urlscan.io logo urlscan.io
SecurityTrails logo

jalantikus.com Open in urlscan Pro
124.155.223.195  Public Scan

Go To Rescan Add Verdict Report
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Submission: On December 27 via api from CZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 67 IPs in 8 countries across 59 domains to perform 506 HTTP transactions. The main IP is 124.155.223.195, located in Singapore and belongs to STARHUB-INTERNET StarHub Ltd, SG. The main domain is jalantikus.com. The Cisco Umbrella rank of the primary domain is 136961.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 26th 2022. Valid for: a year.
This is the only time jalantikus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 124.155.223.195 4657 (STARHUB-I...)
11 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
8 124.155.223.238 4657 (STARHUB-I...)
1 4 162.19.58.161 16276 (OVH)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 13.32.27.7 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
25 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:303... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
1 99.86.4.91 16509 (AMAZON-02)
2 34.96.95.4 396982 (GOOGLE-CL...)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
9 124.155.223.225 4657 (STARHUB-I...)
4 2a00:1450:400... 15169 (GOOGLE)
1 143.204.215.118 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2620:1ec:49::44 8075 (MICROSOFT...)
4 188.65.124.90 41690 (DAILYMOTI...)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:402... 15169 (GOOGLE)
49 2a00:1450:400... 15169 (GOOGLE)
4 52.167.85.21 8075 (MICROSOFT...)
4 15 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2 185.94.180.126 35220 (SPOTX-AMS)
20 35.227.207.122 15169 (GOOGLE)
2 13.251.113.77 16509 (AMAZON-02)
14 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 13.251.113.78 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2600:1901:0:7... 15169 (GOOGLE)
48 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2620:116:800d... 16509 (AMAZON-02)
2 98.98.134.243 21859 (ZEN-ECN)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
3 24 172.217.16.130 15169 (GOOGLE)
4 4 185.64.190.78 62713 (AS-PUBMATIC)
2 2 72.251.249.13 32475 (SINGLEHOP...)
2 2 13.248.245.213 16509 (AMAZON-02)
1 2 51.89.9.252 16276 (OVH)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
4 4 18.158.138.18 16509 (AMAZON-02)
1 1 69.173.144.138 26667 (RUBICONPR...)
4 4 172.64.154.237 13335 (CLOUDFLAR...)
3 3 213.19.147.45 3356 (LEVEL3)
2 185.86.139.103 201081 (SMARTADSE...)
2 4 2001:678:cb4:... 56396 (AMOBEE)
2 2 3.123.245.15 16509 (AMAZON-02)
1 1 151.101.66.49 54113 (FASTLY)
1 1 35.204.158.49 396982 (GOOGLE-CL...)
2 2 37.252.172.123 29990 (ASN-APPNEX)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 35.190.0.66 15169 (GOOGLE)
1 45.79.126.27 63949 (AKAMAI-AP...)
5 2606:4700:21:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.190.12.84 15169 (GOOGLE)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
24 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
1 213.19.147.43 3356 (LEVEL3)
20 18.130.53.249 16509 (AMAZON-02)
4 65.9.66.42 16509 (AMAZON-02)
4 99.86.4.53 16509 (AMAZON-02)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
24 3.11.171.0 16509 (AMAZON-02)
506 67
12    124.155.223.195 (Singapore)

ASN4657 (STARHUB-INTERNET StarHub Ltd, SG)
jalantikus.com
11    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
ajax.googleapis.com
13    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
27    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
8    124.155.223.238 (Singapore)

ASN4657 (STARHUB-INTERNET StarHub Ltd, SG)
assets.jalantikus.com
4    162.19.58.161 (France)

ASN16276 (OVH, FR)
PTR: ns3096669.ip-162-19-58.eu
i.ibb.co
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    13.32.27.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-7.fra56.r.cloudfront.net
static.hotjar.com
5    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
25    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
5    2606:4700:3038::6815:eb59 (United States)

ASN13335 (CLOUDFLARENET, US)
player.gliacloud.com
10    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    99.86.4.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-91.fra6.r.cloudfront.net
script.hotjar.com
2    34.96.95.4 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.95.96.34.bc.googleusercontent.com
auto-load-balancer.likr.com.tw
7    2606:4700:10::6816:2b5e (United States)

ASN13335 (CLOUDFLARENET, US)
avivid.likr.tw
avividone.likr.tw
1    2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
16    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2606:4700:10::6816:3af9 (United States)

ASN13335 (CLOUDFLARENET, US)
sun.advividnetwork.com
9    124.155.223.225 (Singapore)

ASN4657 (STARHUB-INTERNET StarHub Ltd, SG)
api.jalantikus.com
4    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    143.204.215.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-118.fra53.r.cloudfront.net
vars.hotjar.com
3    2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2620:1ec:49::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
4    188.65.124.90 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: fp.dc3.dailymotion.com
api.dailymotion.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4025:401::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
49    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    52.167.85.21 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
i.clarity.ms
15    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
7    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    2a00:1450:400d:808::2001 (Ireland)

ASN15169 (GOOGLE, US)
ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
20    35.227.207.122 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 122.207.227.35.bc.googleusercontent.com
pixel.gliacloud.com
2    13.251.113.77 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-113-77.ap-southeast-1.compute.amazonaws.com
kinesis.ap-southeast-1.amazonaws.com
14    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
10    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    13.251.113.78 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-113-78.ap-southeast-1.compute.amazonaws.com
firehose.ap-southeast-1.amazonaws.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
48    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
2    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    85.114.159.93 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
24    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
cm.g.doubleclick.net
4    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    72.251.249.13 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
4    18.158.138.18 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-138-18.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
3    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    3.123.245.15 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-245-15.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
2    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    45.79.126.27 (Mumbai, India)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: 45-79-126-27.ip.linodeusercontent.com
api.unibots.in
5    2606:4700:21::681b:c358 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.plyr.io
1    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    35.190.12.84 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 84.12.190.35.bc.googleusercontent.com
ad.rfp.fout.jp
4    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
1    2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn-gliacloud.urekamedia.co
24    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
8    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    213.19.147.43 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.targeting.unrulymedia.com
20    18.130.53.249 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
track.webgains.com
4    65.9.66.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-42.fra56.r.cloudfront.net
analytics.webgains.io
4    99.86.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-53.fra6.r.cloudfront.net
cdn.track.production.webgains.team
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
24    3.11.171.0 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
83 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 145
tpc.googlesyndication.com — Cisco Umbrella Rank: 187
ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
768 KB
73 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
stats.g.doubleclick.net — Cisco Umbrella Rank: 179
cm.g.doubleclick.net — Cisco Umbrella Rank: 321
pubads.g.doubleclick.net — Cisco Umbrella Rank: 376
353 KB
56 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 28784
ad4m.at — Cisco Umbrella Rank: 9270
assets.ad4m.at — Cisco Umbrella Rank: 40645
4 MB
31 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 16
3 KB
29 jalantikus.com
jalantikus.com — Cisco Umbrella Rank: 136961
assets.jalantikus.com — Cisco Umbrella Rank: 303096
api.jalantikus.com — Cisco Umbrella Rank: 455343
771 KB
28 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 16387
api.webgains.io — Cisco Umbrella Rank: 45230
126 KB
25 gliacloud.com
player.gliacloud.com — Cisco Umbrella Rank: 34479
pixel.gliacloud.com — Cisco Umbrella Rank: 34377
142 KB
25 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127
ajax.googleapis.com — Cisco Umbrella Rank: 520
imasdk.googleapis.com — Cisco Umbrella Rank: 477
3 MB
20 webgains.com
track.webgains.com — Cisco Umbrella Rank: 38402
229 KB
18 google.de
adservice.google.de — Cisco Umbrella Rank: 5450
www.google.de — Cisco Umbrella Rank: 3658
3 KB
14 gstatic.com
fonts.gstatic.com
www.gstatic.com
363 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 330
218 KB
8 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 98393
static-de.ad4mat.net — Cisco Umbrella Rank: 155945
14 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1536
i.clarity.ms — Cisco Umbrella Rank: 11626
c.clarity.ms — Cisco Umbrella Rank: 2283
21 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 221
327 KB
7 likr.tw
avivid.likr.tw — Cisco Umbrella Rank: 36386
avividone.likr.tw — Cisco Umbrella Rank: 57959
146 KB
5 plyr.io
cdn.plyr.io — Cisco Umbrella Rank: 15186
48 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
325 KB
4 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 48721
10 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 1147
r.turn.com — Cisco Umbrella Rank: 4328
2 KB
4 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 690
4 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 411
2 KB
4 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 996
2 KB
4 amazonaws.com
kinesis.ap-southeast-1.amazonaws.com — Cisco Umbrella Rank: 26069
firehose.ap-southeast-1.amazonaws.com — Cisco Umbrella Rank: 27151
1 KB
4 dailymotion.com
api.dailymotion.com — Cisco Umbrella Rank: 7990
6 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
region1.google-analytics.com — Cisco Umbrella Rank: 2124
20 KB
4 advividnetwork.com
sun.advividnetwork.com — Cisco Umbrella Rank: 68961
5 KB
4 ibb.co
i.ibb.co — Cisco Umbrella Rank: 11302
116 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 877
script.hotjar.com — Cisco Umbrella Rank: 1181
vars.hotjar.com — Cisco Umbrella Rank: 1235
73 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 670
2 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1172
2 KB
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1085
89 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1675
tag.targeting.unrulymedia.com — Cisco Umbrella Rank: 14453
941 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 791
2 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1178
s.tribalfusion.com — Cisco Umbrella Rank: 2747
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1025
489 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 497
946 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 866
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 963
382 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1004
927 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 815
1 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1163
3 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
203 B
2 likr.com.tw
auto-load-balancer.likr.com.tw — Cisco Umbrella Rank: 85222
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 173
112 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 444
557 B
1 urekamedia.co
cdn-gliacloud.urekamedia.co — Cisco Umbrella Rank: 90467
3 MB
1 fout.jp
ad.rfp.fout.jp — Cisco Umbrella Rank: 31000
442 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 362
17 KB
1 unibots.in
api.unibots.in — Cisco Umbrella Rank: 25767
288 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 11371
556 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 35086
611 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1282
717 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 918
545 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 452
461 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 5103
104 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1903
584 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 488
2 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1011
699 B
506 59
Domain Requested by
49 tpc.googlesyndication.com googleads.g.doubleclick.net
jalantikus.com
ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
27 pagead2.googlesyndication.com jalantikus.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
24 api.webgains.io analytics.webgains.io
24 assets.ad4m.at as.ad4m.at
24 pubads.g.doubleclick.net imasdk.googleapis.com
24 cm.g.doubleclick.net 3 redirects ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
20 track.webgains.com as.ad4m.at
track.webgains.com
20 pixel.gliacloud.com jalantikus.com
16 ad4m.at as.ad4m.at
ad4m.at
16 as.ad4m.at ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
16 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
16 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
15 www.google.com 4 redirects jalantikus.com
ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
tpc.googlesyndication.com
14 imasdk.googleapis.com player.gliacloud.com
imasdk.googleapis.com
13 securepubads.g.doubleclick.net jalantikus.com
securepubads.g.doubleclick.net
12 jalantikus.com jalantikus.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 fonts.gstatic.com fonts.googleapis.com
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
jalantikus.com
ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
10 fonts.googleapis.com jalantikus.com
googleads.g.doubleclick.net
player.gliacloud.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
9 api.jalantikus.com jalantikus.com
8 assets.jalantikus.com jalantikus.com
7 ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7 www.googletagservices.com googleads.g.doubleclick.net
ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
6 avivid.likr.tw jalantikus.com
ajax.googleapis.com
5 cdn.plyr.io player.gliacloud.com
cdn.plyr.io
jalantikus.com
5 player.gliacloud.com jalantikus.com
player.gliacloud.com
5 www.googletagmanager.com jalantikus.com
www.googletagmanager.com
player.gliacloud.com
4 cdn.track.production.webgains.team as.ad4m.at
track.webgains.com
4 analytics.webgains.io track.webgains.com
4 static-de.ad4mat.net as.ad4m.at
4 ssum-sec.casalemedia.com 4 redirects
4 x.bidswitch.net 4 redirects
4 image6.pubmatic.com 4 redirects
4 prod-rtb.ad4mat.net jalantikus.com
4 i.clarity.ms www.clarity.ms
4 api.dailymotion.com jalantikus.com
4 www.gstatic.com jalantikus.com
googleads.g.doubleclick.net
4 sun.advividnetwork.com jalantikus.com
4 i.ibb.co 1 redirects jalantikus.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 c.clarity.ms 1 redirects
2 secure.adnxs.com 2 redirects
2 pm.w55c.net 2 redirects
2 r.turn.com ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
2 ad.turn.com 2 redirects
2 ssbsync.smartadserver.com ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
2 sync.1rx.io 2 redirects
2 onetag-sys.com 1 redirects ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
2 eb2.3lift.com 2 redirects
2 ap.lijit.com 2 redirects
2 pixel-sync.sitescout.com ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
2 cms.quantserve.com ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
2 firehose.ap-southeast-1.amazonaws.com avivid.likr.tw
2 kinesis.ap-southeast-1.amazonaws.com avivid.likr.tw
2 sync.search.spotxchange.com 1 redirects jalantikus.com
2 www.google.de jalantikus.com
2 stats.g.doubleclick.net www.google-analytics.com
2 www.clarity.ms jalantikus.com
www.clarity.ms
2 unpkg.com 1 redirects jalantikus.com
2 www.facebook.com jalantikus.com
2 auto-load-balancer.likr.com.tw jalantikus.com
2 connect.facebook.net jalantikus.com
connect.facebook.net
1 c.bing.com 1 redirects
1 tag.targeting.unrulymedia.com imasdk.googleapis.com
1 cdn-gliacloud.urekamedia.co jalantikus.com
1 ad.rfp.fout.jp player.gliacloud.com
1 s0.2mdn.net imasdk.googleapis.com
1 api.unibots.in cdn.jsdelivr.net
1 ads.travelaudience.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 um.simpli.fi 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 s.tribalfusion.com ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 dclk-match.dotomi.com ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
1 dsp.adfarm1.adition.com 1 redirects
1 cdn.jsdelivr.net player.gliacloud.com
1 region1.google-analytics.com www.googletagmanager.com
1 vars.hotjar.com static.hotjar.com
1 avividone.likr.tw jalantikus.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ajax.googleapis.com jalantikus.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com jalantikus.com
506 87

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
api.whatsapp.com
cutt.ly
play.google.com
Subject Issuer Validity Valid
jalantikus.com
Go Daddy Secure Certificate Authority - G2		 2022-01-26 -
2023-02-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
ibb.co
R3		 2022-12-08 -
2023-03-08		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-06 -
2023-01-04		 3 months crt.sh
*.hotjar.com
Amazon		 2022-10-25 -
2023-11-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
gliacloud.com
Cloudflare Inc ECC CA-3		 2022-07-04 -
2023-07-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.likr.com.tw
TWCA Secure SSL Certification Authority		 2022-05-09 -
2023-06-05		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-29 -
2023-05-29		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.advividnetwork.com
TWCA Secure SSL Certification Authority		 2022-05-05 -
2023-06-05		 a year crt.sh
api.jalantikus.com
Go Daddy Secure Certificate Authority - G2		 2022-03-04 -
2023-04-05		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
www.dailymotion.com
ZeroSSL ECC Domain Secure Site CA		 2022-11-23 -
2023-02-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
pixel.gliacloud.com
GTS CA 1D4		 2022-12-17 -
2023-03-17		 3 months crt.sh
kinesis.ap-southeast-1.amazonaws.com
Amazon		 2022-11-01 -
2023-10-31		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
firehose.ap-southeast-1.amazonaws.com
Amazon		 2022-05-23 -
2023-05-03		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-12-13 -
2023-03-13		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
api.unibots.in
R3		 2022-10-12 -
2023-01-10		 3 months crt.sh
*.plyr.io
GTS CA 1P5		 2022-10-31 -
2023-01-29		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.rfp.fout.jp
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-08-08 -
2023-08-31		 a year crt.sh
1065237104.rsc.contentproxy9.cz
R3		 2022-12-08 -
2023-03-08		 3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.webgains.com
Amazon		 2022-06-14 -
2023-07-13		 a year crt.sh
*.webgains.io
Amazon		 2022-08-23 -
2023-09-21		 a year crt.sh
cdn.track.production.webgains.team
Amazon		 2022-09-29 -
2023-10-28		 a year crt.sh

This page contains 59 frames:

Primary Page: https://jalantikus.com/tips/download-youtube-premium-apk/
Frame ID: 1B2213A2EE7110E3F25D79D7CC201809
Requests: 179 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 661F296D4D62D6C60CFD40C0C138CA2B
Requests: 1 HTTP requests in this frame

Frame: https://auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/uuid_iframe.php
Frame ID: 2CAF4FCF971C602A752DD5243296EDC5
Requests: 1 HTTP requests in this frame

