placementID=1591572;setID=311039;channelID=0;CID=579276;BID=520487436;TAID=0;place=0;mt=1631595792414143;hc=2f4774d595cc7bccc9cc54f6723c700f1b52acf1
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.captodayonline.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;MID=161097;type=viewableimpression;placementID=1591604;setID=146005;channelID=0;CID=579290;BID=520487450;TAID=0;place=0;mt=1631595792421497;hc=ddaea84bce674f4025b30766e7c2d7ca4f93360b Show response
servedbyadbutler.com/adserve/ 0
318 B 14ms
14ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;MID=161097;type=viewableimpression;placementID=1591604;setID=146005;channelID=0;CID=579290;BID=520487450;TAID=0;place=0;mt=1631595792421497;hc=ddaea84bce674f4025b30766e7c2d7ca4f93360b
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:13 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.captodayonline.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js Show response
pagead2.googlesyndication.com/bg/ Frame 391C 35 KB
13 KB 19ms
18ms Script
text/javascript 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

sffe /

Resource Hash

491bc99f9e57e9159b7d5f4a39760bdf5d14fe7edb4232c1b4fdc911b1414c68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 07:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 250161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Sep 2022 07:33:53 GMT

GET
H2 200 ;MID=161097;type=viewableimpression;placementID=1591563;setID=428275;channelID=0;CID=578963;BID=520486772;TAID=0;place=0;mt=1631595792433827;hc=34aa56d5651dcce3997c7ed0bb8b7dae11a86673 Show response
servedbyadbutler.com/adserve/ 0
318 B 19ms
19ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;MID=161097;type=viewableimpression;placementID=1591563;setID=428275;channelID=0;CID=578963;BID=520486772;TAID=0;place=0;mt=1631595792433827;hc=34aa56d5651dcce3997c7ed0bb8b7dae11a86673
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:14 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.captodayonline.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js Show response
pagead2.googlesyndication.com/bg/ Frame A59F 35 KB
13 KB 19ms
18ms Script
text/javascript 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

sffe /

Resource Hash

491bc99f9e57e9159b7d5f4a39760bdf5d14fe7edb4232c1b4fdc911b1414c68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 07:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 250161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Sep 2022 07:33:53 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 87ms
87ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=538813&asId=352ecd36-2b53-3487-e4a8-97fe8416fc2e&tv=%7Bc:oa6Tnc,time:1196,type:e,im:%7Bimprf:%7Bttecl:1437,ecd:33,tsecr:175%7D,pLoad:920,pWait:11%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1196,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:551,wc:0.0.1600.1200,ac:1080.250.300.250,am:i,cc:1080.250.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B661~100%5D,as:%5B661~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:420,fm:sIXvFCK+11*.538813-55572345%7C111%7C121%7C131%7C14%7C15%7C16%7C17%7C18%7C19,idMap:11*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Sep 2021 05:03:14 GMT
X-Server-Name: dt35.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 89ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=538813&asId=352ecd36-2b53-3487-e4a8-97fe8416fc2e&tv=%7Bc:oa6TpP,pingTime:-10,time:1359,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTU5IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1631595794316%7C%7C8afbf6b92e0321961aa312df9e48e6e1%7C%7C605f01b1409979f1b4f5151f8eefb28a%7C%7C63a3160add619eb1977d58ff530c95a9%7C%7C2978229e9f446f9a5377b473aae23018%7C%7C0a2fe5b5f6edd10a8c5833cee98f45f2%7C%7Cb196b2c33ddd1c347b7015596fa353ea%7C%7Cca547de16c7e804b551e19ea7f1a64bc%7C%7C1629390669%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Sep 2021 05:03:14 GMT
X-Server-Name: dt35.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FF94 42 B
64 B 36ms
36ms Fetch
image/gif 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkiG7xmy65_w9fTOeAcG3cPCtZ9EI0qX9hUZ8iBfJbzYpFvaZDcR_U5-HhkJ9dNaBfLsIjk3TJyVBrCykzvzE&sig=Cg0ArKJSzCNE1O4pxwiXEAE&id=lidar2&mcvt=1043&p=0,0,250,300&mtos=1043,1043,1043,1043,1043&tos=1043,0,0,0,0&v=20210910&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=32&adk=1703049611&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1631595792422&rpt=926&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 88ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=538813&asId=352ecd36-2b53-3487-e4a8-97fe8416fc2e&tv=%7Bc:oa6Twm,pingTime:1,time:1764,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:551%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1764,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:551,wc:0.0.1600.1200,ac:1080.250.300.250,am:i,cc:1080.250.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1229~100%5D,as:%5B1229~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:204,fm:sIXvFCK+11*.538813-55572345%7C111%7C121%7C131%7C14%7C15%7C16%7C17%7C18%7C19,idMap:11*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Sep 2021 05:03:14 GMT
X-Server-Name: dt35.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 178ms
89ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=538813&asId=352ecd36-2b53-3487-e4a8-97fe8416fc2e&tv=%7Bc:oa6Twn,pingTime:1,time:1765,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:551%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1765,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:551,wc:0.0.1600.1200,ac:1080.250.300.250,am:i,cc:1080.250.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1230~100%5D,as:%5B1230~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:204,fm:sIXvFCK+11*.538813-55572345%7C111%7C121%7C131%7C14%7C15%7C16%7C17%7C18%7C19,idMap:11*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Sep 2021 05:03:14 GMT
X-Server-Name: dt35.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5FA2 0
20 B 30ms
30ms Image
image/gif 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bo6uWEC1AYbH3MpqDlgTk-ZPgCwAAAAA4AeAEAg&bg=!fH-lfzvNAAYT0U73E9E7ACkAdvg8WixxSNlmcNm22gppwAePfwy_GPWpKcxxKrrjdRLnzUHccycDPgIAAAONUgAAACRoAQcKAAKnZZkCrSkAu965rM_HrbcxAqxR1H6s8W7jOvwQzAAQYzVqxpDM3-hhZJ8NzlvzSRdnKCdQQBOpiK-LHt4G0mvM9kD1oYGskESZJXg3k92sXYwmYjxIuShxRBZAlSu4Ynwhiv_EJuBoW4wQ2MVwtRNWeLJkwtSMZ4ibjQPZ9na4mA0gkR4LPelRaMGJcRVwqgBAtWDn6_96sXY014MSqW7_y7PegEfoKlZTbXnlXLLPU2eQXilMCwp0rg0Pmj-GInnaxkpVxB26VLRngxQonKKhCc0R-5njcYQqUCUCj-UJEjlmMbBYemcN0nFVlg6x2BwE84DVkbe422KKq2u66GZEU5cNP3BowKzAJSqJLoL9jupsEBH0p6eCPOftqe5fVvM1gByLLEuhGIx2FrgBwNYK4xDFcthrQhPxKnj9lSafjFYQ7kq5f0GVhCOOQU8gMe5C3ljYs0KpkR23wqAEx9zE1QkwMvjptCv07Miput-0e9F13WRFSE6_95c9EjPLEdtZEfD1BzIZJC3y7I1ggZD90aF895EmBhlMFJy6izNJc7A3ygNHSdjLqZQ56MKF-flkXl4z2UdmyyLYvb6HeAvm4D3ypaRjmwrfmNrQU0Dc75igfaxvGefvEkDaChAHDEppb_qwsThUFiBVUMOUleg9qB49OrrqIcGWMsfRjWjcGnSwBlj2ULvueNlj1SkSSZN-pYAUwz0DOFO7sEW2gRm7FXeqnOKgRwRehIkIu4yxjeRCYgQt7wpoAPbnx9M8RPKhTjbdPS_RHT4n1A-lo5OaS1cXbqnlKGh-2VYXjfGXFL_NSUFCY4dcfwGN6MxgO2V-nmFZtztd3F798G3YgCWEOxVxEw5se2EZo8IpDtPIDZYM4beyMu7N7n65JqItBbvcY4amsSoreqa5xPW-XHaJv2A

