offer.thomaskralow.com Open in urlscan Pro
185.215.4.12  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

• https://10316416.fls.doubleclick.net/activityi;src=10316416;type=invmedia;cat=pagev0;ord=5916196838598;npa=0;auiddc=68238120.1715546710;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4580z8831489522za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005 HTTP 302
• https://10316416.fls.doubleclick.net/activityi;dc_pre=CKnEgsL9iIYDFUFkHgId3vELMw;src=10316416;type=invmedia;cat=pagev0;ord=5916196838598;npa=0;auiddc=68238120.1715546710;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4580z8831489522za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005

Request Chain 100

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/628592560/?random=1732601150&cv=11&fst=1715546710045&bg=ffffff&guid=ON&async=1&gtm=45be4580v872330058z8831489522za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&label=LmT6CMr-l9IBELCf3qsC&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&value=0&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAg&eitems=ChEI8NGBsgYQraXi1bHC-auaARIdACxneDybNFWXiw7mYkf-i566jGhL1Of2lmCAb0s&pscrd=IhMIhvOCwv2IhgMV0l4dCR3aageyMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6H2h0dHBzOi8vb2ZmZXIudGhvbWFza3JhbG93LmNvbS8 HTTP 302
• https://www.google.com/pagead/1p-conversion/628592560/?random=1732601150&cv=11&fst=1715546710045&bg=ffffff&guid=ON&async=1&gtm=45be4580v872330058z8831489522za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&label=LmT6CMr-l9IBELCf3qsC&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&value=0&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIhvOCwv2IhgMV0l4dCR3aageyMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6H2h0dHBzOi8vb2ZmZXIudGhvbWFza3JhbG93LmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqsfmlMKcWMsSvGCBIlWIKr4xkYQRBKmSaQtqwVd6Yr0QAkcxE&eitems=ChEI8NGBsgYQraXi1bHC-auaARIdACxneDwod80cetofNpNNeh-ZpF2uHhQSrWCjPis&random=1709184065 HTTP 302
• https://www.google.ch/pagead/1p-conversion/628592560/?random=1732601150&cv=11&fst=1715546710045&bg=ffffff&guid=ON&async=1&gtm=45be4580v872330058z8831489522za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&label=LmT6CMr-l9IBELCf3qsC&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&value=0&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIhvOCwv2IhgMV0l4dCR3aageyMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6H2h0dHBzOi8vb2ZmZXIudGhvbWFza3JhbG93LmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqsfmlMKcWMsSvGCBIlWIKr4xkYQRBKmSaQtqwVd6Yr0QAkcxE&eitems=ChEI8NGBsgYQraXi1bHC-auaARIdACxneDwod80cetofNpNNeh-ZpF2uHhQSrWCjPis&random=1709184065&ipr=y

Request Chain 101

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/628570139/?random=1757761771&cv=11&fst=1715546710081&bg=ffffff&guid=ON&async=1&gtm=45be4580z8831489522za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&label=fi0eCNTvhdIBEJvw3KsC&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&value=0&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&eitems=ChEI8NGBsgYQraXi1bHC-auaARIdACxneDxDOfO_nJVe8HW39LyFEE51OqEuhUAkxOM&pscrd=IhMIt--Cwv2IhgMVuEcdCR3L0Q18MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6H2h0dHBzOi8vb2ZmZXIudGhvbWFza3JhbG93LmNvbS8 HTTP 302
• https://www.google.com/pagead/1p-conversion/628570139/?random=1757761771&cv=11&fst=1715546710081&bg=ffffff&guid=ON&async=1&gtm=45be4580z8831489522za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&label=fi0eCNTvhdIBEJvw3KsC&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&value=0&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIt--Cwv2IhgMVuEcdCR3L0Q18MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6H2h0dHBzOi8vb2ZmZXIudGhvbWFza3JhbG93LmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqYg9Cm1sLCCax3P0wDJVmlLXQSC2_zq-qiLDqaO38nCoQmH0o&eitems=ChEI8NGBsgYQraXi1bHC-auaARIdACxneDyEP3N93KVGHsvG_VzvlkGlsQmIBjqs0bY&random=1056435849 HTTP 302
• https://www.google.ch/pagead/1p-conversion/628570139/?random=1757761771&cv=11&fst=1715546710081&bg=ffffff&guid=ON&async=1&gtm=45be4580z8831489522za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&label=fi0eCNTvhdIBEJvw3KsC&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&value=0&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIt--Cwv2IhgMVuEcdCR3L0Q18MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6H2h0dHBzOi8vb2ZmZXIudGhvbWFza3JhbG93LmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqYg9Cm1sLCCax3P0wDJVmlLXQSC2_zq-qiLDqaO38nCoQmH0o&eitems=ChEI8NGBsgYQraXi1bHC-auaARIdACxneDyEP3N93KVGHsvG_VzvlkGlsQmIBjqs0bY&random=1056435849&ipr=y

Request Chain 132

• https://c.clarity.ms/c.gif HTTP 302
• https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7BB54F49AA8A48AC96A3B3311E376E72&RedC=c.clarity.ms&MXFR=2BE50EE9DA8F61B01A071A94DE8F6F87 HTTP 302
• https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7BB54F49AA8A48AC96A3B3311E376E72&MUID=376C29776164692F0E723D0A601468D5

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request challenge Show response offer.thomaskralow.com/	151 KB 19 KB	296ms 71ms	Document text/html	185.215.4.12 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.215.4.12 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS Software ddos-guard / Resource Hash d6fec427bbfce871e1cbea4c98554ac3116a7d6d92f4d56111801b405dfdad14 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes cache-control max-age=0 public content-encoding gzip content-length 19575 content-type text/html; charset=UTF-8 date Sun, 12 May 2024 20:45:09 GMT etag "25d6b-6180c19ceb0e1-gzip" last-modified Thu, 09 May 2024 21:28:31 GMT server ddos-guard vary Accept-Encoding x-frame-options SAMEORIGIN x-host offer.thomaskralow.com
GET H2	200	tilda-fallback-1.0.min.js Show response neo.tildacdn.com/js/	2 KB 1 KB	220ms 50ms	Script application/javascript	5.181.161.181 TILDA-IE-1
General Check archive.org Show headers Download Go to Full URL https://neo.tildacdn.com/js/tilda-fallback-1.0.min.js Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.181.161.181 Ashburn, United States, ASN205282 (TILDA-IE-1, IE), Reverse DNS 181-161.addr.tildacdn.net Software / Resource Hash cdf65e26b905a653bce60df182886b032b606940391badb1e3a655f434ca446c Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:09 GMT content-encoding gzip last-modified Fri, 05 Apr 2024 12:08:26 GMT etag W/"660fe9ba-77e" access-control-allow-methods GET content-type application/javascript access-control-allow-origin * x-tilda-server 4
GET H2	200	tilda-grid-3.0.min.css static.tildacdn.net/css/	4 KB 1 KB	102ms 20ms	Stylesheet text/css	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.net/css/tilda-grid-3.0.min.css Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 0b5f664c528f466606c93195975f671fc46c3a9c10fee54426c2cd1cf89b1fec Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc61 date Sun, 12 May 2024 20:45:09 GMT content-encoding gzip tserver 10 last-modified Tue, 21 Feb 2023 12:52:41 GMT server nginx traceparent 00-45ceffc6ea0d8c7aeeaac2ad0256c901-9e4f28edd24945b9-01 etag W/"63f4be99-11a2" x-cached-since 2024-04-13T13:34:19+00:00 content-type text/css access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT
GET H2	200	tilda-blocks-page48254631.min.css offer.thomaskralow.com/	11 KB 3 KB	41ms 40ms	Stylesheet text/css	185.215.4.12 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://offer.thomaskralow.com/tilda-blocks-page48254631.min.css?t=1715290111 Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.215.4.12 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS Software ddos-guard / Resource Hash 2ca562518089d933064fd0b5c7f347d9e4070f43f3503879ccd8f0bbe30d9112 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:09 GMT content-encoding gzip last-modified Thu, 09 May 2024 21:28:32 GMT server ddos-guard etag "2a0d-6180c19d8110a-gzip" vary Accept-Encoding content-type text/css x-host offer.thomaskralow.com x-base-server 9 accept-ranges bytes content-length 2679
GET H2	200	tilda-forms-1.0.min.css static.tildacdn.net/css/	28 KB 4 KB	103ms 21ms	Stylesheet text/css	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.net/css/tilda-forms-1.0.min.css Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 5efe381199fd75f6e663461a51582133f48115c0feeffd5dbefda2b405a4a42a Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc62 date Sun, 12 May 2024 20:45:09 GMT content-encoding br tserver 9 last-modified Fri, 03 May 2024 10:48:21 GMT server nginx traceparent 00-f8111db470e84b86994fb9f9820fcf46-f7d455b86853bdba-01 x-id-shield am3-hw-edge-gc88 etag W/"6634c0f5-71b9" vary Accept-Encoding x-cached-since 2024-05-03T12:02:34+00:00, 2024-05-03T12:03:28+00:00 content-type text/css access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT, HIT
GET H2	200	highlight.min.css static.tildacdn.net/css/	1 KB 668 B	120ms 38ms	Stylesheet text/css	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.net/css/highlight.min.css Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 07a23b618075104849d8dc806499faf025761532347d5c244e488142de01e106 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc30 date Sun, 12 May 2024 20:45:09 GMT content-encoding br tserver 9 last-modified Thu, 18 Mar 2021 12:08:37 GMT server nginx traceparent 00-eb5e2e57fa8a972ff599d86ac9f4cf5b-08db108fe2a5ba54-01 x-id-shield am3-hw-edge-gc88 etag W/"605342c5-52d" vary Accept-Encoding x-cached-since 2024-05-08T18:17:22+00:00, 2024-05-11T10:45:44+00:00 content-type text/css access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT, HIT
GET H2	200	tilda-zero-gallery-1.0.min.css static.tildacdn.net/css/	4 KB 1 KB	108ms 26ms	Stylesheet text/css	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.net/css/tilda-zero-gallery-1.0.min.css Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 77ac1e36367e3952d5e7059eacfd95420b2491b74c97ba8cd7727aa4ff9736d3 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc27 date Sun, 12 May 2024 20:45:09 GMT content-encoding gzip tserver 11 last-modified Thu, 23 Nov 2023 14:47:46 GMT server nginx traceparent 00-1e4f52be82fc43069d4b181f96cd5e47-cd553c1aacfe98a5-01 etag W/"655f6612-10a6" x-cached-since 2024-04-15T09:14:23+00:00 content-type text/css access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT
GET H2	200	css2 fonts.googleapis.com/	7 KB 1 KB	79ms 30ms	Stylesheet text/css	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&display=swap Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 63fd0069ced51bf0645c28ded71b08ad8d15b1cfb358ff56edb137872e8c62dc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Sun, 12 May 2024 20:45:09 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 12 May 2024 20:07:45 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 12 May 2024 20:45:09 GMT
GET H2	200	jquery-1.10.2.min.js Show response static.tildacdn.net/js/	91 KB 32 KB	107ms 25ms	Script application/javascript	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.net/js/jquery-1.10.2.min.js Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc31 date Sun, 12 May 2024 20:45:09 GMT content-encoding gzip tserver 13 last-modified Sun, 25 Apr 2021 08:11:36 GMT server nginx traceparent 00-f49c4814aae1232711f8096385510d86-2c751495388bb41e-01 etag W/"60852438-16b88" x-cached-since 2024-04-15T08:22:02+00:00 content-type application/javascript; charset=utf-8 access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT
GET H2	200	tilda-scripts-3.0.min.js Show response static.tildacdn.net/js/	19 KB 5 KB	24ms 21ms	Script application/javascript	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.net/js/tilda-scripts-3.0.min.js Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash bd9ac34b44bbe32fc88ce7fffb51f9874a8c102c48bd90d72d9cc5af23573de7 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc32 date Sun, 12 May 2024 20:45:09 GMT content-encoding br tserver 13 last-modified Fri, 03 May 2024 10:12:23 GMT server nginx traceparent 00-3ad13a968d5daed9ff2a2b7df9081ede-c8d67d15f2f7768e-01 x-id-shield am3-hw-edge-gc89 etag W/"6634b887-4bc5" vary Accept-Encoding x-cached-since 2024-05-03T10:13:21+00:00, 2024-05-03T10:13:28+00:00 content-type application/javascript; charset=utf-8 access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT, HIT
GET H2	200	tilda-blocks-page48254631.min.js Show response offer.thomaskralow.com/	8 KB 2 KB	45ms 42ms	Script application/javascript	185.215.4.12 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://offer.thomaskralow.com/tilda-blocks-page48254631.min.js?t=1715290111 Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.215.4.12 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS Software ddos-guard / Resource Hash b380c888ac5a3e16b2e28b224fbb6d990399b692f1faa66a39853208ccb286a1 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:09 GMT content-encoding gzip last-modified Thu, 09 May 2024 21:28:32 GMT server ddos-guard etag "1fe2-6180c19d6a9ab-gzip" vary Accept-Encoding content-type application/javascript x-host offer.thomaskralow.com x-base-server 9 accept-ranges bytes content-length 2221
GET H2	200	tilda-lazyload-1.0.min.js Show response static.tildacdn.net/js/	24 KB 7 KB	26ms 23ms	Script application/javascript	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.net/js/tilda-lazyload-1.0.min.js Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 68de40611264822b9a752f4e79adc4eea3d1e2bd168a93c888c1789225b08a8a Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc12 date Sun, 12 May 2024 20:45:09 GMT content-encoding br tserver 8 last-modified Fri, 09 Feb 2024 13:58:04 GMT server nginx traceparent 00-b825a311295fb99ad9719c42bc5ad3c7-f7486aa166add04e-01 x-id-shield am3-hw-edge-gc89 etag W/"65c62f6c-5ea8" vary Accept-Encoding x-cached-since 2024-04-17T12:45:08+00:00, 2024-04-25T09:45:05+00:00 content-type application/javascript; charset=utf-8 access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT, HIT