Frame: https://auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/uuid_iframe.php
Frame ID: 0AC10A24773B1CAD619E9D516D45EDAD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3376685942337626&output=html&adk=1812271804&adf=3025194257&lmt=1672167577&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672167577355&bpp=4&bdt=373&idt=274&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5806628735129&frm=20&pv=2&ga_vid=1292710703.1672167578&ga_sid=1672167578&ga_hid=136211506&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071219%2C44779344%2C44779793&oid=2&pvsid=3074899679744946&tmod=1885652464&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=289
Frame ID: BB4D441B7402716545C3D90BB5F5107C
Requests: 1 HTTP requests in this frame

Frame: https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=5b7912c4-7f6e-4c54-8280-5ada5b62636a
Frame ID: F167F9FC354445297769486388DD3319
Requests: 1 HTTP requests in this frame

Frame: https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=5b7912c4-7f6e-4c54-8280-5ada5b62636a
Frame ID: 2A7A98E974B43F15876895EB2F45B5C7
Requests: 1 HTTP requests in this frame

Frame: https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=5b7912c4-7f6e-4c54-8280-5ada5b62636a
Frame ID: B328E3E3C78F8BBBBBE342DFBB353673
Requests: 1 HTTP requests in this frame

Frame: https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=5b7912c4-7f6e-4c54-8280-5ada5b62636a
Frame ID: AE10638E3C5A1DC73C5C1092037C8010
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: 177374FF0A5AB391DE96CC07696F983C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8853626D357EE56E35CF8635704D9087
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: D5F1DB00B7C1656909EB930F288452D4
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/error_handler.js
Frame ID: F584B09EFC079332EFA6CB1EF69EFE6A
Requests: 9 HTTP requests in this frame

Frame: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0F05115D16AF1F04CEC03A33EAE8F3F9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 53CA187A3696D88ADE6118D77635D08E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: 4FBBAF4BA7DCB20B1AF4A91C29792395
Requests: 1 HTTP requests in this frame

Frame: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 33CD9418BE6ACD770208B6C53A3BF7BA
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 47BF7E73B5318FCA23C16F052AE55C09
Requests: 13 HTTP requests in this frame

Frame: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B7E91B3A9CE02398242D20DE4BEF8D67
Requests: 9 HTTP requests in this frame

Frame: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3893B78EF7F12DDB09E692B65FC2F389
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 56D907AA55076EB162A6DA5FDCAFC984
Requests: 15 HTTP requests in this frame

Frame: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FC7DCFC8EA12AD6D3EB5C853662BAD15
Requests: 9 HTTP requests in this frame

Frame: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2244A0FE2D9C3A2055664DF810ABF4D2
Requests: 8 HTTP requests in this frame

Frame: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 73CE7310DE492B475B21D6DCA724570D
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hzdse8caegd9a5f4f0z00m5yzbmh3ybj2tjr968yw332y5awhnxzhp424spfy226vm40dhjwwxkk0jc0dztzzg1jm7xng38c2gd6901c05b49me5tbtvsgycby0ek9qnr27c0chrq6s7ydbnay67rbwb9fpmpdz3mhnq46yn4fz0b70p5kcw52q7xpjpczne951cewzm3eaweecy02n8t1jrrxsbeqskdgn6fgxefh1h0tqe5wwet4x4x8w020xdawxx1rp1s7cbjcnm1g3yy5z78ynj51q7whxywv8xb9gght4f4j64c0dfkw9fa0nf9ep685ygpm680hfbx7t6q25cgbqf90d9c84qp2fghzax4nb489xp8a8nh5tjw99d0z70467q7011xmj7tc7pz5jm033xkrn5zrpv26v4ct1pevtxng6j3z7jk3zkpq1mdx3yj9efgz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%26client%3Dca-pub-5398989680841221%26adurl%3D
Frame ID: 0208B13131DE997EDA340CD3C815BF66
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C4AACD749B204E5F8A025F1753E7796A
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gpbfam3xsgp6bzeyfvva8c7d5f8syrzrxctvr7aepnebk82gtewbkbxnxh4jy3rgfbykfh0tn7aa220zb2vgfhcaz2zr7dvamcat15ktjt6bhf36jyqxm7fgb15hp779v3t3q8p78pmynadqsh5rhxh5rkpwdnjvbnydr55hq2rgkpf36brqyp3m1rbjwmntv67dm343bzqvbf97z7x74scjmhjp1v1k48pwnvnwcpzq4f21dp4pmrx3x40ath9t6frw3vp34tnzyxr0t5wfp5nxg6jgxbak7aqnsk9wezdbtr6n23bevz1jkr00sa6j58nrpm0y7mepz5440pf3qv3m77q2kndnr5w04e9w9bzczmssq9jx9j5amg239yqbjpwd12vj1wwqxvc6wspze899q1kjvetar8fb67rtdhh13gzmvd35t8d666sqmg9san5xs407510&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%26client%3Dca-pub-5398989680841221%26adurl%3D
Frame ID: 7F006946A51C44980F119D59FC7DFD1B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 69ED888832A75510B1661EE131732642
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jgfam7mgtswdxjrxggzrekryewxpqgfakym2158dennr4xwhjnntjhswxe3fr8chvwf52qz670wkbdexzm1n7kch5bgaajmja559ae6fb3qfb84ctsnmd30y1mxr34dwfeqtze1y4c6n4vfz5y6njk6wewf9m34wntrv3e684sw1w8cc9da4vwj5gswhh6ymtk8x6b9ncesnnkr2vj78a2ns9avr9xhbrc03qk0zeed559csajmm1e6x8yv2fs7xz5dt6fs3849xpndtd9gv1xgev9959x2etjw7pr2a2pw4bhbhacg76h9g30w5gdjehpb1hrasv32xpsvc9wyceptr96pygesm0qc7f56qm483ztjjjfj5p923486fe8h49v5453h4dv570nm25kq2jhr0rdjqh0h34c0vrzzv6xqhb8gy4pv8qqm9fvas3xptgqpf30y6m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%26client%3Dca-pub-5398989680841221%26adurl%3D
Frame ID: F3B7048B9E5C490BF687A29802FAB37D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8ECCF867EA7036338D552CFC73039CE5
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kp2bcvt6678re4p7q1yb39wxf9dz0tf6drg185z49g992tg3z1z8m2z28h72vqzzr1dsywqy904ncg75kaw4htyg6v3sywbwy9mdd0vtkw0yqpr50nmg261668md8ghg22cp5s449dh77zr9xj4vhyh7bet0yykw2ydz9hjj9g5mnthnj672z8hkxpke5zpemkrfnzmhkej2qh01s5q9102efhanrpcfgfa8zzckqm2tbaj6srjc2smmyk63dzgw1az5ysk810j1grrw9wqv78gzckmz83ezs870pqr8xryr2csbv7v13we4q88hng55xhv90d83m7q1qn8qf2d8pgz9vxptdmavex1284y423qdx545kvd39b79sz1y1bjp5dvme7f5baag2mw940khas6m52sc968q4v0p89hbct18sg69vqge1n7ebewj38bchk43vrvpc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%26client%3Dca-pub-5398989680841221%26adurl%3D
Frame ID: 36F692A932F4100DC0DA6740229874D8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5673CC37AA20AFF846FD5EEA3150FC55
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Frame ID: DAF367B310835F8E630674B35703CAB0
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Frame ID: 6A1B4D960FFCE17A582D353067DF475E
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B00B7F1374478E03795EF3A0A716AED2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2F4C15CFF74157F894689942C7988158
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: 25ADA903BFE05E3D72CDB2332CBE1516
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 07B9721E75454BE16144D719C2A93AB6
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: FCA1D5E3FEC00B8ECC7F052E87CA8BE7
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 63A065FADCEF7ED2D6C04DE5969EFD28
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 1CE4AC4D8F96726B74113650998906EA
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: 82C0C846F562162F43E6DF5D5C1D2DD3
Requests: 4 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=be016755f4073f6b04d872d288b01957%2F7808709755538034677&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580799&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbwpeg143xa8mmj89fyvgj58mfnndy1e7zay2qs44808z1qgsypycm1bfekmwxhaffe71ypbq78g2c47s55a34va1kkgdvxqads9x73r58ym5af3a62p3wbta0376h5pktpt4c7e1qv437gjfp28gkq4bfg3pref8x6fc0pnx9z3ma4rw8jmc55eaakxnr06j693ypqwcyp848b4czcdbsb625zc6318pzr2bzsge2vk9btvzs4p29sme8y5vdveyggmt8zvjdmkr3yx071bash4m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Frame ID: 3A519B64C440A286D2AF6714AA216526
Requests: 18 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=e123439b35d898f1c8580f7c1038f13c%2F11001653626940761441&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580803&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kzn04ywzxwswb6jzj9bhbes67fp1taajs6qrd80kgjcpj88ba4bt7rwxb69ctm21zej89dv8j2gra2q8075zp0k3rgk5py56ny6etxsyf9psa4y2j1cnzq56zwbjq5z68k0fg3zw1vvkvdf8pgsaj7zf67gbh049hag0p2cahmym8015zegn4akagxgzjv9590wm985z1rjxq8zyk9j54393ry7wx6ym4psd0xxnfh88chkqa9mns4gjnz81vftjf8kc5300ademsaqksgshkga8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Frame ID: B363AAC17B41DCF0766B080359840840
Requests: 18 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=e9975e07edc1a6de0c3e891e03c06524%2F14878494519113093806&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkn691d4n5ghf53eyh1mtqjvsceeeggq6a5520vr02604k5zahvn1qw3rqee440vh88etz6sc9ch2fkpbbm96agn7mwyq50ht3xsqazv4fe42mz5v2sv1rw0j6yncw4dy7nftzw85tmkxpp604g7t8na978wwy4pvaqaekbsqpfjh6f6v96j48phxdnxqnweh7fh7p95yntsfncgmg55vyj268z0kh3v639fgq19xb3h4hz56aw3f1fez7p5ymyser60j1k8nvpndyf2tzhfkv89m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Frame ID: 6B092123CF375DAB0082AF398D0E8CFB
Requests: 18 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=2373b441359b7defc04bee61fdbd72fb%2F1234430002439753742&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kywn7502ds0r2s1phjpa7dbyjyrg05n2qv9ez8ejvv41t6zjvq3grhge22xpd9vdfbvp6qnv0np2wb35e557hy1dnd698nghcqbvjb4adg8s2pmbccj4nhah6qtyyavb814s8d3yfa0n7ca29rvh8pgszr51s1y812qt223nr1bzvm0be656bmzarpp16dx0xh9fcfd2ye3s7p0ptpws5jgzqrgcxb7hydyft1fgjt3sbw2a14xayd45geq0nkwsgg3xwgs9jtzqfnrkr3mcshnt4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Frame ID: 3C93007EE6A5CDD47A9821203855BDDB
Requests: 18 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: 41B9DC1DD450DD82C31253703A56D430
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: 8A7A0CA1E7A49915CDE279B3B7DB3C08
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2C7716BF48D2FAC74A66BA49A95B3158
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 193539EFC7AB1978D09794F2591F76C9
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: 733909190C20D5F1536F5D5246B9987D
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: 125A5AD3F3401B95460C64376EC6680C
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: 9F2DA31200EF44F252207ABF4EF81A49
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: 6FB3B3B22F59C4CB2D68A518B38214F3
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: B04ABC25B9DE7D05BEF9B21A32C82F13
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: 2156FF878829895236E87601E139CBDE
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: 20D07F7A016AE1055C03882B4E4FD88B
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: BAD856F812C5E2641FFCFDEA4C0F6C0C
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: 271264AC99F38D8FCC4045980E47D36E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

YouTube Premium MOD APK 17.45.34 Premium Unlocked 2022 | JalanTikus

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • https://cdn\.plyr\.io/([0-9.]+)/.+\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