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 354B 0
20 B 32ms
32ms Image
image/gif 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQQ77EC1AYbXaKsiEnsEPwKe6WAAAAAA4AeAEAg&bg=!nZ6lntrNAAYT0U73E9E7ACkAdvg8WixUPLAMfqrp5MHUWtH4z-Z6iI5n9SXZoWsA9PRsrQHf1oXaqwIAAAN2UgAAACVoAQcKAK85LjF6JD1mL6uA3Nv-DwE9-eWYdz5i3DZiv8KyF_jstS-dttsBGZLxwIG250a0A7hhveNnisTCwul1qeTCKNKZlczhUNje2OY4cV4fWDLHPJfJDKoalpdOiz4PGGpig1XmLxzhAf4cL3S4LWKR24OzLmYzHbuM9njv8RE9pJSF4gc8TzD0GTDAFcHv53GOt15sQNLsCMhQmDLsM1bvsaWiDc_JkPcXlx5l4cL365_umQKb8iPCQ8gblNZTCHKLiWfN9guHDL0XK8AKHJSQaz36mZx3G_cWfIXqVpmtSyLFI5KQS8leJ-tjj3n0q-9CGbGZhcDXFUvZPDOC_2xrPQRPGZB2yFleaz0XvIayE20DwJx3N59Xc5iE333m7CW1attvDn5GL0eqc0nwhPZrEfX1lckenNODkYWsrG_KweAsTS3ZpPbcRHstaol3AWnaOtIupNWLmrwV8TWHlFvVTc3K78imFy6CQdRn5xmWFPikvGNZO4qO8mW1iJvJicPC0qs94ZeY-5_552-aedKPFoSH3kzz_csC9_b5beYShJQfyUZJQgS7IZuB0PNJPe2S7cgWz0P-PlUYjDz4kYvKe7QHJjnHmedYkZe8_5BgL55D4cxf3mUPa70qCLsxVR9UM5zYR0954lg9dEPYngH_XjRVjEsaXeBYjsFDjFTlrq5vrvFC0NCqHHKFcGtrydNbFHoT9kZl85eGAr-oJrn4tKRGqR9aGK25zEZF3V76nRBaIa91SqiDfVQqppP21U8uttjidmEo7Oesyd8Yha5YNSAmeEiVvnViyi4ZSCFwbf1H5nrgfeKEdX2d350EmHaIEcB8Tb_kqMbSDCIn-C_vpKrujvvXfsabhvzKINqK6gQwyg_wrcR8ykEsEuEL9MsKdfJPWz6Gc0iZUx2SZwoIYFD5-5xuicd41-s_r8pZNxrRx71XhZbE3YU3IHdqUN1NU8ztz6gDosZfLrO_hpv2najN_aF2DE28YxBHGwfiOq7eQdwxIdmMv7FH11pVp0acL5a831DHp9Jki9Eo5Tugmlw2OKKdPmysBD7nr6xGFQRydGQ-Vh3ZGK3wJpXp8Oq6RAMuqFp_diXVK1I9Ak5ANwzi1YrwMejLhGih4dc3FQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C56 0
20 B 31ms
30ms Image
image/gif 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfUJmEC1AYYPcK_DfnsEPkPC7qAsAAAAAOAHgBAI&bg=!KyilKGzNAAYT0U73E9E7ACkAdvg8WoJSCwFPUDfZdjLsZdT2lV_3kTYOMqIg4YJj2efgzO9SpBS45AIAAANpUgAAACNoAQcKAHkIpHPpGIvkyH2dsnMhkN58GTF2aTmLgxo7GY-0Ln3CYGEtHfVuGR6bqbF1403uNwCHW5naZHFXI3Xf5-4yVAGYb-4KiaSwA5kMfg4aKGkRsJJttaoYJ3djBEfEs7dBP6Apv9WwcEBLDRR-OEPc4op1sPaESDgFwlMxmQLdKubNq4QiSobOO6Pkj8n2mI6xNcHdbaRzIWN-cxjw7mUZ8r_8eumQpIFShrGzkv4K6h7l4rmWnq7wDMdu3luYO89hklSP02TbWnwbqL_ss8jOfRTtgPnhVWDU-t25IhQ9vdq2s2u3JtwbAGGWWvPF5zHP-ecUXq6s3MDKSv96sWXrVpnLiGaG7syxd9J_s6WKZWQolc9hxQlH_vFCZ-bvjerUjoONQF-14a1QD0VZluAJRcK_5Bx4l6Bmla0-BK0inChZrYTm8cJXkBMPNc25ISwWOo-E8mgpIh4H6ACGQbnCnOhVkcvMbKiCoJL7zFn5ZuGjr-KpVeJDGlDlL0ZeXsyKZp56v31iK2YqnRbB85c94Aws4C6z1o9VNbCwzPsIgZx-GfOsprocu_EIiOeobt7FMbwxUfcCWhJ75VkkoVaALS2HtGs3LVQvd9sAbeUgVmwVZnY4aighZ3s-21GQrYA6lDuCH9UYtqwYb9tmoQeWRaw-jsHfN6PgevowwzD73u8SfLitOc0_iFUHlfI1OIZdclcpQ_SzHCK4V9LMgEuQFgwPOVth0fDDh3GvHk3bx7eXOFPT9kkw4C57AiXEA5-lIEIkX_aBI8W_Lb15IVvxjVdLlVbMEUdYzCS47-oIVyMbm9msX9tTmtkJlT4KIk6Dxreis5hKV4kjXQStGygDvZUrT_7rDagMVCwKu3feUwKylz04h4z4m-759SE9lcUJgxalv3fnmryffQ28aDp0NeW0V0DSYfqcwJGnX9RExCfM8NaH6xBJP7PRPmRBA7wx5T9MZDpDrYJ7Rt-HKjEy8l8sRF_mAsoLNs4gjLwQahbI3SfE1ixYpQlrRv1SFn5YQY7EHNUAlgsjEiIfyoAKfsRR6W2Vr74z0gqXb2y6AEXUBCOJFn9I9shp6HAhSoUQkk4X9qjF-HhsjTi_SzZcRhASDN04exYViLjG8C6PUZQEpeOb1YImoohN8g