GET H2	200	tilda-zero-1.1.min.js Show response static.tildacdn.net/js/	25 KB 6 KB	24ms 22ms	Script application/javascript	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.net/js/tilda-zero-1.1.min.js Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 1d609b9aa5362e45fd6890333d3b8f26edba07038f29adce7a91c4a220f5e1c0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc22 date Sun, 12 May 2024 20:45:09 GMT content-encoding br tserver 9 last-modified Thu, 21 Mar 2024 11:00:02 GMT server nginx traceparent 00-ca65f4f037e4f389f3ea13ac4b848232-57a48ce5c5fae374-01 x-id-shield am3-hw-edge-gc89 etag W/"65fc1332-656f" vary Accept-Encoding x-cached-since 2024-03-21T11:01:09+00:00, 2024-04-25T09:06:35+00:00 content-type application/javascript; charset=utf-8 access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT, HIT
GET H2	200	tilda-popup-1.0.min.js Show response static.tildacdn.net/js/	3 KB 1 KB	22ms 20ms	Script application/javascript	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.net/js/tilda-popup-1.0.min.js Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash be39c25d97c8eb00aa33abed99fdd18fc6993b9cc5d21b2b69596d7f13405245 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc34 date Sun, 12 May 2024 20:45:09 GMT content-encoding br tserver 10 last-modified Fri, 05 Apr 2024 09:58:56 GMT server nginx traceparent 00-3ad167bd52cc3e3a34c6018538cb4748-08facd97e6485d0a-01 x-id-shield am3-hw-edge-gc88 etag W/"660fcb60-a37" vary Accept-Encoding x-cached-since 2024-04-05T09:59:54+00:00, 2024-04-17T12:37:51+00:00 content-type application/javascript; charset=utf-8 access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT, HIT
GET H2	200	tilda-forms-1.0.min.js Show response static.tildacdn.net/js/	68 KB 16 KB	30ms 28ms	Script application/javascript	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.net/js/tilda-forms-1.0.min.js Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 4352f753a768c8b7bf79578061e1b41aba6c78af746df19e79caee0eeba9615c Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc38 date Sun, 12 May 2024 20:45:09 GMT content-encoding br tserver 7 last-modified Mon, 06 May 2024 07:59:31 GMT server nginx traceparent 00-d3375d9d59a94817e3f359ec3cd67b61-17e63dbb3dfb6e0a-01 x-id-shield am3-hw-edge-gc88 etag W/"66388de3-1108e" vary Accept-Encoding x-cached-since 2024-05-06T08:14:08+00:00, 2024-05-06T08:14:29+00:00 content-type application/javascript; charset=utf-8 access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT, HIT
GET H2	200	highlight.min.js Show response static.tildacdn.net/js/	41 KB 17 KB	103ms 22ms	Script application/javascript	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.net/js/highlight.min.js Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 5ad5171287c6d8cd3f604df3559129c28c5aaea6cc67ccdef3d0a509dbdd7a64 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc17 date Sun, 12 May 2024 20:45:09 GMT content-encoding gzip tserver 7 last-modified Mon, 27 Nov 2023 03:18:41 GMT server nginx traceparent 00-f42c217ae2fa971ba54a942b3a53c0d9-03e63d2eded074cb-01 etag W/"65640a91-a5cd" x-cached-since 2024-04-15T08:45:33+00:00 content-type application/javascript; charset=utf-8 access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT
GET H2	200	tilda-slds-1.4.min.js Show response static.tildacdn.net/js/	47 KB 8 KB	31ms 29ms	Script application/javascript	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.net/js/tilda-slds-1.4.min.js Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 9929d0c263a5a7a8556714bcfc2b9e3f189c9df0ddc09758b8750bcd9bb1fb2d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc26 date Sun, 12 May 2024 20:45:09 GMT content-encoding br tserver 13 last-modified Thu, 18 Apr 2024 09:56:41 GMT server nginx traceparent 00-5431a1c304b4940956863d95a7b6a707-c87766cf6c9ff38d-01 x-id-shield am3-hw-edge-gc89 etag W/"6620ee59-bbc6" vary Accept-Encoding x-cached-since 2024-04-18T09:57:24+00:00, 2024-04-25T09:49:28+00:00 content-type application/javascript; charset=utf-8 access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT, HIT
GET H2	200	tilda-zero-gallery-1.0.min.js Show response static.tildacdn.net/js/	25 KB 6 KB	29ms 27ms	Script application/javascript	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.net/js/tilda-zero-gallery-1.0.min.js Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 271f5b5d1803c7203f79596361d7d736ca745f2472c1ccf70eaf89fdd85843f8 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc16 date Sun, 12 May 2024 20:45:09 GMT content-encoding br tserver 7 last-modified Thu, 29 Feb 2024 12:02:46 GMT server nginx traceparent 00-18bacb41f5d19fa494f2aadb17d92a1b-2159cb44fce49212-01 x-id-shield am3-hw-edge-gc89 etag W/"65e07266-63f2" vary Accept-Encoding x-cached-since 2024-02-29T12:03:41+00:00, 2024-04-17T12:06:24+00:00 content-type application/javascript; charset=utf-8 access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT, HIT
GET H2	200	hammer.min.js Show response static.tildacdn.net/js/	20 KB 7 KB	43ms 41ms	Script application/javascript	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.net/js/hammer.min.js Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 090a7068a2209545279f858c6f41ff7ae42815e11c3d69463a2a2ea835282bd9 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc29 date Sun, 12 May 2024 20:45:09 GMT content-encoding gzip tserver 7 last-modified Mon, 27 Nov 2023 03:18:40 GMT server nginx traceparent 00-8252beb04cc9cc0330648b39fe7235c9-8f0a335320a71714-01 etag W/"65640a90-50f6" x-cached-since 2024-04-13T13:39:08+00:00 content-type application/javascript; charset=utf-8 access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT
GET H2	200	tilda-zero-scale-1.0.min.js Show response static.tildacdn.net/js/	4 KB 2 KB	28ms 26ms	Script application/javascript	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.net/js/tilda-zero-scale-1.0.min.js Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash a52bc991e577ac61b609d9363dd8f52632d82f6c4fff47dd91186f019bd5c871 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc31 date Sun, 12 May 2024 20:45:09 GMT content-encoding br tserver 9 last-modified Tue, 07 May 2024 09:29:55 GMT server nginx traceparent 00-90100e79203920616677d797989563c2-71e1993f4a46ab51-01 x-id-shield am3-hw-edge-gc88 etag W/"6639f493-11b8" vary Accept-Encoding x-cached-since 2024-05-07T09:31:44+00:00, 2024-05-07T09:31:47+00:00 content-type application/javascript; charset=utf-8 access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT, HIT
GET H2	200	tilda-events-1.0.min.js Show response static.tildacdn.net/js/	18 KB 4 KB	27ms 25ms	Script application/javascript	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.net/js/tilda-events-1.0.min.js Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash f28eafcc73b9c461f0ff0b8dc6c8765e0f21732b177acc75154ed0722f038ce6 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc51 date Sun, 12 May 2024 20:45:09 GMT content-encoding br tserver 9 last-modified Tue, 06 Feb 2024 12:50:32 GMT server nginx traceparent 00-06cae9dd728434fe7514ccc3a1e1b035-99ddaf4e35d4ae90-01 x-id-shield am3-hw-edge-gc89 etag W/"65c22b18-46d2" vary Accept-Encoding x-cached-since 2024-04-21T21:34:30+00:00, 2024-04-22T11:05:35+00:00 content-type application/javascript; charset=utf-8 access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT, HIT
GET H2	200	tilda-popup-1.1.min.css static.tildacdn.net/css/	2 KB 850 B	42ms 40ms	Stylesheet text/css	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.net/css/tilda-popup-1.1.min.css Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash c9d323c102499633dfe64c95ba5e0043c070ffa04683f796fbb7c5b625ee72c7 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc16 date Sun, 12 May 2024 20:45:09 GMT content-encoding gzip tserver 7 last-modified Mon, 27 Nov 2023 03:18:31 GMT server nginx traceparent 00-b56c5d67aef80bcaa26101e1b41d0b62-1c1525e83ffbfce2-01 etag W/"65640a87-961" x-cached-since 2024-04-15T08:45:27+00:00 content-type text/css access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT
GET H2	200	tilda-slds-1.4.min.css static.tildacdn.net/css/	12 KB 2 KB	40ms 39ms	Stylesheet text/css	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.net/css/tilda-slds-1.4.min.css Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 3c80f7772e0f3841b2ced1722523c2c1299a163dd880857c37b2f2852ccbd7a1 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc60 date Sun, 12 May 2024 20:45:09 GMT content-encoding gzip tserver 10 last-modified Thu, 19 Oct 2023 12:57:59 GMT server nginx traceparent 00-5f02fecac2550582601c80bff640c69a-ea69a76f11a71a44-01 etag W/"653127d7-2f82" x-cached-since 2024-04-13T13:39:37+00:00 content-type text/css access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT
GET H2	200	Frame_1321316217_4-m.jpg thb.tildacdn.net/tild6664-3838-4937-a338-633635663935/-/empty/	3 KB 4 KB	97ms 24ms	Image image/png	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Show image Full URL https://thb.tildacdn.net/tild6664-3838-4937-a338-633635663935/-/empty/Frame_1321316217_4-m.jpg Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 2c24a94847384bd954fa650f15770232c57374c1daa3d1dcfe3ca21fcbc6262e Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc27 date Sun, 12 May 2024 20:45:09 GMT tserver 7 server nginx traceparent 00-4b4f4d63b7df873a0e74b23f6e7dc148-d991262fddec70ff-01 x-id-shield am3-hw-edge-gc88 x-cached-since 2024-05-09T17:02:28+00:00 content-type image/png access-control-allow-origin * cache-control public cache MISS, HIT x-id-fe fr5-hw-edge-gc56 x-resize-server 7 expires Mon, 03 Jun 2024 23:59:59 GMT
GET H2	200	tilda-range-1.0.min.css static.tildacdn.net/css/	1 KB 627 B	20ms 20ms	Stylesheet text/css	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.net/css/tilda-range-1.0.min.css Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash c250021b06db5d02a84048cbc88e8b7b449394e526fa1b86723d4e0533fc33dd Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc27 date Sun, 12 May 2024 20:45:09 GMT content-encoding gzip tserver 9 last-modified Thu, 18 Mar 2021 12:08:37 GMT server nginx traceparent 00-c7daa71236bfd7bdcc51d0be3d8b764b-390e54229f6ecf68-01 etag W/"605342c5-5dc" x-cached-since 2024-04-14T12:46:12+00:00 content-type text/css access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT
GET H2	200	tilda-range-1.0.min.js Show response static.tildacdn.net/js/	3 KB 1 KB	20ms 20ms	Script application/javascript	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.net/js/tilda-range-1.0.min.js Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash eb0a88de1d7c142e96ed85e5fe2c6e9e84b295a8564a91a161a6fec40e885dc1 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc34 date Sun, 12 May 2024 20:45:09 GMT content-encoding gzip tserver 11 last-modified Tue, 14 Mar 2023 11:33:38 GMT server nginx traceparent 00-73358a3ed8505db981ae74b58792b006-12477955e0fcbf3b-01 etag W/"64105b92-b43" x-cached-since 2024-04-14T12:45:36+00:00 content-type application/javascript; charset=utf-8 access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT
GET H2	200	gtm.js Show response www.googletagmanager.com/	287 KB 94 KB	102ms 46ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WQ9FCMWS Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a661063c0175dbca35891803401b6436d541549ea26ee2c1ba9f7397b1567a04 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:09 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95495 x-xss-protection 0 last-modified Sun, 12 May 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 12 May 2024 20:45:09 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	459 KB 123 KB	147ms 91ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NQZ2PS4 Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ba7f6475a6a8a6fdf71eaa2713f24eebde26959a0ac2422908f776537f08a69e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:09 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 126214 x-xss-protection 0 last-modified Sun, 12 May 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 12 May 2024 20:45:09 GMT
GET H2	200	tilda-phone-mask-1.1.min.js Show response static.tildacdn.net/js/	31 KB 9 KB	31ms 30ms	Script application/javascript	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.net/js/tilda-phone-mask-1.1.min.js Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash e81dcb18f2308975cb0c73d90d70613180f803b129f57f6f0aef3ae29394cb12 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc8 date Sun, 12 May 2024 20:45:09 GMT content-encoding br tserver 8 last-modified Thu, 02 May 2024 09:08:14 GMT server nginx traceparent 00-008535cd34982b2f80ba6e4985f11e1f-93f527e27efd6485-01 x-id-shield am3-hw-edge-gc89 etag W/"663357fe-7a78" vary Accept-Encoding x-cached-since 2024-05-02T11:53:00+00:00, 2024-05-11T10:46:02+00:00 content-type application/javascript; charset=utf-8 access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT, HIT
GET H2	200	Metral-Bold.woff static.tildacdn.com/tild3261-6637-4361-b938-373237626434/	25 KB 25 KB	114ms 39ms	Font font/woff	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.com/tild3261-6637-4361-b938-373237626434/Metral-Bold.woff Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/tilda-blocks-page48254631.min.css?t=1715290111 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 218464b8d3b2a67e76330f6afc81f07b915fda99d418961e23c340ea11f482d1 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Origin https://offer.thomaskralow.com Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-container-storage-policy-name Policy-0 x-id fr5-hw-edge-gc59 date Sun, 12 May 2024 20:45:09 GMT age 0 x-cached-since 2024-05-07T11:36:29+00:00, 2024-05-07T17:13:55+00:00 x-id-fe fr5-hw-edge-gc31 content-length 25340 x-trans-id 17cc444e8af6a190 tserver 9 last-modified Sat, 04 May 2024 11:04:23 GMT server nginx traceparent 00-66e604cf0fe1794706ed71b982008f5b-8874501b57166329-01 x-id-shield am3-hw-edge-gc88 etag "ec909072faff7c8e82cba90a3121fc4c" content-type font/woff access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Expires, Cache-Control cache-control max-age=5184000 cache HIT, HIT x-timestamp 1714820662.25192 x-container-storage-policy-index 0 accept-ranges bytes expires Sat, 06 Jul 2024 11:36:29 GMT