506
Requests

93 %
HTTPS

51 %
IPv6

59
Domains

87
Subdomains

67
IPs

8
Countries

14039 kB
Transfer

28265 kB
Size

61
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js
Request Chain 120
  • https://sync.search.spotxchange.com/partner?source=283156&sync_limit=7 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=283156&sync_limit=7&__user_check__=1&sync_id=9d22b166-8618-11ed-8c31-1ab0ad8d0406
Request Chain 121
  • https://i.ibb.co/pd9nr2W/review-youtube-premium-apk.jpg.webp HTTP 301
  • https://i.ibb.co/pd9nr2W/review-youtube-premium-apk.jpg
Request Chain 141
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 228
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMxcKktFIKDr-xs_5RTzrqM&google_cver=1&google_push=AavPq0NpH_cFUGxBBOx_VtYi4245w6hNApd5CEKxqHbT4DH5PWv0Dx4nN_894vDYPz9sHImfQrQKMn6j5DD-0LfraPDyPnZqhYY6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4MTkwNTA2OTUzMjUxMDM0OQ%3D%3D&google_push=AavPq0NpH_cFUGxBBOx_VtYi4245w6hNApd5CEKxqHbT4DH5PWv0Dx4nN_894vDYPz9sHImfQrQKMn6j5DD-0LfraPDyPnZqhYY6
Request Chain 229
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELZQ3J1kaaZ5O5FqtReHssw&google_cver=1&google_push=AavPq0OvVHGzg2rw56_IS3FjVJ1U06v9WxaSBspJg5Im4GF1pjh0BwQtFYZJmC7L9z5KpBzmBR023QZTPuk2-YZV3nBTlGm0Wx2L HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELZQ3J1kaaZ5O5FqtReHssw&google_cver=1&google_push=AavPq0OvVHGzg2rw56_IS3FjVJ1U06v9WxaSBspJg5Im4GF1pjh0BwQtFYZJmC7L9z5KpBzmBR023QZTPuk2-YZV3nBTlGm0Wx2L&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oJgWev5_TSGJjqH72DnGhA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0OvVHGzg2rw56_IS3FjVJ1U06v9WxaSBspJg5Im4GF1pjh0BwQtFYZJmC7L9z5KpBzmBR023QZTPuk2-YZV3nBTlGm0Wx2L
Request Chain 230
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOsB8g3xeOAUxw5-aBwQ4KM&google_cver=1&google_push=AavPq0MmIBV0I4E_phu38mdj9y_vCmRyrx2SeiuFzu7MKzP0UUCgCjWctCg1ktUFisVGys854SNu5d7o3ynqzJhoqU0woSBEfxc HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOsB8g3xeOAUxw5-aBwQ4KM&google_cver=1&google_push=AavPq0MmIBV0I4E_phu38mdj9y_vCmRyrx2SeiuFzu7MKzP0UUCgCjWctCg1ktUFisVGys854SNu5d7o3ynqzJhoqU0woSBEfxc&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0MmIBV0I4E_phu38mdj9y_vCmRyrx2SeiuFzu7MKzP0UUCgCjWctCg1ktUFisVGys854SNu5d7o3ynqzJhoqU0woSBEfxc&google_hm=F4zTqGZHc22BnojfQUeyfFNL
Request Chain 231
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESECi-qEY15-U3lM-4aNEYkJU&google_cver=1&google_push=AavPq0ONNVRh_Z5-t7sX2Gd1LhHWkcecAKfO_Cg4ll5aTcr3hgptmIR-uLnZhzp3dHgyFdIXwG8soWevSrsfu5FCVZ25rPyN9j0_ HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0ONNVRh_Z5-t7sX2Gd1LhHWkcecAKfO_Cg4ll5aTcr3hgptmIR-uLnZhzp3dHgyFdIXwG8soWevSrsfu5FCVZ25rPyN9j0_&google_gid=CAESECi-qEY15-U3lM-4aNEYkJU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzA1MTUzNzMwNDk0MDk3NDM5MjI%3D&google_push=AavPq0ONNVRh_Z5-t7sX2Gd1LhHWkcecAKfO_Cg4ll5aTcr3hgptmIR-uLnZhzp3dHgyFdIXwG8soWevSrsfu5FCVZ25rPyN9j0_
Request Chain 232
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEB3H72QAsLWB5KkW1GilWxI&google_cver=1&google_push=AavPq0NEuDkDPJXtrIqck7McLTULeZO69s_WY9qzmT7a29eATrTQ_lZGi1R18QgdxuIvBwgSxoH2wDzHoeyHlG--WBfRcGVZga9zCg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NEuDkDPJXtrIqck7McLTULeZO69s_WY9qzmT7a29eATrTQ_lZGi1R18QgdxuIvBwgSxoH2wDzHoeyHlG--WBfRcGVZga9zCg HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 242
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKngkx15S2T0qD6tSs4c4_g&google_cver=1&google_push=AavPq0OrkIOVwtMjIXmqKijqwcCdL4LJCvpDZpRjK7ufwZJifA53aum3eifiyHnqdwy9O19C_vSKNO04Kv78sm-71SQvvVDFWpuN&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OrkIOVwtMjIXmqKijqwcCdL4LJCvpDZpRjK7ufwZJifA53aum3eifiyHnqdwy9O19C_vSKNO04Kv78sm-71SQvvVDFWpuN%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKngkx15S2T0qD6tSs4c4_g&google_cver=1&google_push=AavPq0OrkIOVwtMjIXmqKijqwcCdL4LJCvpDZpRjK7ufwZJifA53aum3eifiyHnqdwy9O19C_vSKNO04Kv78sm-71SQvvVDFWpuN&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OrkIOVwtMjIXmqKijqwcCdL4LJCvpDZpRjK7ufwZJifA53aum3eifiyHnqdwy9O19C_vSKNO04Kv78sm-71SQvvVDFWpuN%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 243
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEI_SZv3qVI9q0DAvg8hhyi4&google_cver=1&google_push=AavPq0OfbKVHiWfceRY3N4xVwY4IWvPb-8HILO7bPzNnf0a0jrSdThtgPkE8Y9jt7BH5FvB2YVAs1IO4W_AZFDb44vvYJlf6Zc-C HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEI_SZv3qVI9q0DAvg8hhyi4&google_cver=1&google_push=AavPq0OfbKVHiWfceRY3N4xVwY4IWvPb-8HILO7bPzNnf0a0jrSdThtgPkE8Y9jt7BH5FvB2YVAs1IO4W_AZFDb44vvYJlf6Zc-C HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0OfbKVHiWfceRY3N4xVwY4IWvPb-8HILO7bPzNnf0a0jrSdThtgPkE8Y9jt7BH5FvB2YVAs1IO4W_AZFDb44vvYJlf6Zc-C&google_hm=X9tjhUtuTRethV_EEVF8gQ==
Request Chain 244
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAsssdNmUInX80yYaGCefW4&google_cver=1&google_push=AavPq0NyEhQ7aK6TDJ2lexA6Bm-pvuxOFxppCRR7KSOtLj0QqmX50zoQ_5FvpF1MEXF_3PlZ3zwebSQA2g3itnKST4aR0rMyD3mW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEM2TEVJRUYtMUItTENWTg==&google_push=AavPq0NyEhQ7aK6TDJ2lexA6Bm-pvuxOFxppCRR7KSOtLj0QqmX50zoQ_5FvpF1MEXF_3PlZ3zwebSQA2g3itnKST4aR0rMyD3mW
Request Chain 245
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEETM3lfZ-jd-j4dBgVJBbMs&google_cver=1&google_push=AavPq0P9sDyR_eUaKPqWO4hR4xn9LdIvtvslRjUZqCbxwjjz4uvOEmq8uTygwtcSV6k4XolSjLfW-1T5MVyGeRqAJyYh--s4SVHn HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEETM3lfZ-jd-j4dBgVJBbMs&google_push=AavPq0P9sDyR_eUaKPqWO4hR4xn9LdIvtvslRjUZqCbxwjjz4uvOEmq8uTygwtcSV6k4XolSjLfW-1T5MVyGeRqAJyYh--s4SVHn&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEETM3lfZ-jd-j4dBgVJBbMs&google_hm=Y6tAnFi_IC2HzCwwKq4qmwAABL4AAAAB&google_nid=index&google_push=AavPq0P9sDyR_eUaKPqWO4hR4xn9LdIvtvslRjUZqCbxwjjz4uvOEmq8uTygwtcSV6k4XolSjLfW-1T5MVyGeRqAJyYh--s4SVHn
Request Chain 246
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF7ciDUL21N8d5IVFTtBDo4&google_cver=1&google_push=AavPq0Mb1b8SBK2C5c8xncSihbt5C1jBTFULL97xJUWqmj2ySPlNinyo8koaQ4Tojxzvt5aWW0znAIf_pkarYzZodXJahTP-M3Y HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0Mb1b8SBK2C5c8xncSihbt5C1jBTFULL97xJUWqmj2ySPlNinyo8koaQ4Tojxzvt5aWW0znAIf_pkarYzZodXJahTP-M3Y&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1672167580044 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1f2a300c-f65a-4844-a55c-ab52b268c37c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0Mb1b8SBK2C5c8xncSihbt5C1jBTFULL97xJUWqmj2ySPlNinyo8koaQ4Tojxzvt5aWW0znAIf_pkarYzZodXJahTP-M3Y%26google_hm%3DAx8qMAz2WkhEpVyrUrJow3w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0Mb1b8SBK2C5c8xncSihbt5C1jBTFULL97xJUWqmj2ySPlNinyo8koaQ4Tojxzvt5aWW0znAIf_pkarYzZodXJahTP-M3Y&google_hm=Ax8qMAz2WkhEpVyrUrJow3w
Request Chain 250
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELL0WZnHG9jUVNwGdOhMDM4&google_cver=1&google_push=AavPq0Pk7f_2YnxRkn8pelTl-LV4-nJn9DrrUxxxyJI9UfglUXAJnB5HbT1rosFlT7zUsmDMlvAoQtWBVfbvZ1VWAXRV8L6-kCJLbQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA3NzM2MjM5MDQ3MDEwNjA3Ng==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDaiHuWYK3a7vbJvCa1A5mk&google_cver=1
Request Chain 252
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPp39T2BvWhnskt2r6DvH9A&google_cver=1&google_push=AavPq0NM14igSNvmji-9uKbH3VcUTtEJU6ZqnRPqvGYmh_KQoPYzBFeE5NLR6PbWOFjU63wEqhWKDZAlRYybrCtMEZjwgcEa7A7l1w HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPp39T2BvWhnskt2r6DvH9A&google_cver=1&google_push=AavPq0NM14igSNvmji-9uKbH3VcUTtEJU6ZqnRPqvGYmh_KQoPYzBFeE5NLR6PbWOFjU63wEqhWKDZAlRYybrCtMEZjwgcEa7A7l1w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZVhxSmxpNGwxUGFmYVE1&google_gid=CAESEPp39T2BvWhnskt2r6DvH9A&google_cver=1&google_push=AavPq0NM14igSNvmji-9uKbH3VcUTtEJU6ZqnRPqvGYmh_KQoPYzBFeE5NLR6PbWOFjU63wEqhWKDZAlRYybrCtMEZjwgcEa7A7l1w
Request Chain 253
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFU6Dybd6KeKuJ-2CIbJMXY&google_cver=1&google_push=AavPq0NPbbEf_LfvDj9ukd7LugNxC0EQEvFEQuve9Ef_XVGvEPMDlxSfGkPSLOJHMkk14taCRkZFrDIU9iFi34Je9VdwV7tmcLaqDA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFU6Dybd6KeKuJ-2CIbJMXY&google_push=AavPq0NPbbEf_LfvDj9ukd7LugNxC0EQEvFEQuve9Ef_XVGvEPMDlxSfGkPSLOJHMkk14taCRkZFrDIU9iFi34Je9VdwV7tmcLaqDA
Request Chain 254
  • https://um.simpli.fi/gp_match?google_gid=CAESELJQVf4xPGKGLgZojyZMXMk&google_cver=1&google_push=AavPq0OSNLNxXCjAMyEbY9ngxUYc6VTLWI1XisrcH9yE733hU4dvBY1nOrsSZJwAXWWt5CW0DURU95jBVDanFaZau1_D1U6Q9rxJpQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F32F64588B514D2B99F9F86E870BD35C&google_push=AavPq0OSNLNxXCjAMyEbY9ngxUYc6VTLWI1XisrcH9yE733hU4dvBY1nOrsSZJwAXWWt5CW0DURU95jBVDanFaZau1_D1U6Q9rxJpQ
Request Chain 255
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELZQ3J1kaaZ5O5FqtReHssw&google_cver=1&google_push=AavPq0Np-IWVj82laZ6pFvPb1E-mM9PpYQ1I6ISZXAOugzIwuOdApH_K4z1qEb1phv77OQR0UjhJ_se7Nwzv6fE1oZ6EH3UmHsAWdQ HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELZQ3J1kaaZ5O5FqtReHssw&google_cver=1&google_push=AavPq0Np-IWVj82laZ6pFvPb1E-mM9PpYQ1I6ISZXAOugzIwuOdApH_K4z1qEb1phv77OQR0UjhJ_se7Nwzv6fE1oZ6EH3UmHsAWdQ&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wAoah9WZQpmkDncCJCtW6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0Np-IWVj82laZ6pFvPb1E-mM9PpYQ1I6ISZXAOugzIwuOdApH_K4z1qEb1phv77OQR0UjhJ_se7Nwzv6fE1oZ6EH3UmHsAWdQ
Request Chain 256
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEGY0EltTak4MZ5UhgvfqOsQ&google_cver=1&google_push=AavPq0NUDJPMZsCGEfU4t4f1sDtuTuxaClN70EFGiF6WyVTNmlZWtj0vYzDbCTFFb3S5VVAeEKxRvNQ3EGlyVzE1lMIcPzFH7GAFpOk HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEGY0EltTak4MZ5UhgvfqOsQ%26google_cver%3D1%26google_push%3DAavPq0NUDJPMZsCGEfU4t4f1sDtuTuxaClN70EFGiF6WyVTNmlZWtj0vYzDbCTFFb3S5VVAeEKxRvNQ3EGlyVzE1lMIcPzFH7GAFpOk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTA5MjU4NzgwNzMyODczMTIyOQ%3D%3D&google_gid=CAESEGY0EltTak4MZ5UhgvfqOsQ&google_cver=1&google_push=AavPq0NUDJPMZsCGEfU4t4f1sDtuTuxaClN70EFGiF6WyVTNmlZWtj0vYzDbCTFFb3S5VVAeEKxRvNQ3EGlyVzE1lMIcPzFH7GAFpOk
Request Chain 258
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 260
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELL0WZnHG9jUVNwGdOhMDM4&google_cver=1&google_push=AavPq0MNepJCM7npI9p3y-6zShmbvFkst66Jmq25cUGdI01J_b6iPYiQlfS7wNx1noHdLDqcgwPgPwi8J8nz7EkwSmStxfBib2Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzE0OTQxOTk4NDUwODAzNDAxMg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDaiHuWYK3a7vbJvCa1A5mk&google_cver=1
Request Chain 262
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBx8M3CVHjFLXu1atBbM9kM&google_cver=1&google_push=AavPq0N72AjBbFqxj8qHGRmpwt7rnBlHcBhjHdwOPNCQPIBIScsBGn_EJD6ZZfoYuazVrgMK5ZO857FJdVgDjrwt_K8l70nNFfJJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0N72AjBbFqxj8qHGRmpwt7rnBlHcBhjHdwOPNCQPIBIScsBGn_EJD6ZZfoYuazVrgMK5ZO857FJdVgDjrwt_K8l70nNFfJJ&google_hm=GNkL2xEmQBKkwYpK32_FvWg
Request Chain 263
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEO0vZO7-HJOV-stgzXLwOUw&google_cver=1&google_push=AavPq0OCSlwI4QSNwZ0HSTs5OKbHLGR8ZhcZ8pBYzfxJGLhoz2jUa962yqlJbHmnxmi44qg-ySvBk4_ZI3dmCGcsM7EsZJiB5ZMU HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=31Fq-dLGT_yO9vrgyZV77w2&google_push=AavPq0OCSlwI4QSNwZ0HSTs5OKbHLGR8ZhcZ8pBYzfxJGLhoz2jUa962yqlJbHmnxmi44qg-ySvBk4_ZI3dmCGcsM7EsZJiB5ZMU
Request Chain 264
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEETM3lfZ-jd-j4dBgVJBbMs&google_cver=1&google_push=AavPq0NVJ4hxh4FXpORqMzfbP_K0Sf_EEokSznOAUagHvYWHrwZfrSW-fMVhCW0f6GAhBwfdbFsgyiw9gCQbPXAc7qTwlyX7CcEH HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEETM3lfZ-jd-j4dBgVJBbMs&google_push=AavPq0NVJ4hxh4FXpORqMzfbP_K0Sf_EEokSznOAUagHvYWHrwZfrSW-fMVhCW0f6GAhBwfdbFsgyiw9gCQbPXAc7qTwlyX7CcEH&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEETM3lfZ-jd-j4dBgVJBbMs&google_hm=Y6tAnFi_IC2HzCwwKq4qmwAABL4AAAAB&google_nid=index&google_push=AavPq0NVJ4hxh4FXpORqMzfbP_K0Sf_EEokSznOAUagHvYWHrwZfrSW-fMVhCW0f6GAhBwfdbFsgyiw9gCQbPXAc7qTwlyX7CcEH
Request Chain 266
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENBvA7bHxd4iKOQXKXIxwQM&google_cver=1&google_push=AavPq0P0iU_3a7uhnWNI7HeEoDoNAXzw3SsOvqB-KfkjAxYiM4pPw252prOoeCn2cdqsbWKvUEv15RdwOUXcXsn7SEG-laQoSVCVZw HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENBvA7bHxd4iKOQXKXIxwQM&google_cver=1&google_push=AavPq0P0iU_3a7uhnWNI7HeEoDoNAXzw3SsOvqB-KfkjAxYiM4pPw252prOoeCn2cdqsbWKvUEv15RdwOUXcXsn7SEG-laQoSVCVZw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=5fdb6385-4b6e-4d17-ad85-5fc411517c81&%%GOOGLE_PUSH_PAIR%%
Request Chain 298
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 299
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 416
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=3E1A3682F7264EA2B4ECD0647F32D104&RedC=c.clarity.ms&MXFR=376B49C0297964D605BF5B472D796AEE HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=3E1A3682F7264EA2B4ECD0647F32D104&MUID=1C6C463BF7786E670CD954BCF6F36F5F

506 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
jalantikus.com/tips/download-youtube-premium-apk/ 		59 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.155.223.195 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx/1.20.1 / Express
Resource Hash
c047b8a1f14176ac6f52af36253608698637225d5959fed595883c1139216136

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 27 Dec 2022 18:59:36 GMT
etag
W/"eb4f-niXwVg6v/VS9WESttm5SkTiNKTE"
server
nginx/1.20.1
vary
Accept-Encoding
x-powered-by
Express
icomoon.adf9a9fe.ttf
jalantikus.com/static/media/ 		15 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/static/media/icomoon.adf9a9fe.ttf
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.155.223.195 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx/1.20.1 / Express
Resource Hash
4311d6664835687d057eaf5d4ddeb54883c6efe59c55a3aa3f91b928627e49b5