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F63 0
20 B 32ms
31ms Image
image/gif 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHk5jEC1AYerzKt6D2fcPnLOyqAUAAAAAOAHgBAI&bg=!GhmlGV3NAAYT0U73E9E7ACkAdvg8WqSGX-0c0ZoPeG8QTeQ1-XgpsJlb2yrD5VS3WVNkthJCf6biWgIAAAPkUgAAACFoAQcKANKlu1Q-HBerT4-rXIGbHmVeuMI7vJ_7VQ8hW3jbisVtcccr-UssPAkgiA733Cb6taDT0OuZgUq7pMp1f52oAeOgLCwaqoe7pfzqcEYNgUbD59judMw3ii5_NXUgGENF902P21oSdtNuyChFoD5runtfRsurSPUmhB3pyFegEA-CcFiWRKYvhMobUryPqow8Mzw9H9x0AzLw84Q4OC-Ek22hXv2Va8tgvG7Hbwd_3DvHmgcqWQQ1GJIe1p5oFCeWAILHNg4SMTndd1yToBk9ASeshyiZArDVXIFpY9Wa11MA74yC2B3ObIuVWBEyAuqxM8g1C_vcJYwi5UwLUbQQoMtgxEXU9w-d-6pc64GjGoghM9IcRxC7fBp4iW-qvI6zJa_zzsz8w-xzT4H_kfmUcupeSkb4i_7YtLQOLj55op5JWqUSgArmjc3q93fjgjazpGh0I-3td6fJSgln0myOcGGjlwYupJea9uVmf6hz0mXXayVauwGNGsE-j09OL74TPaUmt_ggkxBScLEbwiyNyj2mTZ_dX6tMfxqSILzXcZwuQuqzmun3jl-c-PMTrtkYds7s8-5zLDAsKLTPDGmfEk6lgUMlO8wN3JEaETisw2QtKAz0SdSs5xF1zaRHHd0wc2sRGm9223JJZLOZowWovSRxQXKBJ9XmQrmX_zQrSryWSyZKSwD1RE0R2yZl5ifxtcOZQIzIsA34zilj8pJEB8tdK3bHniVk1qvgtSRRIUYERyX6wd5PWKb-LC4FqEZiYjgpMmjKH-11RSapOUoIBoROh-__zBkfcBksQOjtz30BKuhTv43Z1Zq5n985hPqw29Or9SX7r4ryEYGGjGb5DjMobsC0lC2Qdn0nfH8PRbFy67XwHmgovq0dqKtyC1fGmGnBqMc4yZDwBcp1bCePiebFxULh6oDwXPFXYT2KgRJ3qK0d2suVtjsrECzrcPi2Hh_A34FhNfrub6UOloT3N0hX_umfVfrE5aO1XmY3ZaJFiabq0rkh4-3njFu1zw7UeUp0BYcO7DIAEylTdSUKjL9L13kqPtgTBxEMewWUMyzBViL9lKkKhVKwQ2Rf1QdHpA0FLaam_U-BonFmmURJ9wJ86clmXkbJ_vBVhrF2BwqrdZ-iW4ktIuVfAQr2HGVpV3m3W2yhslkbJIwKeACVC1Sz2wyMYFQB1ua_-3N_S0SuO_hJ-OC7