GET H2	200	Metral-Medium.woff static.tildacdn.com/tild3437-3032-4435-a165-623230666139/	25 KB 25 KB	118ms 43ms	Font font/woff	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.com/tild3437-3032-4435-a165-623230666139/Metral-Medium.woff Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/tilda-blocks-page48254631.min.css?t=1715290111 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 0a19ea48bea9890f66b285b2b9d058d1afff6496e4ae746d73b3d38d8b549f64 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Origin https://offer.thomaskralow.com Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-container-storage-policy-name Policy-0 x-id fr5-hw-edge-gc52 date Sun, 12 May 2024 20:45:09 GMT age 0 x-cached-since 2024-05-07T11:36:30+00:00, 2024-05-07T17:13:55+00:00 x-id-fe fr5-hw-edge-gc31 content-length 25128 x-trans-id 17cc4493ebf12ddb tserver 10 last-modified Sat, 04 May 2024 11:09:21 GMT server nginx traceparent 00-4cade2b22cb414fc7b9c1a76c1c28b10-c775329e61f98aba-01 x-id-shield am3-hw-edge-gc88 etag "51a6e482b2369a09d706da1ce36a0bbd" content-type font/woff access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Expires, Cache-Control cache-control max-age=5184000 cache HIT, HIT x-timestamp 1714820960.23352 x-container-storage-policy-index 0 accept-ranges bytes expires Sat, 06 Jul 2024 11:36:30 GMT
GET H2	200	DMSans-Bold.woff static.tildacdn.com/tild3064-3364-4937-a635-323939303932/	39 KB 39 KB	98ms 23ms	Font font/woff	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.com/tild3064-3364-4937-a635-323939303932/DMSans-Bold.woff Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/tilda-blocks-page48254631.min.css?t=1715290111 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 6fede7820c908f6b6394afa78f186e81199c9e60d9979504167ed78f2ce0de25 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Origin https://offer.thomaskralow.com Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-container-storage-policy-name Policy-0 x-id fr5-hw-edge-gc8 date Sun, 12 May 2024 20:45:09 GMT age 0 x-cached-since 2024-04-23T12:22:15+00:00 x-id-fe fr5-hw-edge-gc31 content-length 39772 x-trans-id 17a2a6a3ddec94b2 tserver 8 last-modified Wed, 20 Dec 2023 21:13:52 GMT server nginx traceparent 00-325d98409f3c9c5429a9b2101be93363-879bf2e19db77e46-01 x-id-shield am3-hw-edge-gc88 etag "a7b09631647c2b1fb62f184675df090f" content-type font/woff access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Expires, Cache-Control cache-control max-age=5184000 cache MISS, HIT x-timestamp 1703106831.83410 x-container-storage-policy-index 0 accept-ranges bytes expires Tue, 23 Apr 2024 12:20:23 GMT
GET DATA	200 OK	truncated /	66 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79 Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	/ Show response geo.tildacdn.com/geo/country/	2 B 135 B	285ms 89ms	XHR text/html	5.181.161.195 TILDA-IE-1
General Check archive.org Show headers Download Go to Full URL https://geo.tildacdn.com/geo/country/ Requested by Host: static.tildacdn.net URL: https://static.tildacdn.net/js/tilda-phone-mask-1.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 5.181.161.195 Ashburn, United States, ASN205282 (TILDA-IE-1, IE), Reverse DNS 195-161.addr.tildacdn.net Software / Resource Hash 6890c837e9a8e887d651f86fac63673ad336a440aa1ea81847dc493ca6894f65 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Sun, 12 May 2024 20:45:09 GMT content-encoding gzip x-tilda-server 4 content-type text/html; charset=UTF-8
GET H2	200	DMSans-Regular.woff static.tildacdn.com/tild3139-3030-4433-b636-656434343761/	39 KB 39 KB	23ms 23ms	Font font/woff	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.com/tild3139-3030-4433-b636-656434343761/DMSans-Regular.woff Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/tilda-blocks-page48254631.min.css?t=1715290111 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 82cc1e1634e48a3abbde1b9fc3756fe10cd71d26df755665133d55480ac0095c Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Origin https://offer.thomaskralow.com Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-container-storage-policy-name Policy-0 x-id fr5-hw-edge-gc15 date Sun, 12 May 2024 20:45:09 GMT age 0 x-cached-since 2023-12-22T08:00:51+00:00, 2024-04-20T11:05:39+00:00 x-id-fe fr5-hw-edge-gc31 content-length 39960 x-trans-id 17a2a6a012ec4dcd tserver 10 last-modified Wed, 20 Dec 2023 21:13:36 GMT server nginx traceparent 00-159c31b089e123d37648a5408b86eadb-1a826897de8ae7ca-01 x-id-shield am3-hw-edge-gc88 etag "a1e7a2ff392668d9073977a0b3afc872" content-type font/woff access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Expires, Cache-Control cache-control public cache HIT, HIT x-timestamp 1703106815.54303 x-container-storage-policy-index 0 accept-ranges bytes
GET H2	200	js Show response www.googletagmanager.com/gtag/	353 KB 115 KB	46ms 45ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-6917ETZK5X&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ9FCMWS Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 79d9d872a6f274bc9a436ea667effb50f4d5bb3f1baa57a6781bcbc8146fea66 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:09 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 117640 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 12 May 2024 20:45:09 GMT
GET H2	200	destination Show response www.googletagmanager.com/gtag/	221 KB 80 KB	47ms 47ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-11452619613&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ9FCMWS Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash efb076cce7849e46002fd894da8e80f15bcaf33db02af3318aa1e6e6710bc497 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:09 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 81872 x-xss-protection 0 last-modified Sun, 12 May 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 12 May 2024 20:45:09 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	218 KB 59 KB	69ms 23ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 12 May 2024 20:45:09 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57845 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=20, rtx=0, c=13, mss=1208, tbw=2789, tp=-1, tpl=-1, uplat=1, ullat=-1 pragma public x-fb-debug sRYpjVA5H7oSAvCmBCKCqsfJaLbhtJoWgUcvRpjNgPf/Fg4Ew+WN94U/0NBDEJGMQYZ97pLf09TK3tDGXpbptg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	323 KB 104 KB	42ms 42ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-QRKT06HX8V&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQZ2PS4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 2f2c6aeccbaa255e7c2756007cd4d6a59d8807560ff94ea1bccaaf239866f520 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:09 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 106462 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 12 May 2024 20:45:09 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	72ms 20ms	Script text/javascript	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQZ2PS4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 12 May 2024 20:07:49 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 2240 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sun, 12 May 2024 22:07:49 GMT
GET H2	200	destination Show response www.googletagmanager.com/gtag/	221 KB 80 KB	54ms 54ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-628570139&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQZ2PS4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f776cd8a1b261de658649711fc2a70b3285ced6d95a580b0aedffcf2839aa278 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:09 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 81879 x-xss-protection 0 last-modified Sun, 12 May 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 12 May 2024 20:45:09 GMT
GET H2	200	destination Show response www.googletagmanager.com/gtag/	229 KB 82 KB	46ms 46ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-628592560&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQZ2PS4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 17b0ad0e20d694013d16de955ef4a7d8841ed00da729f697a4e4279ed9b5292f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:09 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 83755 x-xss-protection 0 last-modified Sun, 12 May 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 12 May 2024 20:45:09 GMT
GET H2	200	destination Show response www.googletagmanager.com/gtag/	221 KB 80 KB	50ms 49ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-628593958&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQZ2PS4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 545475b043dd012bcbdff151b73e2b8422e01229983cf2ebea5c0ae8e0ce1776 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:09 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 81789 x-xss-protection 0 last-modified Sun, 12 May 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 12 May 2024 20:45:09 GMT
GET H3	200	qevents.js Show response a.quora.com/	41 KB 14 KB	80ms 40ms	Script text/plain	162.159.153.247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.quora.com/qevents.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQZ2PS4 Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.153.247 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5af5ee0b37b1f0ef31c42932bbf81424e4bb53e95e87a47e058625c1af2245db Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:09 GMT x-amz-version-id jrgqQn59BHyNBJEhUqaibHl1Lk06.AzO content-encoding gzip cf-cache-status HIT x-amz-request-id M04HPBTPY5GDBBF5 age 3899484 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 x-amz-id-2 Tl+NCrT4/ROq8BOB/jXEFbjekr+B/799PB4hsh4cPaz8GcT19YQzaMe+k+f+IJxKpv7tKCeNqoQ= last-modified Thu, 28 Mar 2024 17:33:19 GMT server cloudflare x-amz-meta-s3cmd-attrs md5:87b5ecaafd0e88097cbbb1bbb7695fe9 etag W/"87b5ecaafd0e88097cbbb1bbb7695fe9" vary Accept-Encoding content-type text/plain cache-control public, max-age=14400 cf-ray 882d4038f8189f38-FRA expires Mon, 13 May 2024 00:45:09 GMT
GET H2	200	destination Show response www.googletagmanager.com/gtag/	199 KB 72 KB	45ms 45ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=DC-10316416&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQZ2PS4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash eddcb80dbf60648da0cc9b9065688f44f8a2a8397428cee34ace1748965ed27c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:09 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 74019 x-xss-protection 0 last-modified Sun, 12 May 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 12 May 2024 20:45:09 GMT
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	112ms 50ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQZ2PS4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Sun, 12 May 2024 20:45:09 GMT last-modified Thu, 29 Feb 2024 19:58:06 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 2D4A2EBC498442ACA2C0A1595876E11D Ref B: ZRHEDGE1512 Ref C: 2024-05-12T20:45:09Z etag "01b4e9c496bda1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13261
GET H2	200	uwt.js Show response static.ads-twitter.com/	56 KB 15 KB	111ms 30ms	Script application/javascript	146.75.120.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQZ2PS4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:09 GMT content-encoding gzip last-modified Thu, 04 Apr 2024 00:26:35 GMT x-amz-server-side-encryption AES256 etag "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip" vary Accept-Encoding,Host x-cache HIT, HIT content-type application/javascript; charset=utf-8 p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" x-tw-cdn FT cache-control no-cache accept-ranges bytes content-length 15412 x-served-by cache-iad-kcgs7200164-IAD, cache-fra-etou8220118-FRA
GET H2	200	pixel.js Show response www.redditstatic.com/ads/	42 KB 12 KB	94ms 21ms	Script application/javascript	2a04:4e42:600::396 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/pixel.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQZ2PS4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash 5ccd2a2d0cfc8f7b36c238c935a36c751eb306a4f23788a0c6c33eec1a5a2071 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:09 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish last-modified Tue, 07 May 2024 17:43:30 GMT server snooserv nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} etag "337f63427080a8d6a60316b759dab390" x-amz-server-side-encryption AES256 vary Accept-Encoding,Origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type application/javascript cache-control public, max-age=60 accept-ranges bytes content-length 12083
GET H2	200	hotjar-2965407.js Show response static.hotjar.com/c/	9 KB 4 KB	143ms 72ms	Script application/javascript	18.66.192.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-2965407.js?sv=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQZ2PS4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.39 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-39.muc50.r.cloudfront.net Software / Resource Hash 05326601625e75d7e9861c3200116881e4648c054d7249677e0ecddff4a21b4c Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:09 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 66ce4848bcf993e3c57b596461cd0b82.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 etag W/3590b63f465afcf409cd3ce710602966 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=60 x-cache-hit 1 cross-origin-resource-policy cross-origin x-amz-cf-id zTsw_xuTGexMt6xFtZC4EsiAzcmlA8eIcjwxJAbTTHb2AI2FjGq2Tg==