Request headers

Referer
https://jalantikus.com/tips/download-youtube-premium-apk/
Origin
https://jalantikus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:37 GMT
content-encoding
gzip
server
nginx/1.20.1
x-powered-by
Express
etag
W/"3d5e-vJLpc90tKkcih06xA3UMEDKfZnk"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
css2
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&family=Roboto:wght@100&display=swap
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4380b25f49ffac057ef983eb49b1cc5175607c2eecbf44f03a606c275f18c6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Dec 2022 18:59:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 18:59:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Dec 2022 18:59:37 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1434 / 121 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 27 Dec 2022 18:59:37 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3376685942337626
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f3c2bbda173f575a37a3f5c8bc32afb1932d019a9a2f97f775a0d7503dec73c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Origin
https://jalantikus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49673
x-xss-protection
0
server
cafe
etag
9185234514909648399
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 18:59:37 GMT
main.22cdcfe2.chunk.css
jalantikus.com/static/css/ 		313 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/static/css/main.22cdcfe2.chunk.css
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.155.223.195 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx/1.20.1 / Express
Resource Hash
c2e75b3d4b71a84cdfbcd86ca983b189504a06fa00f2eca87e200e54843903bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/tips/download-youtube-premium-apk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:37 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:52:19 GMT
server
nginx/1.20.1
x-powered-by
Express
etag
W/"4e3b6-18519b485a9"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=315360000
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
youtube-premium-apk-5488b.jpg
assets.jalantikus.com/assets/cache/0/200/tips/2021/04/28/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jalantikus.com/assets/cache/0/200/tips/2021/04/28/youtube-premium-apk-5488b.jpg
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.238 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
aa2b2edb946d58fcbd9176e1676367576a457771cafe3c727b5c38d888346f32
Security Headers
Name Value
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 18:59:37 GMT
Last-Modified
Fri, 23 Dec 2022 05:55:48 GMT
Server
nginx
X-Real-IP
182.3.72.62
Etag
16c15c71b8fc03178544982a3758b6b7
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public, no-transform
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
youtube-premium-apk-5488b.jpg
assets.jalantikus.com/assets/cache/769/330/tips/2021/04/28/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jalantikus.com/assets/cache/769/330/tips/2021/04/28/youtube-premium-apk-5488b.jpg
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.238 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
bc3c27a6ef58d2693e02aadf43525ff220983dd3f3c4f77d278d73856dcc72a3
Security Headers
Name Value
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 18:59:37 GMT
Last-Modified
Fri, 23 Dec 2022 05:55:48 GMT
Server
nginx
X-Real-IP
182.3.72.62
Etag
45a4719465865a6c6f0ed4b339710317
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public, no-transform
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
6a435a2337e0b3c935361ece3f844a1d.png
jalantikus.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jalantikus.com/6a435a2337e0b3c935361ece3f844a1d.png
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.155.223.195 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx/1.20.1 / Express
Resource Hash
7a4c3bfb638ca9df11118af719117162af4b771659a078b21ef0f325b5417e84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/tips/download-youtube-premium-apk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:37 GMT
last-modified
Fri, 16 Dec 2022 06:52:34 GMT
server
nginx/1.20.1
x-powered-by
Express
etag
W/"782-18519b4c266"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
1922
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
4abc51118abc0dd14d17042283923097.svg
jalantikus.com/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jalantikus.com/4abc51118abc0dd14d17042283923097.svg
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.155.223.195 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx/1.20.1 / Express
Resource Hash
7faf471db12972c906602b9ce190a8c30fe64f4630929f54bd1e5070a1db7d83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/tips/download-youtube-premium-apk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:37 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:52:34 GMT
server
nginx/1.20.1
x-powered-by
Express
etag
W/"868-18519b4c266"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
review-youtube-premium-apk.jpg
i.ibb.co/pd9nr2W/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/pd9nr2W/review-youtube-premium-apk.jpg
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096669.ip-162-19-58.eu
Software
nginx /
Resource Hash
ccb9f5257f90e16ce5a3a9ceadc67e65d8825346beb4d8ff6768784c4fdf9d58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:37 GMT
last-modified
Tue, 11 Oct 2022 04:26:34 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
46289
expires
Thu, 31 Dec 2037 23:55:55 GMT
fitur-youtube-premium-apk.jpg
i.ibb.co/ydRFdhN/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/ydRFdhN/fitur-youtube-premium-apk.jpg
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096669.ip-162-19-58.eu
Software
nginx /
Resource Hash
d194d46aa7b431731725e21b6fe70ec0813da5afbdecaacf0b3b5aaeb9ccf4e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:37 GMT
last-modified
Tue, 11 Oct 2022 04:26:34 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
25596
expires
Thu, 31 Dec 2037 23:55:55 GMT
banner-shutterstock-youtubegratis.jpeg
assets.jalantikus.com/assets/cache/184/94/tips/2017/06/01/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jalantikus.com/assets/cache/184/94/tips/2017/06/01/banner-shutterstock-youtubegratis.jpeg
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.238 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
3d140f037014b739d058f10282b2d7677a548a50c008cb83533081349ea71c1b
Security Headers
Name Value
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 18:59:37 GMT
Last-Modified
Fri, 23 Dec 2022 10:22:12 GMT
Server
nginx
X-Real-IP
141.0.9.114
Etag
73b4e4c88f2b506ae71c0a9c7e34b3f5
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public, no-transform
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
wyzowl-780e7.jpg
assets.jalantikus.com/assets/cache/184/94/tips/2020/05/13/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jalantikus.com/assets/cache/184/94/tips/2020/05/13/wyzowl-780e7.jpg
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.238 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
232264fa7b268de0f8ebb623fb8cfccbe93a08e936fd2b8cdac31b7cfa9dcae4
Security Headers
Name Value
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 18:59:37 GMT
Last-Modified
Thu, 22 Dec 2022 05:57:17 GMT
Server
nginx
X-Real-IP
110.139.238.55
Etag
86537e4fcaf8a094b20949e596874820
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public, no-transform
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
snappea-Download-Game-Aplikasi-Wallpaper-dan-Video-YouTube-Gratis.jpg
assets.jalantikus.com/assets/cache/184/94/tips/old/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jalantikus.com/assets/cache/184/94/tips/old/snappea-Download-Game-Aplikasi-Wallpaper-dan-Video-YouTube-Gratis.jpg
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.238 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
bb976d0b8ca08c001cc086c40222991bf15f0038e30f8f8862d975d05610eb3a
Security Headers
Name Value
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 18:59:37 GMT
Last-Modified
Thu, 22 Dec 2022 01:12:29 GMT
Server
nginx
X-Real-IP
182.2.71.138
Etag
9c823686038a855c96104cf12bd1c3b4
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public, no-transform
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
cara-youtube-premium-gratis-33416.jpg
assets.jalantikus.com/assets/cache/184/13/userfiles/2020/08/05/ 		150 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jalantikus.com/assets/cache/184/13/userfiles/2020/08/05/cara-youtube-premium-gratis-33416.jpg
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.238 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
ea890c2d03f464e79d9d8a4a56bbe6d06ad5e440bd29bd3ae03c97f962522245
Security Headers
Name Value
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 18:59:37 GMT
Last-Modified
Fri, 23 Dec 2022 08:54:20 GMT
Server
nginx
X-Real-IP
182.0.201.100
Etag
c44a3f194c6320ff38d539ba3816d302
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public, no-transform
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
youtube-music-rilis-di-indonesia-39f5b.jpg
assets.jalantikus.com/assets/cache/184/94/news/2019/11/06/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jalantikus.com/assets/cache/184/94/news/2019/11/06/youtube-music-rilis-di-indonesia-39f5b.jpg
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.238 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
e14465e19b604889e4f80bc599843baaf19139e16bd5066fd0a423d7792369ae
Security Headers
Name Value
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 18:59:37 GMT
Last-Modified
Thu, 22 Dec 2022 01:12:29 GMT
Server
nginx
X-Real-IP
182.2.71.138
Etag
8c36905264f82a6bcf72acc0abf2ceea
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public, no-transform
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
channel-youtube-belajar-hacking-banner2.jpeg
assets.jalantikus.com/assets/cache/184/94/tips/2017/04/18/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jalantikus.com/assets/cache/184/94/tips/2017/04/18/channel-youtube-belajar-hacking-banner2.jpeg
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.238 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
dea6e18bba96efa9b2b536fffe06d66228ad3eb2508ad462505f0c46829cb3f2
Security Headers
Name Value
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 18:59:37 GMT
Last-Modified
Mon, 26 Dec 2022 07:09:46 GMT
Server
nginx
X-Real-IP
114.10.11.39
Etag
d10f56d2e290b54d366ed89fb3ed3a76
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
image/jpeg
Cache-Control
max-age=315360000, public, no-transform
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
121e83b3a82af355ca5eb88842c97235.png
jalantikus.com/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jalantikus.com/121e83b3a82af355ca5eb88842c97235.png
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.155.223.195 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx/1.20.1 / Express
Resource Hash
5817ba1ecac9f6b1ce3024466edab982434e83c62a9f1df2ff19a339b4bf2e24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/tips/download-youtube-premium-apk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:37 GMT
last-modified
Fri, 16 Dec 2022 06:52:34 GMT
server
nginx/1.20.1
x-powered-by
Express
etag
W/"1de3-18519b4c266"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
7651
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
2.01ce7ec8.chunk.js
jalantikus.com/static/js/ 		778 KB
262 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/static/js/2.01ce7ec8.chunk.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.155.223.195 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx/1.20.1 / Express
Resource Hash
166f329e308e0648e1552bf8e13caadb6aef44fef6baa2120df91216d18727dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/tips/download-youtube-premium-apk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:37 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:52:19 GMT
server
nginx/1.20.1
x-powered-by
Express
etag
W/"c2610-18519b485b1"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.19840f9f.chunk.js
jalantikus.com/static/js/ 		496 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/static/js/main.19840f9f.chunk.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.155.223.195 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx/1.20.1 / Express
Resource Hash
49f8cc251ecf57d509f5f5dd1391015763918b9c76a9be4de6c5035ab3bec679

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/tips/download-youtube-premium-apk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:37 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:52:19 GMT
server
nginx/1.20.1
x-powered-by
Express
etag
W/"7be0d-18519b485ad"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 27 Dec 2022 18:59:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27298
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
mFwYRPZlFZTqgZ0C/fPeqZS5y21YBHisvqo2tGyAfMoJrBOI9tqm0qp9rV2fXzOoY2gH2nKb5aXtwo7zEceC3g==
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
hotjar-1771071.js
static.hotjar.com/c/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1771071.js?sv=6
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-7.fra56.r.cloudfront.net
Software
/
Resource Hash
799b36a35464430406c3528b178c757ac87ca7b2c366665eeb822e3dadc3483c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
etag
W/0a3b24cd3fda4780681d726c514f72f6
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
fKsSM6t7-zEMb9Yo26s9jP_KKQuhd-RnFs9ONEWtMe8ogg76oeUcpQ==
gtm.js
www.googletagmanager.com/ 		283 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W9F4QDN&timestamp=1672167577119
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ab380fe996b0c3c85b3d08e38d8de3ff0955edea8a4f64cfaa6e8674345b74ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76094
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 27 Dec 2022 18:59:37 GMT
gtm.js
www.googletagmanager.com/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKB8VFG&timestamp=1672167577119
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
25b1ff2361738bb90c50b3a7a1de7696085e6f0e5fab32dd3b8a464e2f4cf339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52234
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 27 Dec 2022 18:59:37 GMT
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 17:18:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6070
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 27 Dec 2023 17:18:27 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		493 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=jalantikus.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8775e0405e98ed044eb120e8a7409d2b81ed57caa8f49e14f523b7f41b1368e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
184
x-xss-protection
0
expires
Tue, 27 Dec 2022 18:59:37 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3376685942337626&plah=jalantikus.com&bust=31071219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3376685942337626
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e09fbe47395274b7b2ac7c6c0d2470611f1a7b149bda29b8c1f6f4b2482f999
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119970
x-xss-protection
0
server
cafe
etag
415296433009820858
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 18:59:37 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 661F 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3376685942337626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
25937
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 11:47:20 GMT
etag
10353107486223812946
expires
Tue, 10 Jan 2023 11:47:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=true&host_v=false&frequency=0.01&eid=44759876%2C44759927%2C44759837%2C31071219%2C44779344%2C44779793
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=atf_ad_settings_from_ppabg&p_s=false&eid=44759876%2C44759927%2C44759837%2C31071219%2C44779344%2C44779793
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=modern_js&fy=2021&supports=true&c=2021&eid=44759876%2C44759927%2C44759837%2C31071219%2C44779344%2C44779793
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
id_jalantikus_desktop
player.gliacloud.com/player/ 		135 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.gliacloud.com/player/id_jalantikus_desktop
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f24adcb89bfbabbd20652bb61c6dc3de54bde4b77c096d5436c03f2963dd16a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
Public
date
Tue, 27 Dec 2022 18:59:38 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 27 Dec 2022 14:37:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FFjMJ%2BDI6XkkZYHBDYspg4AfQhnrrmuKD3J%2B3Q7YGvC0XJIbq4vDPWKH2uiWCNwLHsHI%2Fk2BJjLXNwXWlxdjkSjg%2BS9ttrVRxBROLGpWjbu91Jw0UdbDgNt51ScMKIIVnLKf2yGQbmJCSHdc2dLnY5P6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
x-cloud-trace-context
1f1dd0ae4aea961d4642af3522dd7b25
cache-control
public, max-age=900
cf-ray
78044b5ffa1d06ed-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 27 Dec 2022 19:14:38 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6bc92316cf9b94564838ba2a15737f8da7279aaae366c47944d51e41f03bbf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
icomoon.f850d37c.ttf
jalantikus.com/static/media/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/static/media/icomoon.f850d37c.ttf
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/static/css/main.22cdcfe2.chunk.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.155.223.195 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx/1.20.1 / Express
Resource Hash
11a22ef63e97af08a179e6271a11135126f2a16f22bd9cfc27989fded3585335

Request headers

Referer
https://jalantikus.com/static/css/main.22cdcfe2.chunk.css
Origin
https://jalantikus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:37 GMT
last-modified
Fri, 16 Dec 2022 06:52:19 GMT
server
nginx/1.20.1
x-powered-by
Express
etag
W/"61ec-18519b485a3"
content-type
font/ttf
cache-control
max-age=315360000
accept-ranges
bytes
content-length
25068
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&family=Roboto:wght@100&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://jalantikus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 18:50:24 GMT
x-content-type-options
nosniff
age
86953
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Dec 2023 18:50:24 GMT
696041037718286
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/696041037718286?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6ac8332784aebd30dc5f7647ad40868522cd389b5b1ba79adc00cb2ab8b1f958
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 27 Dec 2022 18:59:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86056
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
vISGZNKPpH1fRO63I8LnY1h5gIq4AVKrlRY/Bkwqinco21ApTwsM5i2yst61hPtyH0bxAVc5flt8p07LewlA6w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
modules.352fddba5b21bbfc3a08.js
script.hotjar.com/ 		264 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.352fddba5b21bbfc3a08.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1771071.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-91.fra6.r.cloudfront.net
Software
/
Resource Hash
6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 08:07:05 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
471152
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68894
last-modified
Thu, 22 Dec 2022 08:06:23 GMT
etag
"3256c76707175033b83ffe82f89b32ec"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
VPGqqSRfRrzkFToAjYvdXY6B1B_LiWoH1CS2_MIb27XpY7rxS4fUYA==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 14:17:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
189756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Dec 2023 14:17:01 GMT
uuid_iframe.php
auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/ Frame 2CAF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/uuid_iframe.php
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.95.4 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.95.96.34.bc.googleusercontent.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
294b0c2e3ec3edc89ec51dcef5ef2e099b3111a0634b2e7121cd249744d39b3a

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, X-CSRF-Token
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
917
content-type
text/html; charset=UTF-8
date
Tue, 27 Dec 2022 18:59:37 GMT
server
Apache/2.4.41 (Ubuntu)
vary
Accept-Encoding
via
1.1 google
avivid_pseudo_native_subscribe.css
avivid.likr.tw/avivid_css/avivid_pseudo_native_subscribe/ 		444 B
557 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://avivid.likr.tw/avivid_css/avivid_pseudo_native_subscribe/avivid_pseudo_native_subscribe.css
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2b5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fdffe46c571b0b392a68f61772f38210b2172738fc1dac3be70794daefebf6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 03 Nov 2017 02:54:19 GMT
server
cloudflare
age
3282
etag
W/"1e0019-1bc-55d0b38977fa5"
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=10800
access-control-allow-credentials
true
cf-ray
78044b609c7ebb59-FRA
access-control-allow-headers
origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token
uuid_iframe.php
auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/ Frame 0AC1 		2 KB
980 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/uuid_iframe.php
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.95.4 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.95.96.34.bc.googleusercontent.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
294b0c2e3ec3edc89ec51dcef5ef2e099b3111a0634b2e7121cd249744d39b3a

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, X-CSRF-Token
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
917
content-type
text/html; charset=UTF-8
date
Tue, 27 Dec 2022 18:59:37 GMT
server
Apache/2.4.41 (Ubuntu)
vary
Accept-Encoding
via
1.1 google
ios_water_webpush_v21.js
avivid.likr.tw/api/ 		228 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avivid.likr.tw/api/ios_water_webpush_v21.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2b5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1ae4b56806374a5cf5913e6ce8a81674e5a77df173e141d52fe0178d4f7e576

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 08 Dec 2022 03:01:18 GMT
server
cloudflare
age
1825
etag
W/"62000a-390c1-5ef48403f9f06"
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600
access-control-allow-credentials
true
cf-ray
78044b609c7fbb59-FRA
access-control-allow-headers
origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=abg_host&host=jalantikus.com&eid=44759876%2C44759927%2C44759837%2C31071219%2C44779344%2C44779793
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=1&tms=200&eid=44759876%2C44759927%2C44759837%2C31071219%2C44779344%2C44779793
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		395 B
699 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=jalantikus.com&callback=_gfp_s_&client=ca-pub-3376685942337626&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3376685942337626&plah=jalantikus.com&bust=31071219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af4176ddff787bdb503edc004ef70da7b876cc83a71cb279cd08f652ab14f01b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
254
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3376685942337626&plah=jalantikus.com&bust=31071219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3376685942337626&plah=jalantikus.com&bust=31071219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BB4D 		174 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3376685942337626&output=html&adk=1812271804&adf=3025194257&lmt=1672167577&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672167577355&bpp=4&bdt=373&idt=274&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5806628735129&frm=20&pv=2&ga_vid=1292710703.1672167578&ga_sid=1672167578&ga_hid=136211506&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071219%2C44779344%2C44779793&oid=2&pvsid=3074899679744946&tmod=1885652464&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=289
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3376685942337626&plah=jalantikus.com&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2d0844327b6f645d4e75a297ff751164b5e9d31eede858bd72e83bb84066e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
47804
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:59:38 GMT
expires
Tue, 27 Dec 2022 18:59:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=696041037718286&ev=PageView&dl=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&rl=&if=false&ts=1672167577673&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672167577672.2060342545&it=1672167577493&coo=false&rqm=GET
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 27 Dec 2022 18:59:37 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
uuid_iframe.html
sun.advividnetwork.com/include_code/ Frame F167 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=5b7912c4-7f6e-4c54-8280-5ada5b62636a
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2725d337e8ed14d10b23407140abf3881d22818a639df5401386c70d4a055757

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
origin, x-requested-with, content-type
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
78044b631b032bc3-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 27 Dec 2022 18:59:39 GMT
last-modified
Mon, 30 Mar 2020 04:27:06 GMT
server
cloudflare
uuid_iframe.html
sun.advividnetwork.com/include_code/ Frame 2A7A 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=5b7912c4-7f6e-4c54-8280-5ada5b62636a
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2725d337e8ed14d10b23407140abf3881d22818a639df5401386c70d4a055757

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
origin, x-requested-with, content-type
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
78044b631b052bc3-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 27 Dec 2022 18:59:39 GMT
last-modified
Mon, 30 Mar 2020 04:27:06 GMT
server
cloudflare
uuid_iframe.html
sun.advividnetwork.com/include_code/ Frame B328 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=5b7912c4-7f6e-4c54-8280-5ada5b62636a
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2725d337e8ed14d10b23407140abf3881d22818a639df5401386c70d4a055757