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 23F7 0
20 B 30ms
30ms Image
image/gif 142.250.200.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeGWQEC1AYbfSMovPnsEPwrOmoAMAAAAAOAHgBAI&bg=!1dal1pLNAAYT0U73E9E7ACkAdvg8WnsbFlKyY6tMUuCoLXUJ_nHc_VNxums2C6EneVrmTrIx7XL7WgIAAAPAUgAAACNoAQcKAPWBspgH483awHkO_gNY-AqJsNbLGPr5fjurc4pXngblYBrW4r3IPt1JhwjyfnsrdGljkvdXmBdXddUcjI4fG7Ezu1KPJ7LY5_jsXw3DKiH2PS5ZWyGVhZddOmdAnosMU3jUNaRLQ7mH4KZfS0L8UQ_0fwPUaaS9TcUxjKzuEPLeYJ35JRvdRCbAPjNLzD_hmJ9J7kOwzgqmYQ5AHqwcbtETdXwoYd8Wu0WgUsYXUDCM6H_oawck4yC4TOy7wjqDTzG7ZsnCnhg14gzZw7738ZG2fe70nb2wY38WBhhB3idk4LAikf78TTnEVYClskQfUStVqBHPd5kCoNN6uq74D--HHe0gDeK2_rq0D9PpLzXWpT5cqPE8JkEf0RPe6XJREhtZoP5ILnGu3cLRHVPiRTFOhPlaKulO3SewaC3n6wUHw2M-DgqRoTk7xB_NMDYM0OjPWlVhYxdg3K73234m203aW8iH4I66DuHYdUXIvGeEJnBxuMSPs6ZH_bG4yKky40kASFs5s0JhUiU66bv3xpiHpulazgIcPHtmo65GMpmM18fXxhQYP90XaQa_Y05TOM5B6DhfA7wh9K_MvuTfm9MlIxaT02A8YrgBdvdDPnKaqozu9TKYHj_IbB15Sce1NfumkpetNibDSRyh-OdDB-IrpR57FcxQ519xn7NGeReG18bb1dX5HO8gjFAnxHhsWpFp-OP4P8I8HveXGYt-Zp2vLhVVnFf5hgN4pdF5OCoUVQ-UhZtC-tcHQzqoqz7nrPrGuM_THZqt-KT579q4d_lSJg3e11ojkUO5ljPkZS9L30dHmvFh54BeRTuG6D7hI7qm5SDSfZT92lDT8TRB0fN4Uji9GVDG7LpNTUH_3Pe1JxnlLHjYriaiDPh2NRoisBV9_MSPsI1vel1b5ID99Wsd6ZcIcpNQC8Cgjvu4tv6Qs2f1R3T99Ky5sng1UAs6EDfkiuaYAfJkkwbD6RN5kyN0Ee9YXti8kjTY9rQ1gkgFnl_nd2EjuMXrThw_mA_sxKnuJn4lRi1Cta0UB2SsVEyJ_x9wPusaZKromm-x5ZtuUMJJhtUX42onDwpVwD6uq6KFqECslOdggLREkh2Jkf9uv7c0i3AYIPtnNsvCKzLO1QA2Wp2Oe0V75_kvlXY82unC7E0ziL98y1K11N3U2DmXgbQ41lvAlkD2vnJTYdXIX-JfINYo7sauRmw_NhGmV2nD1PI2FAVDbw