GET H2	200	sdk.js Show response analytics.tiktok.com/i18n/pixel/	5 KB 3 KB	222ms 161ms	Script application/javascript	2.18.64.11 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTRDGQ0RQH54JI5RGNS0 Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-11.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 877c5129ebc91de6c2621776c93663fb5394eac47774c92741d63a5daca26a44 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id cc6d0b28.1f5052c5 date Sun, 12 May 2024 20:45:10 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240512204510DE4F320FC5DCE34201F9-5A7CF9E6053D6323-00 x-cache TCP_MISS from a2-20-179-75.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-) x-parent-response-time 135,2.20.179.75 server-timing cdn-cache; desc=MISS, edge; dur=102, origin; dur=36, inner; dur=7 content-length 1830 pragma no-cache server nginx x-tt-logid 20240512204510DE4F320FC5DCE34201F9 x-cache-remote TCP_MISS from a23-48-100-144.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-) vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 36,23.48.100.144 x-tt-trace-host 015f59a9b2ca40714c9d039a43d3936a6089097f361c2e80530d211f4fa99de4010e9dc83fa94b623014a86323f7d35bda53ba5a5c9427be96a8df1d52f67b5f043ca9701277fe2ce9b2f654a0448910102d1809375d1ce77bdfec95c6d3cf1bb005e37403e65810f703b6d945cb0f7d4a expires Sun, 12 May 2024 20:45:10 GMT
GET H2	200	sdk.js Show response analytics.tiktok.com/i18n/pixel/	6 KB 3 KB	179ms 118ms	Script application/javascript	2.18.64.11 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTRDPTGRQH54JI5RGP5G Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-11.deploy.static.akamaitechnologies.com Software nginx / Resource Hash ce6260dcd40113951df795694286f9f3e25cf878b318492dcddb4a90334c421c Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 824f070.1f5052c6 date Sun, 12 May 2024 20:45:10 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2405122045099B149CE7A14EEE512460-60D6F0993BEE2186-00 x-cache TCP_MISS from a2-20-179-75.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-) x-parent-response-time 94,2.20.179.75 server-timing cdn-cache; desc=MISS, edge; dur=87, origin; dur=7, inner; dur=1 content-length 2018 pragma no-cache server nginx x-tt-logid 202405122045099B149CE7A14EEE512460 x-cache-remote TCP_MISS from a23-48-100-145.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-) vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 8,23.48.100.145 x-tt-trace-host 015f59a9b2ca40714c9d039a43d3936a6089097f361c2e80530d211f4fa99de401a0424528c720955cc9b63a59bb9f239731ed18e4e8dbea8d91b1a4a1b05fc8709db407f2fccc6edb7dad2a0ee6c4d202b600152bfc7542cd620d7e0e5906a2b2784f6cfc171c862caf8863f8a1ada9e1 expires Sun, 12 May 2024 20:45:10 GMT
GET H2	200	eY36pn.js Show response s.retargeted.co/1/	674 B 878 B	107ms 45ms	Script text/plain	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.retargeted.co/1/eY36pn.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQZ2PS4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5edd53d83fc442ce95136061492d4ab2e34dafba13ac074b10fcaec6d37acdb2 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:09 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} surrogate-control no-store content-disposition inline alt-svc h3=":443"; ma=86400 server cloudflare etag W/"2a2-TRh28Z36i6C8XFVjAvGgvoTauGA" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BQR1oQoVqXTcxxouisL7tOihgJgNacdsmuC6TYXZ7un%2BFmB%2FceNjbMjfThxQ5eNZEM8qnpMO32GUvFQalHFc8oE8NdWzc%2FjnhqVmQp3l4T7ItJy52qKwZiRlrhfEuboCNkg%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-ray 882d40392e401c60-FRA expires 0
GET H3	200	OneSignalSDK.js Show response cdn.onesignal.com/sdks/	9 KB 3 KB	100ms 63ms	Script application/javascript	104.16.160.145 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalSDK.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQZ2PS4 Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:10 GMT via 1.1 google content-encoding br cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains age 84 etag W/"a87c48d211877c49b878679b2e3cdab8" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 882d40396d28bb14-MXP access-control-allow-headers OneSignal-Subscription-Id alt-svc h3=":443"; ma=86400 expires Wed, 15 May 2024 20:45:10 GMT
GET H2	200	universal-script Show response 181569.tracking.hyros.com/v1/lst/	46 KB 46 KB	506ms 250ms	Script text/javascript	52.21.14.102 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://181569.tracking.hyros.com/v1/lst/universal-script?ph=cc0b7e286648b4df80d6f32db9a19baa58d0137013591a2cf031482cae96c24c&tag=!tracking Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.21.14.102 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-21-14-102.compute-1.amazonaws.com Software / Resource Hash 79ab00a8d98f33bb0a45f58acb0a89cf84a26dd7b00b7c996f9a7350802f1942 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:10 GMT strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 86400 access-control-allow-methods GET, PUT, POST, OPTIONS, DELETE content-type text/javascript;charset=ISO-8859-1 access-control-expose-headers Session-ID access-control-allow-credentials true content-length 47004
GET H2	200	8vo6j3v Show response thomaskralow.postaffiliatepro.com/scripts/	27 KB 6 KB	88ms 20ms	Script application/javascript	172.105.76.105 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://thomaskralow.postaffiliatepro.com/scripts/8vo6j3v Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQZ2PS4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.105.76.105 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-105-76-105.ip.linodeusercontent.com Software nginx / Resource Hash ec7415839c9d895ce1c49a2754b1cb7f7601eaeccb8a1e5760cacf3a91693ac3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:10 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains via 1.1 varnish (1.lb-app.pap.linode-de) x-srv 1 age 104 content-length 6134 last-modified Tue, 09 Apr 2024 13:00:46 GMT server nginx etag W/"6ba3-615a982a87b80" vary Accept-Encoding content-type application/javascript x-varnish 767561276 764393854 cache-control max-age=120 accept-ranges bytes expires Sun, 12 May 2024 20:45:25 GMT
GET H/1.1	200 OK	fpc.js Show response fat.financeads.net/	4 KB 2 KB	220ms 44ms	Script application/javascript	178.15.48.233 VODANET Internati...
General Check archive.org Show headers Download Go to Full URL https://fat.financeads.net/fpc.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQZ2PS4 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.15.48.233 Düsseldorf, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE), Reverse DNS fin-lamp-new.dns.boreus.de Software Apache/2.4.58 (Ubuntu) / Resource Hash bddf6ec934f392551e7c648c65b1770b8dc8e1ba9c88355d5fa814b477275ca0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 12 May 2024 20:45:10 GMT Content-Encoding gzip Last-Modified Wed, 26 Jun 2019 13:13:56 GMT Server Apache/2.4.58 (Ubuntu) ETag "efb-58c39d14c0d00-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=600 Content-Length 1244
GET H/1.1	200 OK	pixel q.quora.com/_/ad/551ec3879a4748a7b1cef9c72a0dbb80/	43 B 422 B	433ms 110ms	Image image/gif	52.54.184.215 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://q.quora.com/_/ad/551ec3879a4748a7b1cef9c72a0dbb80/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005 Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.54.184.215 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-54-184-215.compute-1.amazonaws.com Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 12 May 2024 20:45:10 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; preload Server nginx Connection keep-alive Content-Length 43 X-Q-Stat ,df30db767ee662666c4849677ee5b7cc,10.0.0.87,46788,176.10.106.27,,367309376047,1,1715546710.362,0.002,,.,0,0,0.000,0.000,-,0,0,203,308,154,10,26847,,,,,,-, Content-Type image/gif
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/11452619613/	3 KB 1 KB	89ms 37ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11452619613/?random=1715546709910&cv=11&fst=1715546709910&bg=ffffff&guid=ON&async=1&gtm=45be4580z89172730053za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-11452619613&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 702832b152de97aea16b1bf0c0255ab32229a171a4e6f9a86041c63d2250adc9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1467 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/11453344185/	4 KB 1 KB	85ms 35ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11453344185/?random=1715546709947&cv=11&fst=1715546709947&bg=ffffff&guid=ON&async=1&gtm=45je4580v9172767246z89172730053za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-6917ETZK5X&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 9e9f0ec5b874512bc68cab50fe1665f28ebbed90e4bdfd1bd10d3406f1e32574 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1488 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/11453343756/	4 KB 1 KB	54ms 34ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11453343756/?random=1715546709954&cv=11&fst=1715546709954&bg=ffffff&guid=ON&async=1&gtm=45je4580v9172767246z89172730053za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-6917ETZK5X&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash e8ce6fded5ca46c94e45f07ea2191ce55cb9ed6b940d3d6fad915b7de63e3a47 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1490 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/11453406857/	4 KB 1 KB	35ms 35ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11453406857/?random=1715546709958&cv=11&fst=1715546709958&bg=ffffff&guid=ON&async=1&gtm=45je4580v9172767246z89172730053za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-6917ETZK5X&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 418e0257a60b9320e09f23928287ab9fc6a74348c903a7d2080b4d5c23e047b8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1489 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/11453408783/	4 KB 1 KB	35ms 35ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11453408783/?random=1715546709961&cv=11&fst=1715546709961&bg=ffffff&guid=ON&async=1&gtm=45je4580v9172767246z89172730053za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-6917ETZK5X&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 6b83b98aaa645047c1c765d0743c59b5dad93e6cd24ba68b2531f187151b5b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1487 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 259 B	100ms 37ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-6917ETZK5X&gtm=45je4580v9172767246z89172730053za200&_p=1715546709653&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=2152590.1715546710&ecid=735528545&ul=de-ch&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1715546709&sct=1&seg=0&dl=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&dt=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=740 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-6917ETZK5X&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT server Golfe2 content-type text/plain access-control-allow-origin https://offer.thomaskralow.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 47 B	93ms 29ms	Ping text/plain	2a00:1450:400c:c00::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6917ETZK5X&cid=2152590.1715546710&gtm=45je4580v9172767246z89172730053za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-6917ETZK5X&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT server Golfe2 content-type text/plain access-control-allow-origin https://offer.thomaskralow.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.ch/ads/	42 B 107 B	115ms 47ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6917ETZK5X&cid=2152590.1715546710&gtm=45je4580v9172767246z89172730053za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=1770618500 Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	activityi;dc_pre=CKnEgsL9iIYDFUFkHgId3vELMw;src=10316416;type=invmedia;cat=pagev0;ord=5916196838598;npa=0;auiddc=68238120.1715546710;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chro... 10316416.fls.doubleclick.net/ Frame 7E49 Redirect Chain https://10316416.fls.doubleclick.net/activityi;src=10316416;type=invmedia;cat=pagev0;ord=5916196838598;npa=0;auiddc=68238120.1715546710;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520C... https://10316416.fls.doubleclick.net/activityi;dc_pre=CKnEgsL9iIYDFUFkHgId3vELMw;src=10316416;type=invmedia;cat=pagev0;ord=5916196838598;npa=0;auiddc=68238120.1715546710;uaa=x86;uab=64;uafvl=Chromi...	0 0	67ms 64ms	Document text/html	142.250.184.198 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://10316416.fls.doubleclick.net/activityi;dc_pre=CKnEgsL9iIYDFUFkHgId3vELMw;src=10316416;type=invmedia;cat=pagev0;ord=5916196838598;npa=0;auiddc=68238120.1715546710;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4580z8831489522za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=DC-10316416&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.198 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Referer https://offer.thomaskralow.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 650 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 12 May 2024 20:45:10 GMT expires Sun, 12 May 2024 20:45:10 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 12 May 2024 20:45:10 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://10316416.fls.doubleclick.net/activityi;dc_pre=CKnEgsL9iIYDFUFkHgId3vELMw;src=10316416;type=invmedia;cat=pagev0;ord=5916196838598;npa=0;auiddc=68238120.1715546710;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4580z8831489522za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/628593958/	3 KB 1 KB	36ms 36ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/628593958/?random=1715546710006&cv=11&fst=1715546710006&bg=ffffff&guid=ON&async=1&gtm=45be4580z8831489522za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-628593958&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 3e8c3037db7f648acad38242858f8babecb9e903afef97a68c89f013c2a9e8ed Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1478 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 54 B	38ms 37ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-QRKT06HX8V&gtm=45je4580v888912138z8831489522za200&_p=1715546709653&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=2152590.1715546710&ul=de-ch&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1715546710&sct=1&seg=0&dl=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&dt=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&en=page_view&_fv=1&_ss=1&tfd=813 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-QRKT06HX8V&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT server Golfe2 content-type text/plain access-control-allow-origin https://offer.thomaskralow.