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
origin, x-requested-with, content-type
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
78044b631b072bc3-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 27 Dec 2022 18:59:39 GMT
last-modified
Mon, 30 Mar 2020 04:27:06 GMT
server
cloudflare
uuid_iframe.html
sun.advividnetwork.com/include_code/ Frame AE10 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=5b7912c4-7f6e-4c54-8280-5ada5b62636a
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2725d337e8ed14d10b23407140abf3881d22818a639df5401386c70d4a055757

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
origin, x-requested-with, content-type
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
78044b631b092bc3-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 27 Dec 2022 18:59:39 GMT
last-modified
Mon, 30 Mar 2020 04:27:06 GMT
server
cloudflare
20221024000002.json
avivid.likr.tw/settings_file_json/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avivid.likr.tw/settings_file_json/20221024000002.json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2b5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b69d30338173b90102ccf279c4b7f367d32d0e8a1da98f02018f05e5f62ae291

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://jalantikus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 27 Dec 2022 18:10:02 GMT
server
cloudflare
age
1508
etag
W/"60e4c8-14bd-5f0d32921ca8a"
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
access-control-allow-credentials
true
cf-ray
78044b630bbc9136-FRA
access-control-allow-headers
origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token
20221024000002.json
avivid.likr.tw/settings_file_json/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avivid.likr.tw/settings_file_json/20221024000002.json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2b5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b69d30338173b90102ccf279c4b7f367d32d0e8a1da98f02018f05e5f62ae291

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://jalantikus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 27 Dec 2022 18:10:02 GMT
server
cloudflare
age
1508
etag
W/"60e4c8-14bd-5f0d32921ca8a"
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
access-control-allow-credentials
true
cf-ray
78044b630bc09136-FRA
access-control-allow-headers
origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token
gtm.js
www.googletagmanager.com/ 		201 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WVNL8MB&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8d2758ba4669ac0d5a493c730e88553cdd0af821b1959f94601a1239fd3f2fad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72728
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 27 Dec 2022 18:59:38 GMT
4.28c863e5.chunk.css
jalantikus.com/static/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/static/css/4.28c863e5.chunk.css
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.155.223.195 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx/1.20.1 / Express
Resource Hash
f4cfd1276ee2c4dbee6b153f9dc4521383a6e7d2d14ba0b959c2206eca7114d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/tips/download-youtube-premium-apk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:38 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:52:19 GMT
server
nginx/1.20.1
x-powered-by
Express
etag
W/"2fde-18519b485b1"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=315360000
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
4.0e641aa0.chunk.js
jalantikus.com/static/js/ 		19 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jalantikus.com/static/js/4.0e641aa0.chunk.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.155.223.195 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx/1.20.1 / Express
Resource Hash
8174e8f7f727a631317bc021ce09e0e4eaef6d1195bffe7c156350bee5ebb06a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/tips/download-youtube-premium-apk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:38 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:52:19 GMT
server
nginx/1.20.1
x-powered-by
Express
etag
W/"4d0d-18519b485b1"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
download-youtube-premium-apk
api.jalantikus.com/v1/content/article/tips/detail/ 		27 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.jalantikus.com/v1/content/article/tips/detail/download-youtube-premium-apk
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/static/js/2.01ce7ec8.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.225 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
9ebec479903094986e83f00a08ae6d28f6a2412e0b737a87118c37d5e4063fc8
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://jalantikus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 18:56:24 GMT
X-Scheme
https
Content-Encoding
gzip
X-Real-IP
80.255.7.104
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-Host
api1
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
homepage
api.jalantikus.com/v1/component/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.jalantikus.com/v1/component/homepage?component=1
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/static/js/2.01ce7ec8.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.225 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
36defc7ade3dc6eacba20085f18d473f1fccba2fa7e1ab50e2612da30899ec8a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://jalantikus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 18:56:24 GMT
X-Scheme
https
Content-Encoding
gzip
X-Real-IP
80.255.7.104
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-Host
api1
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
homepage
api.jalantikus.com/v1/component/ 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.jalantikus.com/v1/component/homepage
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/static/js/2.01ce7ec8.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.225 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
642a70e35bd0e4380bedb157efcd408c3476c761aee819f9de88e534f49c2caf
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://jalantikus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 18:56:24 GMT
X-Scheme
https
Content-Encoding
gzip
X-Real-IP
80.255.7.104
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-Host
api1
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
killswitch_config.js
avividone.likr.tw/killswitch/ 		368 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://avividone.likr.tw/killswitch/killswitch_config.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2b5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c66aeeca7e1a93a66b2345b6578f20cd30b3f68c5994c61b943f1d8a0453b916

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 18 Jul 2022 02:12:02 GMT
server
cloudflare
age
5981
etag
"170-5e40ae4c67e07-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10800
accept-ranges
bytes
cf-ray
78044b637a76bb59-FRA
content-length
172
aws-sdk-AviviD-min-1.000.3.js
avivid.likr.tw/sample/ 		274 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avivid.likr.tw/sample/aws-sdk-AviviD-min-1.000.3.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2b5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d80f6ec3a78924d5f5276bd680cbfb9dd37879691c648dc14755cb3d9c5bf3b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 08 Oct 2020 10:46:57 GMT
server
cloudflare
age
3282
etag
W/"1328d7-44813-5b1268d1b71da"
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=10800
access-control-allow-credentials
true
cf-ray
78044b635a36bb59-FRA
access-control-allow-headers
origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token
firebase-app.js
www.gstatic.com/firebasejs/8.6.8/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.6.8/firebase-app.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1977ae2b50845838a0f0848012e1d2bb312a7a760bc7427c601305531de0d2d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 01:09:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409832
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6966
x-xss-protection
0
last-modified
Thu, 01 Jul 2021 23:11:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Dec 2023 01:09:06 GMT
box-5e66f98b4ee957db209dc6f63e3d59dd.html
vars.hotjar.com/ Frame 1773 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1771071.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-118.fra53.r.cloudfront.net
Software
/
Resource Hash
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2125056
cache-control
max-age=31536000
content-encoding
br
content-length
1035
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 04:42:02 GMT
etag
"e0652b84b7b3b650769c759fc520c3f8"
last-modified
Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-id
JEqrm_5NKECUj-JSGLCzFwDdsm-ljKYrJw6xLANkTqjbN2xa-dN0Uw==
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
x-robots-tag
none
/
www.facebook.com/tr/ Frame 8853 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://jalantikus.com
Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://jalantikus.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:59:38 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVNL8MB&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 27 Dec 2022 18:27:20 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1938
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 27 Dec 2022 20:27:20 GMT
web-vitals.iife.js
unpkg.com/web-vitals@3.1.0/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48c97b0cfa2e71392fa58921505b2b8aad8f7496cd049ba4331fca8e8db8c485
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:38 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
3605694
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GHZ0KNM9S6391KN4SDZ9RWRJ-fra
server
cloudflare
etag
W/"1b9c-Ooy//WAzbji1e0z3xvTKf9F/+q0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
78044b650fea9a15-FRA

Redirect headers

date
Tue, 27 Dec 2022 18:59:38 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GNAETQ4FJBA1T5JMCP6PMEM6-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
458
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/web-vitals@3.1.0/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
78044b64bf599a15-FRA
dz6v6tborw
www.clarity.ms/tag/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/dz6v6tborw?ref=gtm2
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d4870a562d850d026830aa1ed4ecefd5cde7b8d7535ac4260b6a17dffe4f2ebd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
application/x-javascript
date
Tue, 27 Dec 2022 18:59:38 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
0mkCrYwAAAAA7vFerYwV9R5soInq1JhEHRlJBMjMxMDUwNDE5MDM5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
js
www.googletagmanager.com/gtag/ 		216 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TLEJ5CZFT5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVNL8MB&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fec67c157a3599eaea4f7cb4e876c263212aae276a41ce1cc3ff6e1f0e6ecf16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76861
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 27 Dec 2022 18:59:38 GMT
firebase-messaging.js
avivid.likr.tw/pushEndPoint/js/firebasejs/8.6.8/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avivid.likr.tw/pushEndPoint/js/firebasejs/8.6.8/firebase-messaging.js
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2b5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d5b2484855a69e76d59cf2e5e518df99515b786e57ee5fa929b0e5cb478e57c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 30 Jun 2021 10:39:31 GMT
server
cloudflare
age
2820
etag
W/"3e0e95-9fb7-5c5f9566df364"
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=10800
access-control-allow-credentials
true
cf-ray
78044b643bfdbb59-FRA
access-control-allow-headers
origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5817ba1ecac9f6b1ce3024466edab982434e83c62a9f1df2ff19a339b4bf2e24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
homepage
api.jalantikus.com/v1/component/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.jalantikus.com/v1/component/homepage?component=1
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/static/js/2.01ce7ec8.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.225 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
58817074a3e78734f7cb117d61013b3c233b2ebdb12a3a2bf5b523467790c0f1
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://jalantikus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 18:56:24 GMT
X-Scheme
https
Content-Encoding
gzip
X-Real-IP
80.255.7.104
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-Host
api1
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
download
api.jalantikus.com/v1/component/article/tags/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.jalantikus.com/v1/component/article/tags/download
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/static/js/2.01ce7ec8.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.225 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
39152d095fe3f21555c453e149879c95992167d01f6adc0159f69a39504d12b5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://jalantikus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 18:56:24 GMT
X-Scheme
https
Content-Encoding
gzip
X-Real-IP
80.255.7.104
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-Host
api1
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
gadget
api.jalantikus.com/v1/component/article/tags/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.jalantikus.com/v1/component/article/tags/gadget
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/static/js/2.01ce7ec8.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.225 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
1f660758ed7f18341b6c06ae27b38009a5dfbe555ffc2372355adaf2ca2a6cec
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://jalantikus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 18:56:24 GMT
X-Scheme
https
Content-Encoding
gzip
X-Real-IP
80.255.7.104
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-Host
api1
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
videos
api.dailymotion.com/ 		655 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.dailymotion.com/videos?owners=x2hdhi4&channel=tech&fields=id,title,thumbnail_url&limit=4
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/static/js/2.01ce7ec8.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
7cbb8f6436fcf857aac5d0ca8355360135627a5919407a458c432ab3e39a4f51
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://jalantikus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Date
Tue, 27 Dec 2022 18:59:38 GMT
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing
total;dur=54, dc;desc="dc3"
Content-Length
385
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 27 Dec 2022 18:59:38 GMT
Server
DMS/1.0.42
Etag
W/"KNhCsTO_5NLXL57V1-G0og-gzip"
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary
X-DM-SSL,Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date, X-DM-BackNode-Response-Time, X-DM-Edge, X-DM-Cache-Status, X-Served-By
Cache-Control
public, max-age=900
X-Frame-Options
DENY
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type, Authorization
X-Robots-Tag
noindex
videos
api.dailymotion.com/ 		673 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.dailymotion.com/videos?owners=x2hdhi4&channel=videogames&fields=id,title,thumbnail_url&limit=4
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/static/js/2.01ce7ec8.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
53f1688c6a87fc8f39ac6ad1c92589ba3afcc2cc275001cc2e50d832142a6339
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://jalantikus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Date
Tue, 27 Dec 2022 18:59:38 GMT
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing
total;dur=45, dc;desc="dc3"
Content-Length
379
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 27 Dec 2022 18:59:38 GMT
Server
DMS/1.0.42
Etag
W/"_nltaTdGtmfoJrg6d_YFqA-gzip"
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary
X-DM-SSL,Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date, X-DM-BackNode-Response-Time, X-DM-Edge, X-DM-Cache-Status, X-Served-By
Cache-Control
public, max-age=900
X-Frame-Options
DENY
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type, Authorization
X-Robots-Tag
noindex
videos
api.dailymotion.com/ 		602 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.dailymotion.com/videos?owners=x2hdhi4&channel=lifestyle&fields=id,title,thumbnail_url&limit=4
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/static/js/2.01ce7ec8.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
21102c92668311558f3f0f4b1a5da26243e06653b6854e55d462202e2e3a2895
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://jalantikus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Date
Tue, 27 Dec 2022 18:59:38 GMT
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing
total;dur=48, dc;desc="dc3"
Content-Length
363
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 27 Dec 2022 18:59:38 GMT
Server
DMS/1.0.42
Etag
W/"C8_dxdtclkYwyCZG1mgpuw-gzip"
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary
X-DM-SSL,Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date, X-DM-BackNode-Response-Time, X-DM-Edge, X-DM-Cache-Status, X-Served-By
Cache-Control
public, max-age=900
X-Frame-Options
DENY
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type, Authorization
X-Robots-Tag
noindex
videos
api.dailymotion.com/ 		607 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.dailymotion.com/videos?owners=x2hdhi4&channel=news&fields=id,title,thumbnail_url&limit=4
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/static/js/2.01ce7ec8.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
626ae6995fca86a97ecdf2d2d7ab51e7c8fe06a5cc1b03667ec9efc010cf7ba8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://jalantikus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Date
Tue, 27 Dec 2022 18:59:38 GMT
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing
total;dur=49, dc;desc="dc3"
Content-Length
361
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 27 Dec 2022 18:59:38 GMT
Server
DMS/1.0.42
Etag
W/"ZksQKXA1d37arD1GjcZZsw-gzip"
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary
X-DM-SSL,Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date, X-DM-BackNode-Response-Time, X-DM-Edge, X-DM-Cache-Status, X-Served-By
Cache-Control
public, max-age=900
X-Frame-Options
DENY
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type, Authorization
X-Robots-Tag
noindex
nfts
api.jalantikus.com/v1/component/article/ 		13 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.jalantikus.com/v1/component/article/nfts
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/static/js/2.01ce7ec8.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.225 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
b2a14aba85d94354bdf2c6cc7b6761c1cce6973ef7977a49098aaa1619965583
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://jalantikus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 18:56:24 GMT
X-Scheme
https
Content-Encoding
gzip
X-Real-IP
80.255.7.104
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-Host
api1
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
kendaraan-listrik
api.jalantikus.com/v1/component/article/ 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.jalantikus.com/v1/component/article/kendaraan-listrik
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/static/js/2.01ce7ec8.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.225 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
7718a7c9a88ace65d95a797e8748dd111b6f0abfcdf7fa0b15a306012d5322a2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://jalantikus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 18:56:24 GMT
X-Scheme
https
Content-Encoding
gzip
X-Real-IP
80.255.7.104
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-Host
api1
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
collect
region1.google-analytics.com/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TLEJ5CZFT5&gtm=2oebu0&_p=136211506&cid=1292710703.1672167578&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672167578&sct=1&seg=0&dl=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&dt=Solusi%20Lengkap%20Download%2C%20Informasi%20Teknologi%2C%20Lifestyle%20dan%20Gadget&en=page_view&_fv=1&_ss=1&_c=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TLEJ5CZFT5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://jalantikus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=136211506&t=event&ni=1&_s=1&dl=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&ul=en-us&de=UTF-8&dt=Solusi%20Lengkap%20Download%2C%20Informasi%20Teknologi%2C%20Lifestyle%20dan%20Gadget&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=undefined&ea=Article%20Read&el=%2Ftips%2Fdownload-youtube-premium-apk%2F&_u=YADAAEABAAAAACAAI~&jid=687993493&gjid=2020715234&cid=1292710703.1672167578&tid=UA-56475281-2&_gid=782432545.1672167578&_r=1&gtm=2wgbu0WVNL8MB&z=1351974811
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://jalantikus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://jalantikus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/reactive_library_fy2021.js?bust=31071219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3376685942337626&plah=jalantikus.com&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
296752c66aef7e7dd53ce2d26717a83ce5875b82e25b5834cc6688f95bbefec8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52345
x-xss-protection
0
server
cafe
etag
14406861171711012691
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 18:59:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8&c=ca-pub-3376685942337626&eid=44759876%2C44759927%2C44759837%2C31071219%2C44779344%2C44779793
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/slotcar_library_fy2021.js?bust=31071219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3376685942337626
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb8e1062945ac3513efb304595b6b7ffa5a3b7aeb06b810cc8fc369707451eed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28120
x-xss-protection
0
server
cafe
etag
2684653129129202564
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 18:59:38 GMT
clarity.js
www.clarity.ms/eus2-c/s/0.7.1/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2-c/s/0.7.1/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/dz6v6tborw?ref=gtm2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:38 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0EHyqYwAAAAAjVngxsy4zRqfTqJDS2EI0RlJBMjMxMDUwNDE4MDI3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"1d913c18f6c839e"
x-azure-ref
0mkCrYwAAAACPRVCBTLBsTJF0Zb+i/+CSRlJBMjMxMDUwNDE5MDM5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&event=api_ld&time=1235&time_pr=1672167578591&eid=44759876%2C44759927%2C44759837%2C31071219%2C44779344%2C44779793
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8&c=ca-pub-3376685942337626&eid=44759876%2C44759927%2C44759837%2C31071219%2C44779344%2C44779793
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=1&tms=200&eid=44759876%2C44759927%2C44759837%2C31071219%2C44779344%2C44779793
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3376685942337626&plah=jalantikus.com&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3376685942337626&plah=jalantikus.com&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame D5F1 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3376685942337626&plah=jalantikus.com&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
25938
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 11:47:20 GMT
etag
10353107486223812946
expires
Tue, 10 Jan 2023 11:47:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-56475281-2&cid=1292710703.1672167578&jid=687993493&gjid=2020715234&_gid=782432545.1672167578&_u=YADAAEAAAAAAACAAI~&z=1976783688
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://jalantikus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 27 Dec 2022 18:59:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://jalantikus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
error_handler.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D5F1 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/error_handler.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 04:43:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
51382
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3136
x-xss-protection
0
server
cafe
etag
5752131211420753933
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 04:43:16 GMT
css2
fonts.googleapis.com/ Frame D5F1 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Dec 2022 18:59:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 18:26:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Dec 2022 18:59:38 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D5F1 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 23:42:32 GMT
x-content-type-options
nosniff
age
69426
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 26 Dec 2023 23:42:32 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D5F1 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 16:40:06 GMT
x-content-type-options
nosniff
age
8372
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 27 Dec 2023 16:40:06 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame D5F1 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 09:01:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
35866
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8084
x-xss-protection
0
server
cafe
etag
2222875591315018765
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 09:01:52 GMT
collect
i.clarity.ms/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.7.1/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://jalantikus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://jalantikus.com
date
Tue, 27 Dec 2022 18:59:38 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-56475281-2&cid=1292710703.1672167578&jid=687993493&_u=YADAAEAAAAAAACAAI~&z=1104771992
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-56475281-2&cid=1292710703.1672167578&jid=687993493&_u=YADAAEAAAAAAACAAI~&z=1104771992
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
error_handler.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F584 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/error_handler.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 04:43:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
51382
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3136
x-xss-protection
0
server
cafe
etag
5752131211420753933
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 04:43:16 GMT
css
fonts.googleapis.com/ Frame F584 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Dec 2022 18:59:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 18:05:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Dec 2022 18:59:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F584 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Dec 2022 18:59:38 GMT
5abbe811e7745ada511aeaa994a13f9f.js
www.gstatic.com/mysidia/ Frame F584 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 16:52:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
94054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14213
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 23:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 26 Mar 2023 16:52:04 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ia_evt&aflvr=true&al=204&qid=CLGB7dO9mvwCFU17YgodKmQFXg&eid=44779344&ns=2888.5999994277954&fs=204&req=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20221207%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-0-%26adk%3D1812271808%26client%3Dca-pub-3376685942337626%26fa%3D8%26ifi%3D2%26uci%3Da!2%26xpc%3DLelYZqL9DP%26p%3Dhttps%253A%2F%2Fjalantikus.com&ptt=9&comm=true
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a4c3bfb638ca9df11118af719117162af4b771659a078b21ef0f325b5417e84