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 05:03:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 91ms
90ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=538813&asId=352ecd36-2b53-3487-e4a8-97fe8416fc2e&tv=%7Bc:oa6UxX,pingTime:5,time:5707,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:551%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:5707,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:551,wc:0.0.1600.1200,ac:1080.250.300.250,am:i,cc:1080.250.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5172~100%5D,as:%5B5172~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:215,fm:sIXvFCK+11*.538813-55572345%7C111%7C121%7C131%7C14%7C15%7C16%7C17%7C18%7C19,idMap:11*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Sep 2021 05:03:18 GMT
X-Server-Name: dt35.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 87ms
87ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=538813&asId=352ecd36-2b53-3487-e4a8-97fe8416fc2e&tv=%7Bc:oa6UxY,pingTime:5,time:5708,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:551%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:5708,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:551,wc:0.0.1600.1200,ac:1080.250.300.250,am:i,cc:1080.250.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5173~100%5D,as:%5B5173~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:215,fm:sIXvFCK+11*.538813-55572345%7C111%7C121%7C131%7C14%7C15%7C16%7C17%7C18%7C19,idMap:11*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.captodayonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Sep 2021 05:03:18 GMT
X-Server-Name: dt52.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.captodayonline.com/wordpress/wp-content/plugins/newscodes-news-magazine-and-blog-elements/lib/css	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/data-tables-generator-by-supsystic/app/assets/js	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/newscodes-news-magazine-and-blog-elements/lib/js	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/related-posts-by-taxonomy/includes/assets/css	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/eventon-event-slider/assets/css	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/eventon-event-slider/assets/js	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/content-randomizer/assets/css	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/hustle/assets/hustle-ui/fonts	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/content-randomizer/assets/js	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/vertical-scroll-recent-post	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/hustle/assets/hustle-ui/css	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/eventon-event-lists/assets	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/wp-advertize-it/javascript	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/wp-site-mapping/javascript	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/hustle/assets/hustle-ui/js	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/ultimate-posts-widget/css	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/themes/jarida/images/patterns	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/eventON/assets/fonts	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/wp-compear/public/js	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/scroll-post-excerpt	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/wp-site-mapping/css	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/eventON/assets/css	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/eventON/assets/js	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/hustle/assets/js	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-includes/css/dist/block-library	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/formidable/css	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/themes/jarida-child/js	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/pdf-print/css	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/themes/jarida/images	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/themes/jarida-child	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/themes/jarida/fonts	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/plugins/add-to-any	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/themes/jarida/js	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/uploads/2021/08	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