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 54 B	29ms 28ms	Ping text/plain	2a00:1450:400c:c00::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QRKT06HX8V&cid=2152590.1715546710&gtm=45je4580v888912138z8831489522za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-QRKT06HX8V&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT server Golfe2 content-type text/plain access-control-allow-origin https://offer.thomaskralow.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.ch/ads/	42 B 408 B	102ms 46ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QRKT06HX8V&cid=2152590.1715546710&gtm=45je4580v888912138z8831489522za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=1772400391 Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response www.googleadservices.com/pagead/conversion/628592560/	3 KB 2 KB	80ms 36ms	Script text/javascript	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/628592560/?random=1715546710045&cv=11&fst=1715546710045&bg=ffffff&guid=ON&async=1&gtm=45be4580v872330058z8831489522za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&label=LmT6CMr-l9IBELCf3qsC&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-628592560&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software cafe / Resource Hash 8ddcf8cebcb933e3bdd57708004fa177da312252fee860bfe5f45b2213d84049 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1655 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	t2_89l8rzzn_telemetry Show response www.redditstatic.com/ads/conversions-config/v1/pixel/config/	86 B 700 B	72ms 29ms	XHR application/json	2a04:4e42:600::396 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_89l8rzzn_telemetry Requested by Host: www.redditstatic.com URL: https://www.redditstatic.com/ads/pixel.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash 740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:10 GMT content-encoding gzip via 1.1 varnish nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} server snooserv vary Accept-Encoding,Origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type application/json access-control-allow-origin * cache-control max-age=300 accept-ranges bytes content-length 98
GET H2	200	rp.gif alb.reddit.com/	42 B 637 B	84ms 21ms	Image image/gif	151.101.129.140 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://alb.reddit.com/rp.gif?ts=1715546710066&id=t2_89l8rzzn&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=f8b22974-6cd7-422d-aa48-ecb75785d630&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_a8bbbcc6&dpm=&dpcc=&dprc= Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:10 GMT via 1.1 varnish nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3} server Varnish report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} content-type image/gif cross-origin-resource-policy cross-origin accept-ranges bytes content-length 42 retry-after 0
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 214 B	28ms 28ms	XHR text/plain	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2000276399&t=pageview&_s=1&dl=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&ul=de-ch&de=UTF-8&dt=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEK~&jid=222243248&gjid=404101828&cid=2152590.1715546710&tid=UA-167811283-1&_gid=598134868.1715546710&_r=1&_slc=1&gtm=45He4580n81NQZ2PS4v831489522za200&cd1=2024-05-12T22%3A45%3A09.863%2B02%3A00&cd2=d908a96c-56a7-4c34-b7b5-3bf3fe3c756c&gcd=13l3l3l3l1&dma=0&cd3=2152590.1715546710&z=1079745201 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://offer.thomaskralow.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	16 B 84 B	27ms 27ms	XHR text/plain	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2000276399&t=pageview&_s=1&dl=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&ul=de-ch&de=UTF-8&dt=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEK~&jid=783272856&gjid=1727255900&cid=2152590.1715546710&tid=UA-167811283-6&_gid=598134868.1715546710&_r=1&_slc=1&gtm=45He4580n81NQZ2PS4v831489522za200&gcd=13l3l3l3l1&dma=0&z=105726061 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash f62573901782dcf7128f73c741fc65ffb397aa8fc090dac2b3d79690615d84e5 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://offer.thomaskralow.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response www.googleadservices.com/pagead/conversion/628570139/	3 KB 2 KB	65ms 37ms	Script text/javascript	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/628570139/?random=1715546710081&cv=11&fst=1715546710081&bg=ffffff&guid=ON&async=1&gtm=45be4580z8831489522za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&label=fi0eCNTvhdIBEJvw3KsC&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-628570139&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software cafe / Resource Hash 6c8eea863b1054946011dfc0e79990d7361a15c28d6018b4ceef6902cf317aba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1648 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	893911818956842 Show response connect.facebook.net/signals/config/	56 KB 12 KB	83ms 82ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/893911818956842?v=2.9.156&r=stable&domain=offer.thomaskralow.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 909338809127f3ea064eff259383c9480dbe1b4182fb0349286ec89a2fd0f1dd Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 12 May 2024 20:45:10 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=26, rtx=0, c=69, mss=1208, tbw=63333, tp=-1, tpl=-1, uplat=61, ullat=0 pragma public x-fb-debug K74asdlEfEqgQLng59Tun9XMV7XrMFD9wQ7VS3NogA8p2BJo9fDErdyEDHlZXB1nNfeNkESruTribVGcG/ZFGQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	eY36pn.js Show response s.retargeted.co/2/	81 KB 29 KB	98ms 97ms	Script text/plain	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.retargeted.co/2/eY36pn.js Requested by Host: s.retargeted.co URL: https://s.retargeted.co/1/eY36pn.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f6a1c8b68d2e60afeffe767c64b5401adc64c1d2bdb7239caeda8b125017671 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:10 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} surrogate-control no-store content-disposition inline alt-svc h3=":443"; ma=86400 server cloudflare etag W/"1453a-pFrgkS53KcepQVBu/1qk+YzHRmI" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LqfEiV6%2B%2BNMfAiAAyQZSLmMUKiFVVvDkLmvpFAHf664oMg3P9LpiDZILfsjSt99hg3twkHYpQCBleLf%2Fdne7CgVeGU%2B9UnH8DAC28DWEqyWVn1UgXrxkqzxasEPXaaEZItQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-ray 882d403a2df54da2-FRA priority u=3,i=?0 expires 0
GET H2	200	adsct t.co/i/	43 B 375 B	189ms 137ms	Image image/gif	104.244.42.5 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?bci=3&eci=2&event_id=11cf3faa-cc89-4b9b-be18-8329698d26fb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=dc99e2b6-dc60-408d-9043-3514eb01cbe6&tw_document_href=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4xyz&type=javascript&version=2.3.30 Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.5 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-response-time 116 date Sun, 12 May 2024 20:45:10 GMT strict-transport-security max-age=0 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id 916dbb217509b304 cache-control no-cache, no-store, max-age=0 perf 7402827104 x-connection-hash ef42161846be19d24c7ba620fe08717fc3401711a456d87463783c16e41a8632 content-length 43
GET H2	200	adsct analytics.twitter.com/i/	43 B 394 B	266ms 197ms	Image image/gif	104.244.42.131 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=11cf3faa-cc89-4b9b-be18-8329698d26fb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=dc99e2b6-dc60-408d-9043-3514eb01cbe6&tw_document_href=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4xyz&type=javascript&version=2.3.30 Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.131 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-response-time 176 date Sun, 12 May 2024 20:45:09 GMT strict-transport-security max-age=631138519 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id f1bdf7dea2b67b4d cache-control no-cache, no-store, max-age=0 perf 7402827104 x-connection-hash c55e294b70ce9cf48cf2d685a9d4b87e225c1508cff75cc8613c0220b3a4930a content-length 43
GET H2	200	modules.1a30a0a67c3c23c13060.js Show response script.hotjar.com/	221 KB 55 KB	71ms 23ms	Script application/javascript	13.32.27.54 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.1a30a0a67c3c23c13060.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2965407.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.54 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-54.fra56.r.cloudfront.net Software / Resource Hash 6a22634f79988e2d27b3207f1b854001e840bc838901e419afcc287873f0cf4d Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 11:24:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 465664 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 55860 last-modified Tue, 07 May 2024 11:23:47 GMT etag "2fd6012f850b43dfffc8cb9291fc5153" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id Ssa92zJaoamMzeLBWuzNU5Zl41PJOJaelFjZWKtQ09AhK1mlkzTaGA==
GET H3	200	OneSignalPageSDKES6.js Show response cdn.onesignal.com/sdks/	284 KB 68 KB	77ms 77ms	Script application/javascript	104.16.160.145 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:10 GMT via 1.1 google content-encoding br cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains age 529 etag W/"e3be409ac3c100e2a5d3f264ec260551" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 882d403a3e43bb14-MXP access-control-allow-headers OneSignal-Subscription-Id alt-svc h3=":443"; ma=86400 expires Wed, 15 May 2024 20:45:10 GMT
GET H2	200	main.MWNkMWZjOGNjMA.js Show response analytics.tiktok.com/i18n/pixel/static/	411 KB 110 KB	24ms 24ms	Script application/javascript	2.18.64.11 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMA.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTRDPTGRQH54JI5RGP5G Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-11.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 4dee7b7f5bd454fc7b52f623814a23be6e9bc6b191ffb1b14a8202ce10d6813f Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 1f505740 date Sun, 12 May 2024 20:45:10 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 20240509122019944FBF90653DB1D9D895 x-tt-trace-id 00-240509122019944FBF90653DB1D9D895-7BB18191D7ADC5F7-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a2-20-179-75.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 017011d93ff2ab3446de586256b9ae8bb8b33686aa5ac422d0a704b344be53021cf02cb4d415341fa1eefbba4a07f6d101d72b9070022038f2c8fe2a1d4e48d163f450cdeca354b6b993feb8169ff62ba62f6dd4b2b14b1047bf87b50076208c81 server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4 content-length 111854
GET H2	200	25140019.js Show response bat.bing.com/p/action/	4 KB 2 KB	48ms 48ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/25140019.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 11510e4aeb355f9bb7e8cbc040a6c32e189e832e295c913a8ec79c043927ff93 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br date Sun, 12 May 2024 20:45:09 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 625BBADD3ABA463B8AC2436D1B807CBE Ref B: ZRHEDGE1512 Ref C: 2024-05-12T20:45:10Z vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript; charset=utf-8 cache-control private,max-age=60
GET H2	204	0 bat.bing.com/action/	0 285 B	46ms 46ms	Image text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=25140019&tm=gtm002&Ver=2&mid=e761f5ca-711c-4895-9ad9-b5d620bc1b8e&sid=8605f15010a011ef964dc59dab8bca59&vid=8606016010a011ef946135718ec3a8c9&vids=1&msclkid=N&pi=918639831&lg=de-CH&sw=1600&sh=1200&sc=24&tl=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&p=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&r=&lt=460&evt=pageLoad&sv=1&rn=356738 Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Sun, 12 May 2024 20:45:09 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 11A8AAAAD00A4697B6AB0BFB9C625674 Ref B: ZRHEDGE1512 Ref C: 2024-05-12T20:45:10Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 70 B	85ms 30ms	XHR text/plain	2a00:1450:400c:c00::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-167811283-1&cid=2152590.1715546710&jid=222243248&gjid=404101828&_gid=598134868.1715546710&_u=YADAAEAAAAAAACAEK~&z=73934882 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sun, 12 May 2024 20:45:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://offer.thomaskralow.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 354 B	83ms 28ms	XHR text/plain	2a00:1450:400c:c00::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-167811283-6&cid=2152590.1715546710&jid=783272856&gjid=1727255900&_gid=598134868.1715546710&_u=YADAAEABAAAAACAEK~&z=825406706 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sun, 12 May 2024 20:45:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://offer.thomaskralow.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	255 KB 90 KB	38ms 38ms	Script application/javascript	142.250.181.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-ZM0X32RMJT&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f8.1e100.net Software Google Tag Manager / Resource Hash f615a6768aa932e74bf337e77ac91eee067b554a8cfbf404a077179044de2a68 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:10 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 92280 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 12 May 2024 20:45:10 GMT