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
share-icon.4abc5111.svg
jalantikus.com/static/media/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jalantikus.com/static/media/share-icon.4abc5111.svg
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.155.223.195 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx/1.20.1 / Express
Resource Hash
7faf471db12972c906602b9ce190a8c30fe64f4630929f54bd1e5070a1db7d83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/tips/download-youtube-premium-apk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:52:19 GMT
server
nginx/1.20.1
x-powered-by
Express
etag
W/"868-18519b4859b"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=136211506&t=pageview&_s=1&dl=jalantikus.comtips%2Fdownload-youtube-premium-apk%2F&dp=%2Ftips%2Fdownload-youtube-premium-apk%2F&dh=jalantikus.com&ul=en-us&de=UTF-8&dt=YouTube%20Premium%20MOD%20APK%2017.45.34%20Premium%20Unlocked%202022%20%7C%20JalanTikus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAACgCI~&jid=100901188&gjid=1049492715&cid=1292710703.1672167578&tid=UA-56475281-2&_gid=782432545.1672167578&_r=1&_slc=1&z=1232824380
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://jalantikus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://jalantikus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
content
api.jalantikus.com/v1/component/article/fetchParts/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.jalantikus.com/v1/component/article/fetchParts/content?pid=1&page=1&type=regular
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/static/js/2.01ce7ec8.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
124.155.223.225 , Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
nginx /
Resource Hash
45687a8d24c8c06f1a248a45a547e94621879ed1fb13ed7a6a13e5c77a980cb5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://jalantikus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 18:56:24 GMT
X-Scheme
https
Content-Encoding
gzip
X-Real-IP
80.255.7.104
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-Host
api1
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		234 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3074899679744946&correlator=1665227854877032&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=21702367101%2CJT_970x90%2CJT_970x90_top%2CJT_300x600%2CJT_300x600_above_popular%2CJT_300x250%2CJT_300x250_below_popular%2CJT_300x600_below_popular%2CJT_728x90%2CJT_728x90_below_artikelterkait%2CJT_300x600_right_artikelterbaru%2CJT_300x250_right_artikelterbaru%2CJT_970x90_scroll1_artikelterbaru%2CJT_300x600_scroll1_artikelterbaru%2CJT_300x250_scroll1_artikelterbaru&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F3%2F4%2C%2F0%2F5%2F6%2C%2F0%2F3%2F7%2C%2F0%2F8%2C%2F0%2F8%2F9%2C%2F0%2F3%2F10%2C%2F0%2F5%2F11%2C%2F0%2F1%2F12%2C%2F0%2F3%2F13%2C%2F0%2F5%2F14&prev_iu_szs=320x50%7C960x90%7C970x66%7C728x90%7C950x90%7C970x90%2C320x50%7C300x300%7C300x600%7C300x250%2C320x50%7C200x200%7C300x50%7C300x250%7C300x31%7C300x75%7C300x200%7C300x100%2C320x50%7C300x300%7C300x600%7C300x250%2C320x50%7C728x90%2C320x50%7C728x90%2C320x50%7C300x300%7C300x600%7C300x250%2C320x50%7C200x200%7C300x50%7C300x250%7C300x31%7C300x75%7C300x200%7C300x100%2C320x50%7C960x90%7C970x66%7C728x90%7C950x90%7C970x90%2C320x50%7C300x300%7C300x600%7C300x250%2C320x50%7C200x200%7C300x50%7C300x250%7C300x31%7C300x75%7C300x200%7C300x100&fluid=height%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight&ifi=3&adks=2231953469%2C1256796774%2C1313379101%2C3734755548%2C2345174891%2C3940590619%2C2213756877%2C2515021009%2C927483850%2C4065083531%2C4168568716&didk=93643355~93643354~93643353~93643352~93643351~93643350~93643349~93643348~93643347~2979358333~2979358332&sfv=1-0-40&prev_scp=WriterID_date%3D3425271122%26tag_ID%3D0119%26seo_tag%3D0701%26content_id%3D34558%26categoryID%3D0108%7CWriterID_date%3D3425271122%26tag_ID%3D0119%26seo_tag%3D0701%26content_id%3D34558%26categoryID%3D0108%7CWriterID_date%3D3425271122%26tag_ID%3D0119%26seo_tag%3D0701%26content_id%3D34558%26categoryID%3D0108%7CWriterID_date%3D3425271122%26tag_ID%3D0119%26seo_tag%3D0701%26content_id%3D34558%26categoryID%3D0108%7CWriterID_date%3D3425271122%26tag_ID%3D0119%26seo_tag%3D0701%26content_id%3D34558%26categoryID%3D0108%7CWriterID_date%3D3425271122%26tag_ID%3D0119%26seo_tag%3D0701%26content_id%3D34558%26categoryID%3D0108%7CWriterID_date%3D3425271122%26tag_ID%3D0119%26seo_tag%3D0701%26content_id%3D34558%26categoryID%3D0108%7CWriterID_date%3D3425271122%26tag_ID%3D0119%26seo_tag%3D0701%26content_id%3D34558%26categoryID%3D0108%7CWriterID_date%3D3425271122%26tag_ID%3D0119%26seo_tag%3D0701%26content_id%3D34558%26categoryID%3D0108%7CWriterID_date%3D3425271122%26tag_ID%3D0119%26seo_tag%3D0701%26content_id%3D34558%26categoryID%3D0108%7CWriterID_date%3D3425271122%26tag_ID%3D0119%26seo_tag%3D0701%26content_id%3D34558%26categoryID%3D0108&sc=1&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg&abxe=1&dt=1672167578968&lmt=1672167578&dlt=1672167576983&idt=488&adxs=320%2C1074%2C1124%2C1074%2C320%2C-9%2C1074%2C1124%2C320%2C1074%2C1124&adys=86%2C386%2C953%2C969%2C7761%2C-9%2C8424%2C8440%2C8472%2C8488%2C8504&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C1%7C-1%7C2%7C3%7C4%7C5%7C6&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&frm=20&vis=1&psz=960x100%7C300x0%7C200x0%7C300x0%7C728x0%7C0x-1%7C300x0%7C200x0%7C960x0%7C300x0%7C200x0&msz=960x0%7C300x0%7C200x0%7C300x0%7C728x0%7C0x-1%7C300x0%7C200x0%7C960x0%7C300x0%7C200x0&fws=4%2C4%2C4%2C4%2C4%2C2%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C0%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=1292710703.1672167578&ga_sid=1672167578&ga_hid=136211506&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
838682ea23c2c9a03e0cf8f8294aac18990715b4c2868d62012f8cd6c9fec51f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37625
x-xss-protection
0
google-lineitem-id
-1,-1,-2,-1,-1,-1,-1,-2,-2,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-2,-1,-1,-1,-1,-2,-2,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://jalantikus.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0F05 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:59:39 GMT
expires
Wed, 27 Dec 2023 18:59:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
subresource.wbn
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame F584 		0
51 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/subresource.wbn
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52381
x-xss-protection
0
server
cafe
etag
7065473307912138658
vary
Accept-Encoding
content-type
application/webbundle
access-control-allow-origin
*
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 18:59:39 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F584 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
HTTP/1.1
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
751d553428d5a12f48713eded93b897b76a86182d7636ab668da62efaa55b100
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
X-Content-Type-Options
nosniff, nosniff
content-type
text/javascript; charset=utf-8
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame F584 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
HTTP/1.1
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
432a0e678fd554e5e225965e0baf8ce42c2f047720d52600885f6e672b241674
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
X-Content-Type-Options
nosniff, nosniff
content-type
text/javascript; charset=utf-8
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-56475281-2&cid=1292710703.1672167578&jid=100901188&gjid=1049492715&_gid=782432545.1672167578&_u=aADAAEABAAAAACgCI~&z=1334036717
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4025:401::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://jalantikus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 27 Dec 2022 18:59:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://jalantikus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		145 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PQ3GKRX&l=gliaDataLayer&cb=167216
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/player/id_jalantikus_desktop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2f6503fbf807cd8decde3fa77ec65362dd4281fb5d3bccae396deb2275de942b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53933
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 27 Dec 2022 18:59:39 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=283156&sync_limit=7
  • https://sync.search.spotxchange.com/partner?source=283156&sync_limit=7&__user_check__=1&sync_id=9d22b166-8618-11ed-8c31-1ab0ad8d0406
0
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=283156&sync_limit=7&__user_check__=1&sync_id=9d22b166-8618-11ed-8c31-1ab0ad8d0406
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Tue, 27 Dec 2022 18:59:39 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
87
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Tue, 27 Dec 2022 18:59:39 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?source=283156&sync_limit=7&__user_check__=1&sync_id=9d22b166-8618-11ed-8c31-1ab0ad8d0406
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
105
Connection
keep-alive
Content-Length
0
review-youtube-premium-apk.jpg
i.ibb.co/pd9nr2W/
Redirect Chain
  • https://i.ibb.co/pd9nr2W/review-youtube-premium-apk.jpg.webp
  • https://i.ibb.co/pd9nr2W/review-youtube-premium-apk.jpg
45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/pd9nr2W/review-youtube-premium-apk.jpg
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Server
162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096669.ip-162-19-58.eu
Software
nginx /
Resource Hash
ccb9f5257f90e16ce5a3a9ceadc67e65d8825346beb4d8ff6768784c4fdf9d58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
last-modified
Tue, 11 Oct 2022 04:26:34 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
46289
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location
https://i.ibb.co/pd9nr2W/review-youtube-premium-apk.jpg
date
Tue, 27 Dec 2022 18:59:39 GMT
server
nginx
content-length
162
content-type
text/html
gliaplayer-plyr.js
player.gliacloud.com/p/embed/ 		338 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.gliacloud.com/p/embed/gliaplayer-plyr.js?v=0.3.97
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/player/id_jalantikus_desktop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0153561a98be140aa706cb0bf97e7f54960d75f831082ed23062cce02f46f02c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48002
cf-polished
origSize=346266
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
Public
cf-bgj
minify
last-modified
Tue, 27 Dec 2022 05:39:37 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaVbEXTuwXNFWTsuuY79is96AhYKagsPGXLx9YmDO0y2LpyWJnhN3%2Bqj0ESBzLYQwtSFwQ2jlK2qrI9KqIC5G1TQo4YUmzR1IFfwk3N%2BIkTCWalBZnXSLnJG5A3QsfLn9y1YSB7hRE2VHw2m6NMW3B2s%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-cloud-trace-context
7148a7d51416a13bd499ee90b6d97793
cache-control
public, max-age=86400
cf-ray
78044b696ff48e12-LHR
priority
u=3,i=?0
expires
Wed, 28 Dec 2022 05:28:39 GMT
gliaplayer-plyr.css
player.gliacloud.com/p/embed/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.gliacloud.com/p/embed/gliaplayer-plyr.css?v=0.3.97
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/player/id_jalantikus_desktop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
125f36147085c8cb10932ca3480430d305bf29e6256ca61ec1f72112ef6bccbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48002
cf-polished
origSize=26466
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
Public
cf-bgj
minify
last-modified
Tue, 27 Dec 2022 05:39:37 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=giOOo9zARW5O1F6CZJy8ZhBc%2Fb9GSqqsvV2D0jUDttinsj2dazo26O0YdY92cVn8lZu3oL5ZQqtVj7L7W1Rw1%2FT4k4oiFqzP4%2BznJ5KWcm8P8haa3CXbdZsEvZPufBlK0VyljTEBmKEMDVyeR29zlIOiXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-cloud-trace-context
231cc621641065766a1350a46625daac
cache-control
public, max-age=86400
cf-ray
78044b696ff18e12-LHR
priority
u=0,i=?0
expires
Wed, 28 Dec 2022 05:34:12 GMT
pixel.gif
pixel.gliacloud.com/glia_player_media3/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media3/pixel.gif?ul=en-US&ssid=9d09ddc0-8618-11ed-b075-2f2775135070&ea=loader.init&pgu=https%253A%252F%252Fjalantikus.com%252Ftips%252Fdownload-youtube-premium-apk%252F&pgt=YouTube%20Premium%20MOD%20APK%2017.45.34%20Premium%20Unlocked%202022%20%7C%20JalanTikus&sid=glia-id_jalantikus_desktop_simple&sk=id_jalantikus_desktop&si=id_jalantikus_desktop_simple&sa=id_jalantikus&pt=SimplePlayer&pv=0.3.97&ab=0&ta=0&cb=3293547420779590
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
/
kinesis.ap-southeast-1.amazonaws.com/ 		110 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kinesis.ap-southeast-1.amazonaws.com/
Requested by
Host: avivid.likr.tw
URL: https://avivid.likr.tw/sample/aws-sdk-AviviD-min-1.000.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.113.77 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-113-77.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
8ce3eadd8a5743fff9522192e03cc365a2412a6a6efce4e849b4f868b47c67ce

Request headers

accept-language
de-DE,de;q=0.9
authorization
AWS4-HMAC-SHA256 Credential=AKIATBR2IINU2ISIXU72/20221227/ap-southeast-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=8b7dba0055bf01fa0b77a31ba430683c5ed42193a8b83ab7703b5903ee491406
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
application/x-amz-json-1.1
x-amz-content-sha256
3778bda92f7a08f8c1b18466f06f446ad068dfbf2f51d361cd7ed2d138225051
Referer
https://jalantikus.com/
x-amz-target
Kinesis_20131202.PutRecord
x-amz-date
20221227T185939Z
x-amz-user-agent
aws-sdk-js/2.769.0 callback