captodayonline.com/wordpress/wp-content/uploads/2019/02	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/uploads/2021/07	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/uploads/2021/04	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/uploads/2020/01	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/uploads/2019/12	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/uploads/2019/09	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-content/themes/jarida	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-includes/js/jquery/ui	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-includes/js/jquery	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/wordpress/wp-includes/js	1969-12-31 23:59:59	Name: _nx-nocache Value: 1
www.captodayonline.com/	1970-01-19 21:13:16	Name: _nx-nocache Value: 1
.servedbyadbutler.com/	1970-01-20 05:58:51	Name: adbutler_376181 Value: 520487444%5E376181%5E579284%5Ehttps%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackclk%2FN7437.830836CAPTODAYONLINE.COM%2FB25121492.299816954%3Bdc_trk_aid%3D493308581%3Bdc_trk_cid%3D150028609%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bgdpr%3D%24%7BGDPR%7D%3Bgdpr_consent%3D%24%7BGDPR_CONSENT_755%7D%3Bltd%3D%3Fhttps%3A%2F%2Fwww.pik3ca-testing.com%2F%3FMDMID%3D%24INS2%24%26utm_source%3DCAP%2520Today%26utm_medium%3Ddisplay%26utm_campaign%3Dpiqh_hcp_disp_brd_onc_2021%26utm_content%3DPIQH_BRD_FMI-STATIC_STANDARD_PIQ-1238065_STATIC_300X250%26omap_code%3DPIQ-1238065%26product%3DDigital%2520eTOC%26site%3DPIQRABC%253A%253Ab%253A%253A2021042148624%5E1591579%5E1631595792326221%5E00bdc8b618b7911dedd340b2883ba873b3ed2ba5
.captodayonline.com/	1970-01-20 14:44:27	Name: _ga Value: GA1.2.365076421.1631595793
.captodayonline.com/	1970-01-19 21:14:42	Name: _gid Value: GA1.2.794065427.1631595793
.captodayonline.com/	1970-01-19 21:13:15	Name: _gat_UA-17445858-1 Value: 1
.broadstreetads.com/	1970-01-19 21:14:42	Name: streetsign1 Value: xgfjgm0kfk000000000000000000000000000000000000000000000000000000
.doubleclick.net/	1970-01-20 14:44:27	Name: IDE Value: AHWqTUmUqxBiLB8OdbSSwRJPjTUvbYj6NhVz9St_L86ckUF0T51AmwpjiRN2P3wW1H8
www.captodayonline.com/	1970-01-19 21:56:27	Name: hustle_module_show_count-slidein-8 Value: 1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.captodayonline.com/(Line 2099) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://servedbyadbutler.com/adserve/;ID=161097;size=300x250;setID=311039;type=js;sw=1600;sh=1200;spr=1;kw=;pid=3588639;place=1;rnd=3588639;click=CLICK_MACRO_PLACEHOLDER, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.captodayonline.com/(Line 2099) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://servedbyadbutler.com/adserve/;ID=161097;size=300x250;setID=311039;type=js;sw=1600;sh=1200;spr=1;kw=;pid=3588639;place=1;rnd=3588639;click=CLICK_MACRO_PLACEHOLDER, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.captodayonline.com/(Line 2470) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://servedbyadbutler.com/adserve/;ID=161097;size=300x250;setID=311039;type=js;sw=1600;sh=1200;spr=1;kw=;pid=3588639;place=2;rnd=3588639;click=CLICK_MACRO_PLACEHOLDER, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.captodayonline.com/(Line 2470) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://servedbyadbutler.com/adserve/;ID=161097;size=300x250;setID=311039;type=js;sw=1600;sh=1200;spr=1;kw=;pid=3588639;place=2;rnd=3588639;click=CLICK_MACRO_PLACEHOLDER, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://servedbyadbutler.com/adserve/;ID=161097;size=300x250;setID=311039;type=js;sw=1600;sh=1200;spr=1;kw=;pid=3588639;place=2;rnd=3588639;click=CLICK_MACRO_PLACEHOLDER(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/dcmads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://servedbyadbutler.com/adserve/;ID=161097;size=300x250;setID=311039;type=js;sw=1600;sh=1200;spr=1;kw=;pid=3588639;place=2;rnd=3588639;click=CLICK_MACRO_PLACEHOLDER(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/dcmads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/dcm/dcmads.js(Line 13) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v78.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/dcm/dcmads.js(Line 13) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v78.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.broadstreetads.com
ad.doubleclick.net
captodayonline.com
cdn.broadstreetads.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
pixel.adsafeprotected.com
s0.2mdn.net
servedbyadbutler.com
static.addtoany.com
static.adsafeprotected.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.captodayonline.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.244.36.20
104.26.8.198
116.202.46.88
142.250.178.10
142.250.178.2
142.250.178.3
142.250.178.6
142.250.178.8
142.250.179.226
142.250.187.193
142.250.187.238
142.250.200.34
172.217.169.70
172.67.39.148
192.124.249.164
216.58.212.228
34.241.251.11
52.48.134.198
54.235.81.255
64.233.167.156
00e858cc0eaa084c8ba5cfbec2a8132c32539f7906833bc27e1e791986d52a71
018a1483a50eeca87137a42262b23115c001693573fb579d32859478a009d4d0
021509972df8c3147873411dba47e5e19ace133537a1d1872c1d0ea1d36064a3