GET H2	200	8vo6r3v Show response thomaskralow.postaffiliatepro.com/scripts/	66 B 353 B	20ms 20ms	Script application/x-javascript	172.105.76.105 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://thomaskralow.postaffiliatepro.com/scripts/8vo6r3v?url=S_offer.thomaskralow.com%2Fchallenge&referrer=&isInIframe=false&getParams=%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&anchor= Requested by Host: thomaskralow.postaffiliatepro.com URL: https://thomaskralow.postaffiliatepro.com/scripts/8vo6j3v Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.105.76.105 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-105-76-105.ip.linodeusercontent.com Software nginx / Resource Hash 44cf61459750f94dfd0f2311fd784bc23067c34f9f73cd15a7563b0f380fae48 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type application/octet-stream, application/x-javascript date Sun, 12 May 2024 20:45:10 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 server nginx content-length 66 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/11453343756/	42 B 64 B	85ms 39ms	Image image/gif	142.250.186.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/11453343756/?random=1715546709954&cv=11&fst=1715544000000&bg=ffffff&guid=ON&async=1&gtm=45je4580v9172767246z89172730053za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqhp6RdyDsCY1Rm_dWP0mGJpJHQ_BWaQ&random=200730704&rmt_tld=0&ipr=y Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.68 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.ch/pagead/1p-user-list/11453343756/	42 B 154 B	33ms 32ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ch/pagead/1p-user-list/11453343756/?random=1715546709954&cv=11&fst=1715544000000&bg=ffffff&guid=ON&async=1&gtm=45je4580v9172767246z89172730053za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqhp6RdyDsCY1Rm_dWP0mGJpJHQ_BWaQ&random=200730704&rmt_tld=1&ipr=y Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/11453344185/	42 B 64 B	85ms 40ms	Image image/gif	142.250.186.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/11453344185/?random=1715546709947&cv=11&fst=1715544000000&bg=ffffff&guid=ON&async=1&gtm=45je4580v9172767246z89172730053za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqqXSToGzRZiIGSMJYB5UpsTT3RI4ntg&random=3806383756&rmt_tld=0&ipr=y Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.68 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.ch/pagead/1p-user-list/11453344185/	42 B 108 B	33ms 33ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ch/pagead/1p-user-list/11453344185/?random=1715546709947&cv=11&fst=1715544000000&bg=ffffff&guid=ON&async=1&gtm=45je4580v9172767246z89172730053za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqqXSToGzRZiIGSMJYB5UpsTT3RI4ntg&random=3806383756&rmt_tld=1&ipr=y Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/11452619613/	42 B 64 B	77ms 41ms	Image image/gif	142.250.186.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/11452619613/?random=1715546709910&cv=11&fst=1715544000000&bg=ffffff&guid=ON&async=1&gtm=45be4580z89172730053za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqEXa2TlHvNGUdD0NoYDrcSgmBxgUY9Q&random=1135864510&rmt_tld=0&ipr=y Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.68 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.ch/pagead/1p-user-list/11452619613/	42 B 108 B	34ms 33ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ch/pagead/1p-user-list/11452619613/?random=1715546709910&cv=11&fst=1715544000000&bg=ffffff&guid=ON&async=1&gtm=45be4580z89172730053za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqEXa2TlHvNGUdD0NoYDrcSgmBxgUY9Q&random=1135864510&rmt_tld=1&ipr=y Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/11453406857/	42 B 64 B	70ms 40ms	Image image/gif	142.250.186.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/11453406857/?random=1715546709958&cv=11&fst=1715544000000&bg=ffffff&guid=ON&async=1&gtm=45je4580v9172767246z89172730053za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqSjexIlid-VrejqzfXViuSOQPnKnv7g&random=1419220638&rmt_tld=0&ipr=y Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.68 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.ch/pagead/1p-user-list/11453406857/	42 B 108 B	33ms 32ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ch/pagead/1p-user-list/11453406857/?random=1715546709958&cv=11&fst=1715544000000&bg=ffffff&guid=ON&async=1&gtm=45je4580v9172767246z89172730053za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqSjexIlid-VrejqzfXViuSOQPnKnv7g&random=1419220638&rmt_tld=1&ipr=y Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/11453408783/	42 B 64 B	56ms 38ms	Image image/gif	142.250.186.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/11453408783/?random=1715546709961&cv=11&fst=1715544000000&bg=ffffff&guid=ON&async=1&gtm=45je4580v9172767246z89172730053za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtq-spIlTl7zxyMv6PfV1HXJC8uJHlWHA&random=3675360685&rmt_tld=0&ipr=y Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.68 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.ch/pagead/1p-user-list/11453408783/	42 B 108 B	32ms 32ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ch/pagead/1p-user-list/11453408783/?random=1715546709961&cv=11&fst=1715544000000&bg=ffffff&guid=ON&async=1&gtm=45je4580v9172767246z89172730053za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtq-spIlTl7zxyMv6PfV1HXJC8uJHlWHA&random=3675360685&rmt_tld=1&ipr=y Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/628593958/	42 B 64 B	33ms 33ms	Image image/gif	142.250.186.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/628593958/?random=1715546710006&cv=11&fst=1715544000000&bg=ffffff&guid=ON&async=1&gtm=45be4580z8831489522za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqQnOadAtuzZQySjWLwjxaoYT3uo7RcJrZ3a8b-zd0eQA9Dz52&random=855716712&rmt_tld=0&ipr=y Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.68 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.ch/pagead/1p-user-list/628593958/	42 B 64 B	32ms 32ms	Image image/gif	172.217.16.131 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ch/pagead/1p-user-list/628593958/?random=1715546710006&cv=11&fst=1715544000000&bg=ffffff&guid=ON&async=1&gtm=45be4580z8831489522za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqQnOadAtuzZQySjWLwjxaoYT3uo7RcJrZ3a8b-zd0eQA9Dz52&random=855716712&rmt_tld=1&ipr=y Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.ch/pagead/1p-conversion/628592560/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/628592560/?random=1732601150&cv=11&fst=1715546710045&bg=ffffff&guid=ON&async=1&gtm=45be4580v872330058z8831489522za201&gcd=13l3l3l3l1... https://www.google.com/pagead/1p-conversion/628592560/?random=1732601150&cv=11&fst=1715546710045&bg=ffffff&guid=ON&async=1&gtm=45be4580v872330058z8831489522za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1... https://www.google.ch/pagead/1p-conversion/628592560/?random=1732601150&cv=11&fst=1715546710045&bg=ffffff&guid=ON&async=1&gtm=45be4580v872330058z8831489522za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=12...	42 B 64 B	41ms 41ms	Image image/gif	172.217.16.131 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ch/pagead/1p-conversion/628592560/?random=1732601150&cv=11&fst=1715546710045&bg=ffffff&guid=ON&async=1&gtm=45be4580v872330058z8831489522za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&label=LmT6CMr-l9IBELCf3qsC&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&value=0&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIhvOCwv2IhgMV0l4dCR3aageyMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6H2h0dHBzOi8vb2ZmZXIudGhvbWFza3JhbG93LmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqsfmlMKcWMsSvGCBIlWIKr4xkYQRBKmSaQtqwVd6Yr0QAkcxE&eitems=ChEI8NGBsgYQraXi1bHC-auaARIdACxneDwod80cetofNpNNeh-ZpF2uHhQSrWCjPis&random=1709184065&ipr=y Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H3 Server 172.217.16.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Referer https://offer.thomaskralow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://www.google.ch/pagead/1p-conversion/628592560/?random=1732601150&cv=11&fst=1715546710045&bg=ffffff&guid=ON&async=1&gtm=45be4580v872330058z8831489522za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&label=LmT6CMr-l9IBELCf3qsC&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&value=0&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIhvOCwv2IhgMV0l4dCR3aageyMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6H2h0dHBzOi8vb2ZmZXIudGhvbWFza3JhbG93LmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqsfmlMKcWMsSvGCBIlWIKr4xkYQRBKmSaQtqwVd6Yr0QAkcxE&eitems=ChEI8NGBsgYQraXi1bHC-auaARIdACxneDwod80cetofNpNNeh-ZpF2uHhQSrWCjPis&random=1709184065&ipr=y content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.ch/pagead/1p-conversion/628570139/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/628570139/?random=1757761771&cv=11&fst=1715546710081&bg=ffffff&guid=ON&async=1&gtm=45be4580z8831489522za201&gcd=13l3l3l3l1&dma=0&u_w... https://www.google.com/pagead/1p-conversion/628570139/?random=1757761771&cv=11&fst=1715546710081&bg=ffffff&guid=ON&async=1&gtm=45be4580z8831489522za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=ht... https://www.google.ch/pagead/1p-conversion/628570139/?random=1757761771&cv=11&fst=1715546710081&bg=ffffff&guid=ON&async=1&gtm=45be4580z8831489522za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=htt...	42 B 64 B	35ms 35ms	Image image/gif	172.217.16.131 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ch/pagead/1p-conversion/628570139/?random=1757761771&cv=11&fst=1715546710081&bg=ffffff&guid=ON&async=1&gtm=45be4580z8831489522za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&label=fi0eCNTvhdIBEJvw3KsC&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&value=0&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIt--Cwv2IhgMVuEcdCR3L0Q18MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6H2h0dHBzOi8vb2ZmZXIudGhvbWFza3JhbG93LmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqYg9Cm1sLCCax3P0wDJVmlLXQSC2_zq-qiLDqaO38nCoQmH0o&eitems=ChEI8NGBsgYQraXi1bHC-auaARIdACxneDyEP3N93KVGHsvG_VzvlkGlsQmIBjqs0bY&random=1056435849&ipr=y Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H3 Server 172.217.16.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Referer https://offer.thomaskralow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://www.google.ch/pagead/1p-conversion/628570139/?random=1757761771&cv=11&fst=1715546710081&bg=ffffff&guid=ON&async=1&gtm=45be4580z8831489522za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&label=fi0eCNTvhdIBEJvw3KsC&hn=www.googleadservices.com&frm=0&tiba=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&value=0&npa=0&pscdl=noapi&auid=68238120.1715546710&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIt--Cwv2IhgMVuEcdCR3L0Q18MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6H2h0dHBzOi8vb2ZmZXIudGhvbWFza3JhbG93LmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqYg9Cm1sLCCax3P0wDJVmlLXQSC2_zq-qiLDqaO38nCoQmH0o&eitems=ChEI8NGBsgYQraXi1bHC-auaARIdACxneDyEP3N93KVGHsvG_VzvlkGlsQmIBjqs0bY&random=1056435849&ipr=y content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	25140019 Show response www.clarity.ms/tag/uet/	845 B 1 KB	439ms 335ms	Script application/x-javascript	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/uet/25140019 Requested by Host: bat.bing.com URL: https://bat.bing.com/p/action/25140019.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash ea74ebc537f36ed66a56abf47117a0bda482ab7a58b3a370e8dbd544de07d523 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires -1 date Sun, 12 May 2024 20:45:10 GMT x-azure-ref 20240512T204510Z-159b8b7d5db8w4g6xrbdfm1q3000000009qg000000003029 x-cache CONFIG_NOCACHE content-type application/x-javascript cache-control no-cache, no-store accept-ranges bytes content-length 845 request-context appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
GET H3	200	246852743290712 Show response connect.facebook.net/signals/config/	30 KB 5 KB	159ms 159ms	Script application/x-javascript	157.240.252.13 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/246852743290712?v=2.9.156&r=stable&domain=offer.thomaskralow.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-fra3.fbcdn.net Software / Resource Hash 08e5218e86d052dc7680d142b84282c34688580df334afd2dd13ff90aa5c705c Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 12 May 2024 20:45:10 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=19, rtx=0, c=23, mss=1232, tbw=4335, tp=9, tpl=0, uplat=135, ullat=0 pragma public x-fb-debug bOz8pFGRzEe73jQzhwjI6tBqHMJObPRl0/tMaSbrzqrK7kW8zlQPRB74Sa5xE5HgoG2SGwmTx0+lFQxvGwSOYA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 274 B	73ms 21ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=893911818956842&ev=PageView&dl=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&rl=&if=false&ts=1715546710184&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1715546710184.800755143&ler=empty&cdl=API_unavailable&it=1715546710093&coo=false&rqm=GET Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1208, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Sun, 12 May 2024 20:45:10 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	identify_93546.js Show response analytics.tiktok.com/i18n/pixel/static/	139 KB 37 KB	24ms 23ms	Script application/javascript	2.18.64.11 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_93546.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-11.deploy.static.akamaitechnologies.com Software nginx / Resource Hash a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 1f505951 date Sun, 12 May 2024 20:45:10 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 202405081621313063E895026333774F99 x-tt-trace-id 00-2405081621313063E895026333774F99-164A2C152166EF81-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a2-20-179-75.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 015b6ef821865e27c4c2c8ab941647d8d63665b204d9d7b9ca07d02d042f1c8cbd505b31ed141d57b5ba84c0dc478938770d0b7b41c6d9c4d067b8ba7145195c1dd84a7d1de2218ea99e02689c90ba7e02d03055fefe45a441d104941f24dcd6f3 server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2 content-length 36906