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Tue, 27 Dec 2022 18:59:39 GMT
x-amzn-RequestId
ffbb5cbb-833c-5b1c-a39e-1e604c2764cf
Content-Length
110
x-amz-id-2
8nLci+CK853jjPRHGX/u1+TgxfS1GCeLs4mXxHHArhMyvI7JKsW7ydfrlXGw9rSyeESDMPkxab70+t7fEbOkQzB/wkZVqTMe
Content-Type
application/x-amz-json-1.1
/
kinesis.ap-southeast-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.ap-southeast-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.113.77 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-113-77.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://jalantikus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Tue, 27 Dec 2022 18:59:39 GMT
x-amzn-RequestId
da8ebd8c-a710-35ef-86ab-ff57680b0a3c
css
fonts.googleapis.com/ 		3 KB
562 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-plyr.css?v=0.3.97
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
63e55165cb26efa3df20628f8c2dfc0b13e7d7e7629761fe9f43b34d5498ea46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.gliacloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Dec 2022 18:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 18:46:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Dec 2022 18:59:39 GMT
css
fonts.googleapis.com/ 		117 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap&subset=chinese-traditional
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-plyr.css?v=0.3.97
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c9f7cf605fe9b7997cd43da48328bdfc7166b1d3cc48a69fdc120ca09440ccb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.gliacloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Dec 2022 18:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 18:59:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Dec 2022 18:59:39 GMT
css
fonts.googleapis.com/ 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-plyr.css?v=0.3.97
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.gliacloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Dec 2022 18:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 17:14:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Dec 2022 18:59:39 GMT
icon
fonts.googleapis.com/ 		569 B
367 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-plyr.css?v=0.3.97
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.gliacloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Dec 2022 18:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 18:59:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Dec 2022 18:59:39 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-56475281-2&cid=1292710703.1672167578&jid=100901188&_u=aADAAEABAAAAACgCI~&z=2004882188
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-56475281-2&cid=1292710703.1672167578&jid=100901188&_u=aADAAEABAAAAACgCI~&z=2004882188
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		496 KB
88 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3074899679744946&correlator=2289273384272140&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=21702367101%2CJT_Ads&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=728x90%2C728x90%2C728x90&ifi=14&adks=3061532893%2C3857514716%2C4238478334&didk=1687094716~3358838710~123856612&sfv=1-0-40&prev_scp=WriterID_date%3D3425271122%26tag_ID%3D0119%26seo_tag%3D0701%26domain_ID%3Dundefined%26content_id%3D34558%26categoryID%3D0108%26jt_ads%3Dv3_728x90_desktop%7CWriterID_date%3D3425271122%26tag_ID%3D0119%26seo_tag%3D0701%26domain_ID%3Dundefined%26content_id%3D34558%26categoryID%3D0108%26jt_ads%3Dv1_728x90_desktop%7CWriterID_date%3D3425271122%26tag_ID%3D0119%26seo_tag%3D0701%26domain_ID%3Dundefined%26content_id%3D34558%26categoryID%3D0108%26jt_ads%3Dv1_728x90_desktop&eri=1&sc=1&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg&abxe=1&dt=1672167579200&lmt=1672167579&dlt=1672167576983&idt=488&adxs=326%2C326%2C326&adys=7851%2C1737%2C2282&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=7%7C8%7C9&ucis=c%7Cd%7Ce&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&frm=20&vis=1&psz=716x90%7C716x90%7C716x90&msz=728x-1%7C728x-1%7C728x-1&fws=4%2C4%2C4&ohw=1600%2C1600%2C1600&ga_vid=1292710703.1672167578&ga_sid=1672167578&ga_hid=136211506&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e407b89d65ac453787833b177246e3a4da09958982e08e0d96f37446bb1aee7f
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL6lxNS9mvwCFY-M3godJHgBMA&gqi=&layout=/sadbundle/%24csp%253Der3%24/12406491265686199930/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL2lxNS9mvwCFY-M3godJHgBMA&gqi=&layout=/sadbundle/%24csp%253Der3%24/12406491265686199930/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL6lxNS9mvwCFY-M3godJHgBMA&gqi=&layout=/sadbundle/%24csp%253Der3%24/12406491265686199930/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL2lxNS9mvwCFY-M3godJHgBMA&gqi=&layout=/sadbundle/%24csp%253Der3%24/12406491265686199930/index.html
date
Tue, 27 Dec 2022 18:59:39 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90038
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://jalantikus.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 53CA 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3132
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:07:27 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F584 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
HTTP/1.1
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2286ec341537b6ac60edddc2db84438c2cce9c6629f3cd633ae139d6cd741de
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
X-Content-Type-Options
nosniff, nosniff
content-type
text/javascript; charset=utf-8
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F584 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
HTTP/1.1
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d9b1f9c4fbd23c7f9122ea15bd14ae8bb7174503cf0dd7619728fdea75246ad
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
X-Content-Type-Options
nosniff, nosniff
content-type
text/javascript; charset=utf-8
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=9d09ddc0-8618-11ed-b075-2f2775135070&ea=player.init&pgu=https%253A%252F%252Fjalantikus.com%252Ftips%252Fdownload-youtube-premium-apk%252F&pgt=YouTube%20Premium%20MOD%20APK%2017.45.34%20Premium%20Unlocked%202022%20%7C%20JalanTikus&sid=glia-id_jalantikus_desktop_simple&sk=id_jalantikus_desktop&si=id_jalantikus_desktop_simple&sa=id_jalantikus&pt=SimplePlayer&pv=0.3.97&ab=0&ta=0&cb=920416085685560.4
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
jalantikus.com%7CSimplePlayer
player.gliacloud.com/article/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://player.gliacloud.com/article/jalantikus.com%7CSimplePlayer
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-plyr.js?v=0.3.97
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfc4a5f9c8e29203683d05aac53a56c9fc2599393f93d50f4afef7a14f29aafd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
429
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
Public
last-modified
Tue, 27 Dec 2022 18:52:30 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQ%2F2PdKyq8%2B1f0R4U1uF%2BYja1mG6k6VPUGEJW45KmmQ8NY6czGMDpI3PF4oIiQF0ab15guJvtamWWdTlFL%2BMu2TF0Nv0XXYSbNql6GWN8iTiR62wAKVgqEZRH3qoOr9Q4FiXDfPjkWc7QTqVEb70iZU8VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
a96779f9831ee9665c4a470876dc8980
cache-control
public, max-age=900
cf-ray
78044b6b2bb37713-LHR
priority
u=1,i=?0
expires
Tue, 27 Dec 2022 19:07:30 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 53CA
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:59:39 GMT
expires
Tue, 27 Dec 2022 18:59:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:59:39 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 4FBB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 09:30:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Dec 2023 09:30:51 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://jalantikus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 16:06:09 GMT
x-content-type-options
nosniff
age
10410
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Dec 2023 16:06:09 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		372 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-plyr.js?v=0.3.97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126857
x-xss-protection
0
expires
Tue, 27 Dec 2022 18:59:39 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 		125 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://jalantikus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 05:06:38 GMT
x-content-type-options
nosniff
age
395581
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128352
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 00:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 05:06:38 GMT
container.html
ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 33CD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:59:39 GMT
expires
Wed, 27 Dec 2023 18:59:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame 47BF 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 22 Dec 2022 13:03:38 GMT
age
453361
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Dec 2023 13:03:38 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 47BF 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 25 Dec 2022 00:07:13 GMT
age
240746
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 25 Dec 2023 00:07:13 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 47BF 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Dec 2022 03:15:31 GMT
age
143048
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Dec 2023 03:15:31 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 47BF 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 25 Dec 2022 13:38:30 GMT
age
192069
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 25 Dec 2023 13:38:30 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 47BF 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 25 Dec 2022 13:46:16 GMT
age
191603
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 25 Dec 2023 13:46:16 GMT
truncated
/ Frame 47BF 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7959f2e6aeae5293a97b9f672aa17871fede4394ed3bc78e6cb9cbfc791ac608

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
container.html
ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B7E9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:59:39 GMT
expires
Wed, 27 Dec 2023 18:59:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3893 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:59:39 GMT
expires
Wed, 27 Dec 2023 18:59:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame 56D9 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 22 Dec 2022 13:03:38 GMT
age
453361
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Dec 2023 13:03:38 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 56D9 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 25 Dec 2022 00:07:13 GMT
age
240746
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 25 Dec 2023 00:07:13 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 56D9 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Dec 2022 03:15:31 GMT
age
143048
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Dec 2023 03:15:31 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 56D9 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 25 Dec 2022 13:38:30 GMT
age
192069
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 25 Dec 2023 13:38:30 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 56D9 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 25 Dec 2022 13:46:16 GMT
age
191603
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 25 Dec 2023 13:46:16 GMT
css
fonts.googleapis.com/ Frame 56D9 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Dec 2022 18:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 18:05:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Dec 2022 18:59:39 GMT
container.html
ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FC7D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:59:39 GMT
expires
Wed, 27 Dec 2023 18:59:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
7728774069007157340
tpc.googlesyndication.com/simgad/ Frame 47BF 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7728774069007157340?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkDEkRU3gMZJOwruaKRGwxjGoDZHQ
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
544d0ea0aa3455ee9a8502e41dc0fb27f23862cc52e9af5d5c90288280933810
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 14:12:32 GMT
x-content-type-options
nosniff
age
103627
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74614
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 14:13:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 26 Dec 2023 14:12:32 GMT
id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 47BF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id.png
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 10:15:07 GMT
x-content-type-options
nosniff
server
cafe
age
31472
etag
12948112503563494795
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3020
x-xss-protection
0
expires
Wed, 28 Dec 2022 10:15:07 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 47BF 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 10:22:22 GMT
x-content-type-options
nosniff
server
cafe
age
31037
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 28 Dec 2022 10:22:22 GMT
l
www.google.com/ads/measurement/ Frame 47BF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSErxGhsJJK7D88_BeBL1ZrfGU_tyjgv7TcO0YzCe7wEA1kZ_20a3C-cfFNPlBbJ0NTaI0i1KLyu2MU1UizAhb90xFfLQ
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 47BF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CJiqpm0CrY4faA8bYgAeLh7KID9ua14luzbv23eIQ2dkeEAEg1ceLaGCVsoKCmAegAejn-dkDyAECqQJjTU4bBNSxPuACAKgDAcgDCKoEjAJP0K4zqWBQYzPnL32nsT7KuPd8uOL_BhAblmfY8KhzzTvfadaohz6Ow2lwuFM7oLwpiHPdjvuOayaQSKOIOgnUE60819yMIrdb9R2aY6j1dpwR4VW3qJAnE0HT5din_KqipMrYi3JhaAJFDulv4DFO4TRxiOZ7spvyQHNGGaM1CC8RshYUkbZUtsRx4o4o4C9rxDmORQXl08UjJuupn-6E0k9QrkFjFysziggv34pGa36suG3EpB5A7IvAXxLGroW5KT2Ub-3wYPZCoFuBtMA4K_6Al2hAxmMskgXcl2qi8CGvF8xw_Vxg2vYuRFaJvpim-swIGjF9jmWmjOrdSMsolFBKDimobOMhSzOVwAT3rKTlpgTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHgJiGJqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEL_vAdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMC0BUBgBcBshceChwIABIUcHViLTUzOTg5ODk2ODA4NDEyMjEYpKts&sigh=WY-EdEcfDt8&uach_m=[UACH]&cid=CAQSPADq26N9xxhJwomczkILe_G5dfY_X_LvkjgQRMOxBK3bEm7BKTpLQik2MI5E-jK7UuosrsIjXYJs10EAwBgBIBM
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 56D9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id.png
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 10:15:07 GMT
x-content-type-options
nosniff
server
cafe
age
31472
etag
12948112503563494795
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3020
x-xss-protection
0
expires
Wed, 28 Dec 2022 10:15:07 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 56D9 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 10:22:22 GMT
x-content-type-options
nosniff
server
cafe
age
31037
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 28 Dec 2022 10:22:22 GMT
l
www.google.com/ads/measurement/ Frame 56D9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRZJ8T8q_N4N9K9VHw5ufWx08d_s81s1uL46b1PXnltpCUv475x0D61Erw0IbiL1vYJjpZKb9OTIUuvuQ028SI-_EvTlw
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 56D9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CPciDm0CrY4zaA8bYgAeLh7KID8DB5Y1u8OeizqQQ8t3S4LIBEAEg1ceLaGCVsoKCmAegAbeYgaIoyAEJqQKxzL4lW1B7PuACAKgDAcgDCqoEjAJP0Gp-Ozkyg2D6PJ9Tb_4-LPC2ojoGprM9xDvmuDd1v_fuJAi3JDSqJ61uokMYqP1fK5IBxm0WTjoKPRYxPDoQFlGA3KSlHmSgeK1TyzlCvQBaML1GCZtnn8Yp9Irdo8B3w6vfdOzLRvhI1AGiaWE9f-1JHhIozrEV2am5ZjDzHN1C6B5fHHz1GmXz6Ec2-9KfBnZ8dDi5j_GcQop30pmgS2ekXKl7Q3GXACEsxJuQxRVZ1l3vdbq2KLX5mAgpDobhynczjk0jTGP3ejoHr1oP7wpt_RnXz5JRzJe4Q91SRl3bLtCzmGTty2ElcJSsiSuxDKqOuKYy45zga9J6XZ6CS4_4ghdWVi0AKwSowASvqbmeoATgBAGSBQQIBBgBkgUECAUYBKAGLoAH_dimrQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxDwLtIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTUzOTg5ODk2ODA4NDEyMjEYpKts&sigh=DSofImVIAJE&uach_m=[UACH]&cid=CAQSPADq26N9xxhJwomczkILe_G5dfY_X_LvkjgQRMOxBK3bEm7BKTpLQik2MI5E-jK7UuosrsIjXYJs10EAwBgBIBM&template_id=5000
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
14763004658117789537
tpc.googlesyndication.com/simgad/5138588182162159514/ Frame 56D9 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5138588182162159514/14763004658117789537?w=400&h=209
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16ffa918ef329affc889ef18cd80755d53562fe4eb946b16090e9298accc4963
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 09:40:38 GMT
x-content-type-options
nosniff
age
206341
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4834
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 05:11:12 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 25 Dec 2023 09:40:38 GMT
truncated
/ Frame 56D9 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 56D9 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e748d47e0930e87a515df7e2a11e9d797dd670598254900fdbd654593f001a9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 56D9 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac1b4fbf485f8551e6a1a423e3f6a86e3f7701f6bcc6c320b7069049b2ace4b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
/
firehose.ap-southeast-1.amazonaws.com/ 		257 B
706 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firehose.ap-southeast-1.amazonaws.com/
Requested by
Host: avivid.likr.tw
URL: https://avivid.likr.tw/sample/aws-sdk-AviviD-min-1.000.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.113.78 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-113-78.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
5fa74fec1b6ce99200d910b4f60f4ab9d11107a96ea10688cdb2e541b305945d

Request headers

accept-language
de-DE,de;q=0.9
authorization
AWS4-HMAC-SHA256 Credential=AKIATBR2IINUW3Y6AWEJ/20221227/ap-southeast-1/firehose/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=8eb512141dd9f700471ec627a19a29499ce3a46b60da912ccca812e75d4adce5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
application/x-amz-json-1.1
x-amz-content-sha256
89cc5ef75081f69fb744ca8471623fc074f0ea5256d3d84b8a6fd2b261b62b6b
Referer
https://jalantikus.com/
x-amz-target
Firehose_20150804.PutRecord
x-amz-date
20221227T185939Z
x-amz-user-agent
aws-sdk-js/2.769.0 callback