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0316b72f495eccd250501fdb25c8f9253f9ccd364e70d64e092ee5580c7ffa0e
0583be2dbbb5950d9e45270fcba7432c9297977c97e13359d205497871892258
0591da51145b56284a068a6857f03cc383af4205ad1ab4a0e42f453fc270e3c6
07000140ab52c28ef2a522fae638638b2783786e8e2ae8cb883cc1f0a0c00df0
0969d06336bfabbe2ce45a111e772ee05034d5765676a38fffc5f49ca714fede
0b6cec745f5a40eb153f0706b709df292d27ddc40cef71204585a8f400306124
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0dec9aeb51462b308a63c0764200387b953392d7012b91c096b2ca88ddb59ba0
1015adc72eed80e54069a85f93be4c1732eca42801fde66d2c89928f34b52cd7
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12e211aa8bea66a35dbd298b48405ce8ef87d4ca20f3c3e82557da2e582420a8
16534145c570e8757046ab7f239531e4a9c80a4204fd3b696d99f1bf4f843b8f
1a8cecac7e7afca5c1958b10903a42e954688050a68ae0afc3f8bd11e32a5cc2
1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c
1ef2b677c98682220dd7199f746b13def5e61601a6842a28326b96970bcd9797
1fe530b67564cbcee821fe58c5809d6407b1d3fff2e24931357e3c30e04658bb
21c10a935359bb31ab899606780958e605406a3ddcd1fcfe6c4a7662d6ce8b4f
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
24dfc62f3e0b7216633ff376a39eef03443b6a834f0a0ea02be34f9e20cf9d14
259eb78b308e33c67162994708164c97f80b8fc17b9b011bd8a452ef8e180326
26be1cb3b1d6b918b1aea1381e92f097478c9f841a9b84c77ad2e70adb914156
282165eed082eba7502a1fd01bdc47a65bc4053ee5fc8496b9e3aa62b25e77a3
2c27fa37d6359445c1944dd8ab39dcff31738c8bdb77e421ea4f4609e8d9e1ba
2d6f950cc3d54e70ea3e0c6582e5c870e66eaf5c6d252ad734a59b5bc8019848
2e599dfaffe056d6e6f7f19cd3e1d47169ac4468bd9fb2f9f4033940f7fc7584
2f7278cc9f52fbafcb479c7c60c14d119a396c6b2b2c0a968f637a1562f69efa
32c08e1eb8a5b0469f36408aff182967571b49017470c32152e9a44023785270
330b4e91e534bfe47e58e1c43b91804e2628f43c16c4f8c3c774e1e77e76ecc4
33b53209b217e090865c03d72ade86ad00aa749167eb3f0af970f09f1127178a
34adbebfe1cac62723b338516b5eb6bdeceaedc6aafa134d6a2e4cee323f48c4
36e5beaa00abc016e80155d4a55ebb392d2b04008f96ee58a934ed13c96a663c
375d92799a5a5daa6c82ad4147dcfd4ddecff277151cf6fef22c69c258cffb14
3889ed2f335131213a72755064450719b184dc3e86c2bab322376e3903ed77de
39a5910e2e0b47c42db14375b624670912974b57ffcbcb576233eb871046cbd4
3b2994ec6cd1c326c20a981912b23a05f5b1ddd55f3fccabf419e1ee70ee6a56
3cc7850691b15a01ee0617bf84b553e5b556590fab8bcc00cf46d16c813a792c
3cd555e7d1c24b053f112a2c2b7e8259144242ae5d34e101945923601c05f7f3
3ef5913113b240959b1292831e033ef340d85732471b01b7a4b44ee2815de125
3f37f005a33d5e0d970cd19f23cbdf1445847f2e00507c166f9183aa0ba079c0
44850806d9e7307561024be4c3cf523e662393d1451372ef0f61ca511dcbf176
45bba143a1a971b173e41008376b20a54b78528c03d4e474e3bf8c4ab0f31262
491bc99f9e57e9159b7d5f4a39760bdf5d14fe7edb4232c1b4fdc911b1414c68
4994d259cb63949761b1067f41ce1e6da1e747ae15cda411bf2133aa8b6c0f04
4cccc3d4fe1b7cd4f3ed2c066b67bf08eb37dca00ef9888edc499a78d126b531
4e4f76389625a4e86c8328c2d1e01de5e3bb22dfd06edb9873313a6da47e4e14
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
51cf2fa21350e2eb8f339130360aadb6cebee12c0f192e8948ec393f313c5c76
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
54dad513902bf20eb6a19099646812c86f24cde7351c462dfc7e827d1a985d1f
56a7634e780a81c7a2a3d32ae6aafd6dca96d49191f40e604e481d7f49296765
575222ea10db811ac8e4ffceb957f05d4bef4f243114cf3f3d170cf8fea740ea
5a02d683fb9fff7fbe1eb5abe1dc664e412fbf4c28b3d34aa7a9de4e8ce260cb
5a81e2b778cad9e615675547cb003fd8f04d1eea3910fe6f2fb5ff99cc58a406
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d1576bd25ac7eaf4376031bf1b0e24c07cc59838d687c1b1b36432711909730
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61c293880924875a5b1170d9908d4c03bdb9cf6b37be3feebb0b585bb3989a7b
625e47e7780fa457ab11354af29bf45a4b51b38fcf3d89821b1cdbb85e48b99a
62ae6d51bfae8054a6624754a1ee12f81e5f9a88165d5547ea2ae3995e85096e
62c777d18b2971d7ee055ed932ff45ece7ea2dbf654791891c8f9103dd85afc0
650d721f07cb4a6d23313e4fb253a58ae16dbdd91e85692c1610cded90136e8e
697e247c48b06b85ed0b993d6498c7b80c728474c204a1efde10043f280ef064
6c76479768857b5db034bf4673213a475a39fa49b80aa09b21d024291dac1253
6ec59ec27cd440112396e5f8ac359dbbaf7937000f255919f9c36b5f74b6e3fa
715d95401a0252ab3f290b8d318f8f6bfd0bf1163f025767fa065200c5e6f883
723e2214e2572b9e2da79bd199d50405e3e7401593815beeb795d0f2a13c650a
7575915a6afe615c5aea0544fab19317be2288ea44f9970d1fcb53d5d2b18242
77775b5de518e431e04e0a56aebae975ae0167de08872b44fa583cca39bee32f
781e1f1e4fb0b65f39b7ae8379a55490947bbd51238b8c139bf84ddc52cdd48b
7a49e11fdf8c5ee9345cd15bde5c1f3c4da39eec375ea478d7e108c7fc4790b4
7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477
7d015cce3de9dbf5673f465f85e64c90397c339d2f66807adb4384dab78b8c13
83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91
845d70cec4fce583c8d39bc4542be2c290662ee9adae97e813b2185c1d9f96ec
87972a42b2d2689e00e0a40269ed9234ed4ec0b5cf5809b9b5a40230521cf919
8873d132587d9fbf2dd4cf2b04d44360c3b42837d233ecf2f94ed864d2c7eb5d