POST H2	200	pangle_pixel analytics.pangle-ads.com/api/v2/	0 962 B	354ms 112ms	Ping text/plain	173.223.163.208 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.pangle-ads.com/api/v2/pangle_pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.223.163.208 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a173-223-163-208.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 62607d86.5fc13b9a date Sun, 12 May 2024 20:45:10 GMT x-bytefaas-request-id 20240512204510C2079BC3081F0455978D x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240512204510C2079BC3081F0455978D-3145FF4EF640F83A-00 x-cache TCP_MISS from a23-202-158-16.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56213035) (-) x-parent-response-time 11,23.202.158.16 server-timing cdn-cache; desc=MISS, edge; dur=2, origin; dur=9, inner; dur=5 content-length 0 pragma no-cache server nginx x-tt-logid 20240512204510C2079BC3081F0455978D x-cache-remote TCP_MISS from a23-222-2-26.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56213035) (-) access-control-max-age 86400 access-control-allow-methods * content-type text/plain; charset=utf-8 access-control-allow-origin * x-bytefaas-execution-duration 4.44 cache-control max-age=0, no-cache, no-store access-control-allow-credentials true x-gw-dst-psm ad.union.pangle_web_traffic x-tt-trace-host 015f59a9b2ca40714c9d039a43d3936a607e415b8250e7d8444a77b0c2f1b43f9a7af988ab2840f3bef7c41c2707cc0fdbfa908e0bcfbbe0cfcd2554eb12caeefa129bac2beca00d13f31b2c4c58f0089327621b7d287e5e40e99208d58b70a1ed1ea713e82898b72b9f757503f6e263e0 x-origin-response-time 9,23.222.2.26 access-control-allow-headers * expires Sun, 12 May 2024 20:45:10 GMT
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 843 B	141ms 139ms	Ping text/plain	2.18.64.11 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-11.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 2318b965.1f505a53 date Sun, 12 May 2024 20:45:10 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2405122045101ECDAABBDF6135561122-6B12D1E1F9A14EFA-00 x-cache TCP_MISS from a2-20-179-75.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-) x-parent-response-time 115,2.20.179.75 server-timing cdn-cache; desc=MISS, edge; dur=89, origin; dur=30, inner; dur=26 content-length 0 pragma no-cache server nginx x-tt-logid 202405122045101ECDAABBDF6135561122 x-cache-remote TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 30,23.220.104.8 x-tt-trace-host 015f59a9b2ca40714c9d039a43d3936a6078a8799e4cfeb1181a1679d052cfb14218166f29d084bfab4666320b967a45543f34dc66f8106f0e72f8869d592b47e012e5d6dc2b7dade06d4fd030034d93b5f38651df86783589f0493e6d39d0eda2d46589f1addf9c063e7debb685361e16 access-control-allow-headers Authorization,* expires Sun, 12 May 2024 20:45:10 GMT
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 701 B	159ms 157ms	Ping text/plain	2.18.64.11 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-11.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 1f505a5f date Sun, 12 May 2024 20:45:10 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2405122045101C08F5CABCF6A557CCAE-482605E2691D8A63-00 x-cache TCP_MISS from a2-20-179-75.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-) server-timing inner; dur=39, cdn-cache; desc=MISS, edge; dur=6, origin; dur=129 content-length 0 pragma no-cache server nginx x-tt-logid 202405122045101C08F5CABCF6A557CCAE access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 130,2.20.179.75 x-tt-trace-host 015f59a9b2ca40714c9d039a43d3936a601fb65e9e4e6b037174e6e2ba38af41c85b0bffa239184e027dfafb8d8a3b4b3e1e6fb802d0f296b224dd012f660cfe00bc8334189b4a86a01867a0427cb2992c7053a68f101437b1297d65ce2c27119f access-control-allow-headers Authorization,* expires Sun, 12 May 2024 20:45:10 GMT
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	46ms 45ms	Image image/gif	142.250.186.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-167811283-6&cid=2152590.1715546710&jid=783272856&_u=YADAAEABAAAAACAEK~&z=1591223057 Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.68 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.ch/ads/	42 B 63 B	45ms 45ms	Image image/gif	172.217.16.131 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-167811283-6&cid=2152590.1715546710&jid=783272856&_u=YADAAEABAAAAACAEK~&z=1591223057 Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	50ms 49ms	Image image/gif	142.250.186.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-167811283-1&cid=2152590.1715546710&jid=222243248&_u=YADAAEAAAAAAACAEK~&z=1724963829 Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.68 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.ch/ads/	42 B 63 B	46ms 46ms	Image image/gif	172.217.16.131 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-167811283-1&cid=2152590.1715546710&jid=222243248&_u=YADAAEAAAAAAACAEK~&z=1724963829 Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 54 B	36ms 36ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-ZM0X32RMJT&_ng=1&gtm=45je4580v9133862582za200&_p=1715546709653&_gaz=1&gcd=13l3l3l3l2&npa=0&dma=0&ul=de-ch&sr=1600x1200&cid=2152590.1715546710&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&dt=Thomas%20Kralow%20x%20Bybit%20Trading%20Challenge&sid=1715546710&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1046 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-ZM0X32RMJT&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT server Golfe2 content-type text/plain access-control-allow-origin https://offer.thomaskralow.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 54 B	28ms 28ms	Ping text/plain	2a00:1450:400c:c00::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-ZM0X32RMJT&cid=2152590.1715546710&gtm=45je4580v9133862582za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0&frm=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-ZM0X32RMJT&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT server Golfe2 content-type text/plain access-control-allow-origin https://offer.thomaskralow.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.ch/ads/	42 B 63 B	49ms 48ms	Image image/gif	172.217.16.131 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-ZM0X32RMJT&cid=2152590.1715546710&gtm=45je4580v9133862582za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0&frm=0&z=744878265 Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	thomas-min_1-min.jpg optim.tildacdn.net/tild3663-6131-4330-a435-646366323833/-/cover/112x111/center/center/-/format/webp/	2 KB 2 KB	33ms 22ms	Image image/jpeg	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Show image Full URL https://optim.tildacdn.net/tild3663-6131-4330-a435-646366323833/-/cover/112x111/center/center/-/format/webp/thomas-min_1-min.jpg Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 5c5cbf03099881bea427cd9ac1c7e1b902d42c33784029d2dd84d047c02d602b Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc16 date Sun, 12 May 2024 20:45:10 GMT last-modified Thu, 02 May 2024 11:00:07 GMT server nginx traceparent 00-876641769de2503298af8a404dc4f605-a3c9b985fa448f48-01 x-id-shield am3-hw-edge-gc89 etag "66337237-78c" x-cached-since 2024-05-10T10:12:12+00:00, 2024-05-10T10:20:45+00:00 content-type image/jpeg access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT, HIT x-tilda-server 3 accept-ranges bytes content-length 1932
GET H2	200	Frame_13-min.jpg optim.tildacdn.net/tild6635-6366-4632-a238-316463633935/-/cover/111x111/center/center/-/format/webp/	1022 B 1 KB	32ms 21ms	Image image/jpeg	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Show image Full URL https://optim.tildacdn.net/tild6635-6366-4632-a238-316463633935/-/cover/111x111/center/center/-/format/webp/Frame_13-min.jpg Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash f2cc267cc9998a8347456d27a8276b256d848e61517d960001ef825a47267cd2 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc38 date Sun, 12 May 2024 20:45:10 GMT last-modified Mon, 06 May 2024 06:56:34 GMT server nginx traceparent 00-56fb6be174d6ee5e2aae3599864b9cef-344059f710972561-01 x-id-shield am3-hw-edge-gc89 etag "66387f22-3fe" x-cached-since 2024-05-10T10:12:12+00:00, 2024-05-10T10:20:45+00:00 content-type image/jpeg access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT, HIT x-tilda-server 2 accept-ranges bytes content-length 1022
GET H2	200	IMG_3475.jpg optim.tildacdn.net/tild3736-3331-4035-a532-363561653038/-/cover/411x396/center/center/-/format/webp/	15 KB 15 KB	30ms 25ms	Image image/jpeg	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Show image Full URL https://optim.tildacdn.net/tild3736-3331-4035-a532-363561653038/-/cover/411x396/center/center/-/format/webp/IMG_3475.jpg Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 7337b5da115bb9c5edd82844015ef60aa13d7f824dc4e52d94e14bcca1f66d1b Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc34 date Sun, 12 May 2024 20:45:10 GMT last-modified Mon, 06 May 2024 06:56:21 GMT server nginx traceparent 00-75fe4330cede93b53de07fdbd1577e54-3b63c4295c36e99f-01 x-id-shield am3-hw-edge-gc88 etag "66387f15-3cdc" x-cached-since 2024-05-10T10:12:12+00:00, 2024-05-10T10:20:45+00:00 content-type image/jpeg access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT, HIT x-tilda-server 2 accept-ranges bytes content-length 15580
GET H2	200	photo_2024-03-08_11-.jpg optim.tildacdn.net/tild3832-3937-4666-b835-306331636662/-/cover/360x535/center/center/-/format/webp/	26 KB 26 KB	28ms 25ms	Image image/jpeg	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Show image Full URL https://optim.tildacdn.net/tild3832-3937-4666-b835-306331636662/-/cover/360x535/center/center/-/format/webp/photo_2024-03-08_11-.jpg Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 180d81f492ccb35fcb9b7f4bc6c9a2797ab30676a8bcc61201eb8000302b5b74 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc33 date Sun, 12 May 2024 20:45:10 GMT last-modified Mon, 06 May 2024 06:56:37 GMT server nginx traceparent 00-29b2cafbdaa88c0e55ded880d83de72c-7fbad7e14a24a546-01 x-id-shield am3-hw-edge-gc89 etag "66387f25-6654" x-cached-since 2024-05-10T10:12:36+00:00, 2024-05-10T10:20:45+00:00 content-type image/jpeg access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT, HIT x-tilda-server 2 accept-ranges bytes content-length 26196
GET H2	200	photo_2024-03-08_11-.jpg optim.tildacdn.net/tild3031-3066-4466-b836-323063326366/-/cover/360x535/center/center/-/format/webp/	30 KB 30 KB	24ms 22ms	Image image/jpeg	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Show image Full URL https://optim.tildacdn.net/tild3031-3066-4466-b836-323063326366/-/cover/360x535/center/center/-/format/webp/photo_2024-03-08_11-.jpg Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash ce35cbceb76b4d7fe7df95250620ee3dc4949e18fec59f1ad6d272f9681f8dfb Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc22 date Sun, 12 May 2024 20:45:10 GMT last-modified Fri, 03 May 2024 11:21:17 GMT server nginx traceparent 00-700bc358dbb3202c00764c9a4cb1a362-777b9e6bb5463f25-01 x-id-shield am3-hw-edge-gc88 etag "6634c8ad-7820" x-cached-since 2024-05-10T10:12:36+00:00, 2024-05-10T10:20:45+00:00 content-type image/jpeg access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT, HIT x-tilda-server 2 accept-ranges bytes content-length 30752
GET H2	200	photo_2024-03-08_11-.jpg optim.tildacdn.net/tild3039-6331-4235-b936-303036336462/-/cover/360x535/center/center/-/format/webp/	44 KB 44 KB	26ms 26ms	Image image/jpeg	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Show image Full URL https://optim.tildacdn.net/tild3039-6331-4235-b936-303036336462/-/cover/360x535/center/center/-/format/webp/photo_2024-03-08_11-.jpg Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 37fafa119c875537770065ae5db2c112425c50960d5508f25a8f3ba9a114dcb8 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc15 date Sun, 12 May 2024 20:45:10 GMT last-modified Fri, 03 May 2024 11:21:18 GMT server nginx traceparent 00-4a42c666e68d4a43bcfca4d3eec737b8-d57f830204bf4f81-01 x-id-shield am3-hw-edge-gc89 etag "6634c8ae-b070" x-cached-since 2024-05-10T10:12:36+00:00, 2024-05-10T10:20:45+00:00 content-type image/jpeg access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT, HIT x-tilda-server 2 accept-ranges bytes content-length 45168
GET H2	200	Group_1437254331.svg static.tildacdn.net/tild3163-3734-4761-a633-366337393734/	274 B 762 B	21ms 21ms	Image image/svg+xml	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Show image Full URL https://static.tildacdn.net/tild3163-3734-4761-a633-366337393734/Group_1437254331.svg Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash a50d868e0f432d7e3395cbd90662971655a8290562cf5e419287c62af5baa94a Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-container-storage-policy-name Policy-0 x-id fr5-hw-edge-gc38 date Sun, 12 May 2024 20:45:10 GMT content-encoding gzip age 0 x-cached-since 2024-05-09T17:02:28+00:00 x-id-fe fr5-hw-edge-gc62 x-trans-id 17cba2dafbdad15e tserver 9 last-modified Thu, 02 May 2024 09:45:45 GMT server nginx traceparent 00-a7018af4353706f01df674c393901d17-4b5f92c16ae9e720-01 x-id-shield am3-hw-edge-gc89 etag W/"3485e85569baa6aa3ca4aea558606d26" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Expires, Cache-Control cache-control max-age=5184000 cache MISS, HIT x-timestamp 1714643144.55848 x-container-storage-policy-index 0 expires Mon, 08 Jul 2024 17:02:28 GMT
GET H3	200	web Show response onesignal.com/api/v1/sync/78fb0a72-66d1-471e-be66-5c2635d61d6a/	5 KB 2 KB	113ms 103ms	Script text/javascript	104.16.160.145 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onesignal.com/api/v1/sync/78fb0a72-66d1-471e-be66-5c2635d61d6a/web?callback=__jp0 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605 Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce938e07ec0d216c91700e3b8561922d386f2a5db08f86ec479ea6f70b07d986 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:10 GMT via 1.1 google x-content-type-options nosniff cf-cache-status EXPIRED content-encoding br x-permitted-cross-domain-policies none strict-transport-security max-age=15552000; includeSubDomains alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id fc1f9da3-0b7f-40ea-94b1-759434967d6a x-runtime 0.044980 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"ce938e07ec0d216c91700e3b8561922d" x-download-options noopen vary Origin, Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600 cf-ray 882d403bb8d2bb14-MXP access-control-allow-headers SDK-Version expires Sun, 12 May 2024 21:45:10 GMT
GET H3	200	356536540038002 Show response connect.facebook.net/signals/config/	20 KB 3 KB	145ms 144ms	Script application/x-javascript	157.240.252.13 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/356536540038002?v=2.9.156&r=stable&domain=offer.thomaskralow.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114%2C124%2C117 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-fra3.fbcdn.net Software / Resource Hash 242c22ce9e0c42980763659836a3d780d1f84826db0a80d25722c62625614da3 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 12 May 2024 20:45:10 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=19, rtx=0, c=29, mss=1232, tbw=11887, tp=17, tpl=0, uplat=123, ullat=0 pragma public x-fb-debug rVrOykYOk70LK272BRrJd6Nd7Q9tXmJ2+bR+EtLxf3bXaVgOlIDzfJKzyEFBliTbn/NIBn286s1ufXw3JZa6Og== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 103 B	22ms 21ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=246852743290712&ev=PageView&dl=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&rl=&if=false&ts=1715546710348&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1715546710184.800755143&ler=empty&cdl=API_unavailable&cs_est=true&it=1715546710093&coo=false&tm=1&rqm=GET Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1208, tbw=3133, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Sun, 12 May 2024 20:45:10 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H3	200	/ www.facebook.com/tr/	0 19 B	22ms 22ms	Image text/plain	157.240.0.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=246852743290712&ev=PageView&dl=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&rl=&if=false&ts=1715546710498&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1715546710184.800755143&ler=empty&cdl=API_unavailable&cs_est=true&it=1715546710093&coo=false&rqm=GET Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-fra3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=4385, tp=10, tpl=0, uplat=1, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Sun, 12 May 2024 20:45:10 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 priority u=3,i
GET H3	200	/ www.facebook.com/tr/	0 16 B	22ms 22ms	Image text/plain	157.240.0.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=356536540038002&ev=PageView&dl=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&rl=&if=false&ts=1715546710499&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1715546710184.800755143&ler=empty&cdl=API_unavailable&it=1715546710093&coo=false&rqm=GET Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-fra3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=4657, tp=11, tpl=0, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Sun, 12 May 2024 20:45:10 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 priority u=3,i
POST H2	200	act analytics.tiktok.com/api/v2/pixel/	0 843 B	144ms 144ms	Ping text/plain	2.18.64.11 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel/act Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-11.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 1f55db1.1f506207 date Sun, 12 May 2024 20:45:10 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240512204510DCE7CA78B7D50C525B0D-5E3FD2F649D2B0AE-00 x-cache TCP_MISS from a2-20-179-75.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-) x-parent-response-time 116,2.20.179.75 server-timing cdn-cache; desc=MISS, edge; dur=93, origin; dur=28, inner; dur=25 content-length 0 pragma no-cache server nginx x-tt-logid 20240512204510DCE7CA78B7D50C525B0D x-cache-remote TCP_MISS from a23-218-222-71.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 28,23.218.222.71 x-tt-trace-host 015f59a9b2ca40714c9d039a43d3936a6078a8799e4cfeb1181a1679d052cfb142b1b881899dc9294c89b22fcd5f5e3643608fdcb2857d6085d7cf1cfa4c052d7f8fc44c452b027a51bc15b30344d5f23063c51f40a81f9c17b44a58068c29f3a0e3a80354802b0d9c211812e139ef8cdc access-control-allow-headers Authorization,* expires Sun, 12 May 2024 20:45:10 GMT
OPTIONS H2	200	gusid 181569.t.hyros.com/v1/lst/ Frame	0 0	373ms 119ms	Preflight	3.83.74.99 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://181569.t.hyros.com/v1/lst/gusid Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.83.74.99 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-83-74-99.compute-1.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers product-id,ref-url Access-Control-Request-Method GET Origin https://offer.thomaskralow.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers product-id,ref-url access-control-allow-methods GET, PUT, POST, OPTIONS, DELETE access-control-allow-origin https://offer.thomaskralow.com access-control-expose-headers Session-ID access-control-max-age 86400 allow GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH content-length 0 date Sun, 12 May 2024 20:45:10 GMT strict-transport-security max-age=31536000; includeSubDomains vary Origin Access-Control-Request-Method Access-Control-Request-Headers
GET H2	200	gusid Show response 181569.t.hyros.com/v1/lst/	0 526 B	362ms 129ms	XHR text/plain	3.83.74.99 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://181569.t.hyros.com/v1/lst/gusid Requested by Host: 181569.tracking.hyros.com URL: https://181569.tracking.hyros.com/v1/lst/universal-script?ph=cc0b7e286648b4df80d6f32db9a19baa58d0137013591a2cf031482cae96c24c&tag=!tracking Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.83.74.99 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-83-74-99.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language de-CH,de;q=0.9;q=0.9 Product-ID 181569 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Referer https://offer.thomaskralow.com/ Ref-Url https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:11 GMT strict-transport-security max-age=31536000; includeSubDomains session-id HB-ET_a36ecf785638edc2ae27196dd11a29c2ff8c1af434043aa546d6fc57968a3e62 etag HB-ET_a36ecf785638edc2ae27196dd11a29c2ff8c1af434043aa546d6fc57968a3e62 access-control-max-age 86400 access-control-allow-methods GET, PUT, POST, OPTIONS, DELETE access-control-allow-origin https://offer.thomaskralow.com access-control-expose-headers Session-ID access-control-allow-credentials true content-length 0
GET H2	200	clarity.js Show response www.clarity.ms/s/0.7.32/	61 KB 26 KB	30ms 30ms	Script application/javascript	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/s/0.7.32/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/uet/25140019 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:10 GMT content-encoding br last-modified Fri, 10 May 2024 17:30:20 GMT etag W/"0x8DC7116DE09E645" vary Accept-Encoding x-azure-ref 20240512T204510Z-159b8b7d5db8w4g6xrbdfm1q3000000009qg00000000302q content-type application/javascript;charset=utf-8 access-control-allow-origin * x-ms-request-id 08555edc-101e-0028-060c-a34f73000000 cache-control public, max-age=86400 x-cache TCP_HIT x-ms-version 2018-03-28 x-fd-int-roxy-purgeid 51562430
GET H2	200	c.gif c.clarity.ms/ Redirect Chain https://c.clarity.ms/c.gif https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7BB54F49AA8A48AC96A3B3311E376E72&RedC=c.clarity.ms&MXFR=2BE50EE9DA8F61B01A071A94DE8F6F87 https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7BB54F49AA8A48AC96A3B3311E376E72&MUID=376C29776164692F0E723D0A601468D5	42 B 441 B	45ms 44ms	Image image/gif	68.219.88.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7BB54F49AA8A48AC96A3B3311E376E72&MUID=376C29776164692F0E723D0A601468D5 Protocol H2 Server 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Referer https://offer.thomaskralow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT last-modified Fri, 01 Mar 2024 22:54:48 GMT server Microsoft-IIS/10.0 etag "3e26b762b6cda1:0" x-powered-by ASP.NET content-type image/gif p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-length 42 Redirect headers pragma no-cache date Sun, 12 May 2024 20:45:10 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: C3F445990BA7402494CA875F1E8395CC Ref B: ZRHEDGE1512 Ref C: 2024-05-12T20:45:10Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7BB54F49AA8A48AC96A3B3311E376E72&MUID=376C29776164692F0E723D0A601468D5 cache-control private, no-cache, proxy-revalidate, no-store content-length 0
GET H2	200	favicon.ico static.tildacdn.net/tild3862-3663-4338-b739-626139376139/	32 KB 33 KB	22ms 22ms	Other image/vnd.microsoft.icon	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.net/tild3862-3663-4338-b739-626139376139/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 7441df1cd712d173444b08e3fdbf49be09d4639fed78820a2459108ed5bd753b Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-container-storage-policy-name Policy-0 x-id fr5-hw-edge-gc56 date Sun, 12 May 2024 20:45:10 GMT age 0 x-cached-since 2024-04-16T14:54:42+00:00 x-id-fe fr5-hw-edge-gc62 content-length 32988 x-trans-id 1752661a00adfc8e tserver 9 last-modified Mon, 03 Apr 2023 10:31:13 GMT server nginx traceparent 00-e43a0a71900080193bdd1201de8dfd37-ebedc9d626cfcde4-01 etag "1dfe1d7655d00a82f23c0350bdbaa041" content-type image/vnd.microsoft.icon access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Expires, Cache-Control cache-control public cache HIT x-timestamp 1680517872.83011 x-container-storage-policy-index 0 accept-ranges bytes
POST H/1.1	204 No Content	collect Show response p.clarity.ms/	0 302 B	634ms 383ms	XHR text/plain	20.122.63.128 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://p.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.32/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/x-clarity-gzip Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Origin https://offer.thomaskralow.com Date Sun, 12 May 2024 20:45:11 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
GET H2	200	pc Show response 181569.t.hyros.com/v1/lst/	117 B 420 B	133ms 133ms	XHR application/json	3.83.74.99 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://181569.t.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F124.0.0.0+Safari%2F537.36 Requested by Host: 181569.tracking.hyros.com URL: https://181569.tracking.hyros.com/v1/lst/universal-script?ph=cc0b7e286648b4df80d6f32db9a19baa58d0137013591a2cf031482cae96c24c&tag=!tracking Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.83.74.99 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-83-74-99.compute-1.amazonaws.com Software / Resource Hash 673f01b470b7bb0a0a919041bf15f3feca3c76e196d715e8119957096e0ca015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Session-ID HB-ET_a36ecf785638edc2ae27196dd11a29c2ff8c1af434043aa546d6fc57968a3e62 Product-ID 181569 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-type application/json; charset=utf-8 Access-Control-Allow-Origin * Accept-Language de-CH,de;q=0.9;q=0.9 Referer https://offer.thomaskralow.com/ Access-Control-Allow-Headers * sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 20:45:11 GMT strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 86400 access-control-allow-methods GET, PUT, POST, OPTIONS, DELETE content-type application/json;charset=UTF-8 access-control-allow-origin https://offer.thomaskralow.com access-control-expose-headers Session-ID access-control-allow-credentials true content-length 117
OPTIONS H2	200	pc 181569.t.hyros.com/v1/lst/ Frame	0 0	119ms 119ms	Preflight	3.83.74.99 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://181569.t.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Foffer.thomaskralow.com%2Fchallenge%3Futm_source%3Dtg-pre%26utm_campaign%3Dtr_reg%26utm_term%3Dch1005&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F124.0.0.0+Safari%2F537.36 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.83.74.99 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-83-74-99.compute-1.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id Access-Control-Request-Method GET Origin https://offer.thomaskralow.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id access-control-allow-methods GET, PUT, POST, OPTIONS, DELETE access-control-allow-origin https://offer.thomaskralow.com access-control-expose-headers Session-ID access-control-max-age 86400 allow GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH content-length 0 date Sun, 12 May 2024 20:45:11 GMT strict-transport-security max-age=31536000; includeSubDomains vary Origin Access-Control-Request-Method Access-Control-Request-Headers
GET H2	200	tilda-stat-1.0.min.js Show response static.tildacdn.net/js/	9 KB 3 KB	21ms 20ms	Script application/javascript	2a03:90c0:41:2801::62 GCORE
General Check archive.org Show headers Download Go to Full URL https://static.tildacdn.net/js/tilda-stat-1.0.min.js Requested by Host: offer.thomaskralow.com URL: https://offer.thomaskralow.com/challenge?utm_source=tg-pre&utm_campaign=tr_reg&utm_term=ch1005 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 0565de9b4919bf1cbc345d8218425e4951d97c7e8c36263bee72e2d72038c73f Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc58 date Sun, 12 May 2024 20:45:11 GMT content-encoding gzip tserver 13 last-modified Wed, 07 Sep 2022 13:40:09 GMT server nginx traceparent 00-0411fa39173d7fc02b9ec9fde224ea4d-938cbba4a23c90f8-01 etag W/"63189f39-2211" x-cached-since 2024-04-13T13:34:29+00:00 content-type application/javascript; charset=utf-8 access-control-allow-origin * x-id-fe fr5-hw-edge-gc62 cache HIT
POST H2	200	/ Show response stat.tildacdn.com/event/	16 B 150 B	244ms 115ms	XHR application/json	193.3.17.198 TILDAPUBLISHING-RU-1
General Check archive.org Show headers Download Go to Full URL https://stat.tildacdn.com/event/ Requested by Host: static.tildacdn.net URL: https://static.tildacdn.net/js/tilda-stat-1.0.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.3.17.198 , Russian Federation, ASN210753 (TILDAPUBLISHING-RU-1, RU), Reverse DNS 198-17.addr.tildacdn.net Software / Resource Hash fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://offer.thomaskralow.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers access-control-allow-origin https://offer.thomaskralow.com date Sun, 12 May 2024 20:45:14 GMT x-tilda-server 11 content-type application/json;charset=utf-8