8a682316d9be7e6c5dc89edfde8caf97e5c2c73b0c850e56168d9b701a5c5061
8b736dff967d4d1911313359e85186b47b423d7b537178571532939d275f35fa
8eefcdc9ec63a3773147d5fb0da8f264dcc4e83b9a548bff79026f65e8531a58
8f911e0500254a927e11983e0e7ca8c00c485b690f88a87ab34dac4298fbaa00
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
91746cb03db652c088c5d48bbf469a0c3513e2ba903c92eaeafe7455657731d6
935692b608b2c063bdea285ca554ea0f958dd9c5373d23d23ffd278696af3ec1
95c8d368cb663be2b2565076cee4ec34be688f1a0f6ae2fe2829b078d7429fef
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
972cfbf0fdd02ce498950b46ae07216c8b01f816cf0f2d85f6a10834a1e910c5
9797a260bdebad827419ad4a661f7dd858a44b93e843824647c379418aefd4ff
9996e9c20b7219a52932611de860e635febf5e3cd1c658adc4dcb1afda122a8f
9c260edc399b3f8551e1419aac342fcc11f55c760437bb704658fec413f9ce7f
9c89d2f3c5d48ce25f02d8fb6453de9a40cf698848decb115d541b08939ceee6
9ca49341a110c6c9ceb0761fcf6e58f9792f25a758ae991c821b508b55963186
9fd95260ee110232e2e143adfb5c5f0df7ffee9d2513288ff4102d9e401c663c
a0137b3e5208b9dbcb910442df7c1a3456513aa88be876bef5f3dfefb5a28b25
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a50ff2590b2c85da1f9a07c7eb91408df549dd48d652ac75ef0c0d283ef70b3d
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
aa2c6064cbd3eaa020fdab73b13c04cd9d9c30fdcac8f773a441f403855f8727
ac110d6a3657450816bd39550313cd79995496cf9cd7b3d1d202f8df441bee21
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b50f2423e1261647720a7a2490804f15546cd8e00fd53931da27b9a826af0f
b56a9a33293d6a118550f104a4fdb44731fe751879d29822ad81c9bccb1d1ab0
b5f270fe61c68a3eaedb1931d219d13327fa1412a1c73d6bdf818ffac2e3a19e
b7f6c365b5a0d02f02c11abbad2c387e020e57bc2d40539c13c62c8d85b91b2f
b9aaf1a696437a66958ec63b814088f9acbbf0ac1581f187203c5fca1030172f
ba1fed68326b59fa643b85cb10c9c02b8ecb32cead23bdfe9e1ecc4b577f9dd7
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bea465ae790d60c884b43b9ddb5c58c06f57af5fc957968dfc0d9f05bfc12386
c1bf8db6f3c310c9cc93ade9846782a1b25866501b14cfb187776eaad23fe3a3
c34906f621bed08d975d42900c107ad05e7633d06ecb202739f5a9a99af910f1
c3a00a75c23be07932691585848331a4835a9d3757ae14b562d5858978e44d80
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c8104390115f92b27003b1e4e503ef59343ccfef4ac19751093544e8cfaeae26
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c8ccfa5c23b7fb8848ee26de498408961555235ec2c49e15e65a9bba6692d89f
cf833e5c78cd390e236192f2fb887cd9608fb8700c2b3465c4d26a85491ba7bf
d0d1374a6a21a9a52db9eb9178bd37d3ff04be6eee1fd62125d83cfd538024d2
d0f54d1ee1881fcbd96963d778a6eb43daf76ed9d8a2d3dde8d64a83a8a02bbd
d0fca88fcf134d331b92bc2399862901c84cb41038154cc2d96a37fe98de2afe
d667eb81ed1272cb8be644bb1277bd4a3b2a38adf5a134e68ada86c5414220f6
dc8da374c97584d47b3b29ac809c6cf10c70cfc491dfb1f064963b0fccc1be29
dd05316535bb07e27cd7e71d5c22743839484eab193b92df3247f7d34c7ef8af
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e030af062a5c9278acc7efd5698a7013aae82d0ffd028b6f711d0650f98e9771
e280ffa93f9b891fa6b5c413515c80f10bca1f3017b78d796f095d120b2b023b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d05a26f31df5727671b3e54fa6215fc02b0c8dc00ae4579f3b98e1b681c92d
e3d731b708a91daea9e5d037fc038c4703bec22de421e825d12e0cdb189de0a3
e3f854c479a4e52dc4f085cd8c82764b5d925254c2af905490e6f1cf7e41049b
e492a0db4e7692708460131803092a560f4760364f9a17ad561f241cbc41bad0
e67155dc4d29a7b3e80105728a979986583e7b46c18bc9b178e91b9fb170cf21
e68b5dff23d173599878ccfd05892f57a52ea1330cf5f32e4645df7b718bba10
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16b0eba165116b42a55bcda7142f1a5d541cf32e188d3e28f61faefa4bc00f9
f183478cc8cdab31b2153c9dccd9cc5cae51f70cbc1e31188d251b444a01b41a
f66257ab22784df391afb687663d08dd4e33bf0c17fa871287a57e8f9d1caa80
f85fb393b0934a0f339cb2b0c253c86e4f6c0eca7040263c41a834833846bd17
f89307b17472793b30b3fb736c887960743145d282b8d8e6bcd71316d63a0cb7
f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
f97ff350e92182eba6948dbdc8b0894d7286b165cb1cfb9869d052076779e29f
fc0c4b5b6d914f3705023bd3213e4589cd9e88ee7c3bb68b111240f9e608d1f3
fcaa3cd0858ccbfaf79e65f34addc2d0353d4f98486e96d576765635a9224cf3
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fee9fb12b42ae8318557e4c74bb10631f593e502182e1de8e37de1fea871b5ad

www.captodayonline.com Open in urlscan Pro 192.124.249.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

253 Requests

100 %HTTPS

0 %IPv6

14 Domains

22 Subdomains

21 IPs

3 Countries

2980 kBTransfer

7361 kBSize

52 Cookies

15 Outgoing links

Page URL History

Redirected requests

253 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.captodayonline.com Open in urlscan Pro
192.124.249.164 Public Scan

Screenshot
Live screenshot

Full Image

253
Requests

100 %
HTTPS

0 %
IPv6

14
Domains

22
Subdomains

21
IPs

3
Countries

2980 kB
Transfer

7361 kB
Size

52
Cookies

253 HTTP transactions
1 data transactions