Response headers

Date
Tue, 27 Dec 2022 18:59:39 GMT
Content-Encoding
gzip
x-amzn-RequestId
dbaffe4b-5ec0-a10b-878a-bc97d912c9f7
Content-Type
application/x-amz-json-1.1
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Content-Length
246
x-amz-id-2
JUSnIOe27UsCbCQ+xgm/FkFsyGIKpDyTAqONRWNXA5y3xcxjBWfMgy+VzfH7zSDObQoTbneIfJUuU2P7cThldu+dEDg6jklm
/
firehose.ap-southeast-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firehose.ap-southeast-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.113.78 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-113-78.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://jalantikus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Encoding
gzip
Content-Length
20
Date
Tue, 27 Dec 2022 18:59:39 GMT
x-amzn-RequestId
f3cb57c0-2d22-7e3c-afee-151caaf016c0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 56D9 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://jalantikus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 21:35:41 GMT
x-content-type-options
nosniff
age
422638
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 21:35:41 GMT
container.html
ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2244 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:59:39 GMT
expires
Wed, 27 Dec 2023 18:59:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 73CE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:59:39 GMT
expires
Wed, 27 Dec 2023 18:59:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adScriptBlocking.min.js
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScriptBlocking.min.js
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-plyr.js?v=0.3.97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1247c5908b57ebe0df7f19df07e1ac94d2d7e0732e656589d812c78e227a2dc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
35203
x-jsd-version
2.3.99
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230128-FRA, cache-yyz4570-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"6bd-i5j+urC27QMXNjmir8Keah+heXI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8G7Qrxj8BKLYhrlbpBuCZCyIuXAP%2FD2nEDRb%2B1bjQvT9x5nigUbNt4eCvIteeMIr3Rad%2BgGE0EUI7yPxmfaKMtUSdJzJHas8ETgvUv607Vxwb%2FwOBlxjd%2Bkb%2Feynyz8oTK6qdJG98vRXvWeTrA0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
78044b6def839b5b-FRA
jalantikus.com
player.gliacloud.com/violations/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://player.gliacloud.com/violations/jalantikus.com
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-plyr.js?v=0.3.97
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
854e57129b1144586cd2ea3bc9fab7162b3865b6e413892c351306658a2b7a8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
847
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
Public
last-modified
Tue, 27 Dec 2022 18:45:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FzYHcfuOThJpKHGmh9MFkCM99PolKYhXcO8fBB%2B5aUIx395E3k7BXA5ng9so95HLAXKo%2BRd39UAmniMcTdWeFSG8EimpUCW7MVSnjBHPaxufGwEkZt0VKETX5lkY%2FXuLOlY11q6lsauizpPZnSNM5RI3Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
c8e18a4bf5d656cd387a2e20a3f19119
cache-control
public, max-age=900
cf-ray
78044b6d780a7713-LHR
priority
u=1,i=?0
expires
Tue, 27 Dec 2022 18:51:09 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame FC7D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CqrwVm0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSqAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItc3cos4TSwJRj8lKaw1usNxVG8CNd5DkW_7vYfntkssU4-nh31fzgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTUzOTg5ODk2ODA4NDEyMjEYpKts&sigh=hWRg_b6BdfI&uach_m=[UACH]&cid=CAQSPADq26N9xxhJwomczkILe_G5dfY_X_LvkjgQRMOxBK3bEm7BKTpLQik2MI5E-jK7UuosrsIjXYJs10EAwBgBIBM
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame FC7D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hrtq69ftkws826r80gwrvqjd96evz0nf7vpfw4nd1zwtjrb2t3abkfrgk2z4kmkx4z6nsf4qw8jm86mjz8kxgc5w960n8n1zwdq9jmd4n7rdt6pcnpvftn0r5qhbtzx6t3z9y19av6hxn465x2y917ps7xbb2amm1ywq7cme0rpzc8ymsvv1dwj6gc9r4h2xh7b5tp8jzz6k96ds0nqxbfgvbtq16jw2k2e9djb76rea3g8hrc2wff05p71h77131jt8tkxgw7a2n0gq14v0pr0n8j5max1e802a2natv6hzsffqzg6vetfwkscshnr17kvcvr1e7jyb0hkqsv7fzq894a94r3akjbq13h02t0xb8593sgmmtdvyn3jg06qrqgf10w7ex439380&b=Y6tAmwAA7Q8K4CxGAAyDiwV52Ia5xXCMNmcitw
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 27 Dec 2022 18:59:39 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 0208 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hzdse8caegd9a5f4f0z00m5yzbmh3ybj2tjr968yw332y5awhnxzhp424spfy226vm40dhjwwxkk0jc0dztzzg1jm7xng38c2gd6901c05b49me5tbtvsgycby0ek9qnr27c0chrq6s7ydbnay67rbwb9fpmpdz3mhnq46yn4fz0b70p5kcw52q7xpjpczne951cewzm3eaweecy02n8t1jrrxsbeqskdgn6fgxefh1h0tqe5wwet4x4x8w020xdawxx1rp1s7cbjcnm1g3yy5z78ynj51q7whxywv8xb9gght4f4j64c0dfkw9fa0nf9ep685ygpm680hfbx7t6q25cgbqf90d9c84qp2fghzax4nb489xp8a8nh5tjw99d0z70467q7011xmj7tc7pz5jm033xkrn5zrpv26v4ct1pevtxng6j3z7jk3zkpq1mdx3yj9efgz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%26client%3Dca-pub-5398989680841221%26adurl%3D
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e888b759a8896b2e478ad901b6be58004795de4c956381f93a177cfbbd9c07a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
78044b6e4aa89b3d-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:59:39 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame FC7D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:19:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
2385
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 18:19:54 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C4AA 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5730
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 17:24:09 GMT
etag
48472445140208031
expires
Wed, 28 Dec 2022 17:24:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame FC7D 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 09:01:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
35869
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 09:01:50 GMT
l
www.google.com/ads/measurement/ Frame FC7D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTy2MeaPkFxXmAQ22X8q9xJTIcOelWBpjWwa_4IjYkpeSflTTLyHQKPNt3TC88EF9UFqj1RpqbOcd-spi5uygGjPvk1eg
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame FC7D 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 08:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
470363
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Dec 2023 08:20:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FC7D 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Dec 2022 18:59:39 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B7E9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C0xK3m0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgShAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEerN9EPrmVqJFcGRe3ogNGyeGTwcQ1Pjj8QXlfVBzoSssowTa7WDgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTUzOTg5ODk2ODA4NDEyMjEYpKts&sigh=YlqODhOtEYU&uach_m=[UACH]&cid=CAQSPADq26N9xxhJwomczkILe_G5dfY_X_LvkjgQRMOxBK3bEm7BKTpLQik2MI5E-jK7UuosrsIjXYJs10EAwBgBIBM
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame B7E9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hpkmf7d0grgdzm93q3s1bddfhmytbe8ct8seh0jkhgks9jrk0ev55jgq06r2a5wwam25hyr2ykekparqt7tsn3430vxhchw1wjcj8651sd44q9znn59p32yx7336bafs4nng7retg4hpsm4tbaa8jcx68p10rxwvks7ske4ewcwn9a8gdr7e3npvx6wc56dwd2695rxffh3vzxk3ex781c0zngmax57q50zhvahh7vb075ky5yd1h8g069nhfgya9zgpb56gewjp3drre2c024f4kd057053tf8zdqqbxa58aqqnvnn5mfqksj3vm7k508jfwzr32mtagwv76ykctxd6ht1hg705y6jhqdxnt6yjswgkb81cjxty1dtwcc23d724dxq4r70c1gg&b=Y6tAmwAA7QkK4CxGAAyDi-AJDhZ21tfF6KZT6Q
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 27 Dec 2022 18:59:39 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 7F00 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gpbfam3xsgp6bzeyfvva8c7d5f8syrzrxctvr7aepnebk82gtewbkbxnxh4jy3rgfbykfh0tn7aa220zb2vgfhcaz2zr7dvamcat15ktjt6bhf36jyqxm7fgb15hp779v3t3q8p78pmynadqsh5rhxh5rkpwdnjvbnydr55hq2rgkpf36brqyp3m1rbjwmntv67dm343bzqvbf97z7x74scjmhjp1v1k48pwnvnwcpzq4f21dp4pmrx3x40ath9t6frw3vp34tnzyxr0t5wfp5nxg6jgxbak7aqnsk9wezdbtr6n23bevz1jkr00sa6j58nrpm0y7mepz5440pf3qv3m77q2kndnr5w04e9w9bzczmssq9jx9j5amg239yqbjpwd12vj1wwqxvc6wspze899q1kjvetar8fb67rtdhh13gzmvd35t8d666sqmg9san5xs407510&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%26client%3Dca-pub-5398989680841221%26adurl%3D
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
094d2f1526522b71fa09f3dac8558ba5cdca77ec99ca9316f7a30caa3454b336
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
78044b6e4aab9b3d-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:59:39 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame B7E9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:19:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
2385
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 18:19:54 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 69ED 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5730
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 17:24:09 GMT
etag
48472445140208031
expires
Wed, 28 Dec 2022 17:24:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame B7E9 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 09:01:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
35869
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 09:01:50 GMT
l
www.google.com/ads/measurement/ Frame B7E9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQd2GRiwURHZ4ozph4_Ju2HXk9K7Aycc7TRNlUWCglbgwIJ8PbOJx31fQJmAGW0wQlZpU-g7etiFly68n2SQG-XR-MRgw
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B7E9 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 08:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
470363
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Dec 2023 08:20:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B7E9 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Dec 2022 18:59:39 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 33CD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CbAyym0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSOAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sLoPseayrVvt0v23C6YDChB8p0xuPMgHpu7yW2X3Imavq7-0VDeUuAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTM5ODk4OTY4MDg0MTIyMRikq2w&sigh=vvCwR3vgLeg&uach_m=[UACH]&cid=CAQSPADq26N9xxhJwomczkILe_G5dfY_X_LvkjgQRMOxBK3bEm7BKTpLQik2MI5E-jK7UuosrsIjXYJs10EAwBgBIBM
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 33CD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hnf8kx4awcpfpzw93rdkv8bbswvy57k2nb66j2b933bxtcy3q6565816ef08brkfr17k2h2jpmx379k808vtwxkxwh48as9a11qw3bsh90m10staygkpjqhs3xnsfrwczs99dqpq72cskjbm3ctg0t17e3w57ece4462m3qdhqdc54wkkeq6xw3px4n3wkjf249zs94fhzc7a79fp99xyfma9tvy094rzzkrf7d8d3brh0v5d9q8d5ge29896bgmp508fkwx09xn8x11jhgderqpy7z7ejpa28xzhhd6z510sn68pveqv0hz0p79q6q5dcdmfg0cxyfsxfn6y93qq2gdnnysacc95za40zb7zpea92hpntb5bdh5tdx8z4ddsf1wqb9mcqqa7rq&b=Y6tAmwAA7QYK4CxGAAyDi_HbVCxOfL5YRdOMTQ
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 27 Dec 2022 18:59:39 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame F3B7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jgfam7mgtswdxjrxggzrekryewxpqgfakym2158dennr4xwhjnntjhswxe3fr8chvwf52qz670wkbdexzm1n7kch5bgaajmja559ae6fb3qfb84ctsnmd30y1mxr34dwfeqtze1y4c6n4vfz5y6njk6wewf9m34wntrv3e684sw1w8cc9da4vwj5gswhh6ymtk8x6b9ncesnnkr2vj78a2ns9avr9xhbrc03qk0zeed559csajmm1e6x8yv2fs7xz5dt6fs3849xpndtd9gv1xgev9959x2etjw7pr2a2pw4bhbhacg76h9g30w5gdjehpb1hrasv32xpsvc9wyceptr96pygesm0qc7f56qm483ztjjjfj5p923486fe8h49v5453h4dv570nm25kq2jhr0rdjqh0h34c0vrzzv6xqhb8gy4pv8qqm9fvas3xptgqpf30y6m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%26client%3Dca-pub-5398989680841221%26adurl%3D
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
421104c1dd389a68ec3fd63fa5fd26b66dc6e79e49e0a858f68588cce59d4e6e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
78044b6e4aaf9b3d-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:59:39 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 33CD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:19:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
2385
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 18:19:54 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8ECC 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5730
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 17:24:09 GMT
etag
48472445140208031
expires
Wed, 28 Dec 2022 17:24:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 33CD 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 09:01:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
35869
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 09:01:50 GMT
l
www.google.com/ads/measurement/ Frame 33CD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfVprvIaCF9JHzfosVgBwttiK8wJuLQI9yceJliZ5IeTcBlndRI2zJ3qUKEjNgNO42krF664408DOhrkEOJ192ICliIg
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 33CD 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 08:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
470363
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Dec 2023 08:20:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 33CD 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Dec 2022 18:59:39 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 3893 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cvlxzm0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSGAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAa1WWhk0lajAS7P9zuPNO1771FGBEUY20rawQXDMv2fDqm42dOSrgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTUzOTg5ODk2ODA4NDEyMjEYpKts&sigh=1bPb6VBODqc&uach_m=[UACH]&cid=CAQSPADq26N9xxhJwomczkILe_G5dfY_X_LvkjgQRMOxBK3bEm7BKTpLQik2MI5E-jK7UuosrsIjXYJs10EAwBgBIBM
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 3893 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jpppd26fj0h8nd5xwed7m31kb217ajhsgq8cbwem23tvnneqz41wy7nd8jwj0n52ptgv7g4necy1snefxzsr4bwc4w3zfjmzrwtj9z8j1w32qe2c4tn5qbsfdseptpxe2qntev6j73688w5f9gh05ka99kqn28aznnrkqeakhgtx6m2jtcqxn4vrx9ew56h84psg1e224e1atms0ykd2c7a36b8vh3pfmv8s6fyn5bx1aence146zrxcepee41q7bee7nh8sq7zen1h15aq85fntdhrz26ppbrxteqz45226asr6mknh74c9h852psp8j4xrgmmfd6jykdf4m4597b0ktrdm5ebgya3ec7fjntt2z22q2xpys8w1pn75h0kb2szb847d30evk0c&b=Y6tAmwAA7QoK4CxGAAyDi8Ca8ZL8kHlBprsUxw
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 27 Dec 2022 18:59:39 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 36F6 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kp2bcvt6678re4p7q1yb39wxf9dz0tf6drg185z49g992tg3z1z8m2z28h72vqzzr1dsywqy904ncg75kaw4htyg6v3sywbwy9mdd0vtkw0yqpr50nmg261668md8ghg22cp5s449dh77zr9xj4vhyh7bet0yykw2ydz9hjj9g5mnthnj672z8hkxpke5zpemkrfnzmhkej2qh01s5q9102efhanrpcfgfa8zzckqm2tbaj6srjc2smmyk63dzgw1az5ysk810j1grrw9wqv78gzckmz83ezs870pqr8xryr2csbv7v13we4q88hng55xhv90d83m7q1qn8qf2d8pgz9vxptdmavex1284y423qdx545kvd39b79sz1y1bjp5dvme7f5baag2mw940khas6m52sc968q4v0p89hbct18sg69vqge1n7ebewj38bchk43vrvpc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%26client%3Dca-pub-5398989680841221%26adurl%3D
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bea8d5114c2eff73d049f85324784a15c8f085deecda60ed19b8705a0772e35
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
78044b6e4ab19b3d-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:59:39 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3893 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:19:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
2385
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 18:19:54 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5673 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5730
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 17:24:09 GMT
etag
48472445140208031
expires
Wed, 28 Dec 2022 17:24:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3893 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 09:01:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
35869
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 09:01:50 GMT
l
www.google.com/ads/measurement/ Frame 3893 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRiAb2QXJmSQ8OWqE2w_3QIyfayCZmFUDScII9akMr0SDs2KfTLy6hswS6FjA9e5OduW-HJytSI01KlOmUCuN52AXuhgA
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3893 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 08:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
470363
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Dec 2023 08:20:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3893 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Dec 2022 18:59:39 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame DAF3 		20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0dade5e40511841f841814ed717788248c50490400ef63f4620391825f7444e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
331381
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4775
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 22:56:38 GMT
expires
Sat, 23 Dec 2023 22:56:38 GMT
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 2244 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cv7Qzm0CrY_7rD4-Z-gak8IWAA6Ot1pBuh5nQ7YgR_uzFqKYxEAEg1ceLaGCVsoKCmAegAbKKwaoByAEJqQL29M7BUtioPuACAKgDAcgDSKoEkgJP0C-BBbrhOz_QxG-L4B3PNEnoBMKpqO7srnM_ARjWzugnUMfRRHvB2D1V4d4ZKAUXTpOUCpBE2s4wqyDth-olco60dImsJ4CQUea7FaDF5Hi41QNJxULvGChjB1y81XBJaCc4JQpGJavrHdYkf2rHlaMzXofHr_gmoaYk2AnArlKYTlER79X7hoTts4IRiaHhmmFjBfA0zIpXoc4XrCrJ7AE7TVKgDrub6QKKvXugJR2_OxLkqnyZrdlM3Iagn24im374QpgDTWu2bcPTgqvOIF2-qoX29VOAsj8hp6SB5ZnThUW4tvG9YsWRZ02plxWLwhzhcSZNlH-vc85-PrxDrfr2keBRJPYAkkSsJY7jK3ZSwASMq97nmgTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHtvW-1QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCCjCbSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi01Mzk4OTg5NjgwODQxMjIxGKSrbA&sigh=j5HIEmpXUuk&uach_m=[UACH]&cid=CAQSPADq26N9YuRkUe8vZQVa7NMbS_N-N74VasdgKCVCvaFZ4l2U5SVMJsRxXqwF2h6AHPeZS2LbcCAOMymE8BgBIBM&template_id=419
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 2244 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:19:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
2385
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 18:19:54 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame 6A1B 		20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0dade5e40511841f841814ed717788248c50490400ef63f4620391825f7444e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
331381
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4775
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 22:56:38 GMT
expires
Sat, 23 Dec 2023 22:56:38 GMT
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 73CE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CqTlem0CrY_3rD4-Z-gak8IWAA6Ot1pBuh5nQ7YgR_uzFqKYxEAEg1ceLaGCVsoKCmAegAbKKwaoByAEJqQL29M7BUtioPuACAKgDAcgDSKoEkgJP0CLFAItlsziQsrWo3KboqNs9GFc7X56p3sAv3PCZcqtPhXAr1HNlDvtL8tAtDOhFOG2wjmVraRf0Lyr4Img1fMjMbm7Kf5LpxNYvfHnNkG-os6laAmQEo3nVWm1wfybGPUtCsMUdvud8Z55crvCB0OMpuJSTJ9Ub0LV2r2fUYSI5qPtEDj9ks-5FZ9pnA3pO8ebIorsNFye2QQcsFJ7CeCerfTvbA3E-61rsYuE0ItyGgVeDsR0iORf3R0bm14ViRw0q61ee7FwnMNhBsMFmYURA7xdLSfLjh6240As20TmNlUXRVle6UgQKs0LH1FPI8Fe0U8PQPa06JfB8VB1hjRGFjUkVWd1BmXx0pvikDrR1wASMq97nmgTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHtvW-1QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDXhTfSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi01Mzk4OTg5NjgwODQxMjIxGKSrbA&sigh=zMZOQGdJHW4&uach_m=[UACH]&cid=CAQSPADq26N9YuRkUe8vZQVa7NMbS_N-N74VasdgKCVCvaFZ4l2U5SVMJsRxXqwF2h6AHPeZS2LbcCAOMymE8BgBIBM&template_id=419
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 73CE 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:19:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
2385
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 18:19:54 GMT
collect
i.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.7.1/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://jalantikus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://jalantikus.com
date
Tue, 27 Dec 2022 18:59:40 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
truncated
/ Frame FC7D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e5f946892a28316e9c292db663651ed6b7b6c091befcbca5a93cfbe200d7cccb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame C4AA 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEB3umQOZ1iF-PE3BjcNi6a8&google_cver=1&google_push=AavPq0M2VQLtVGL23at5q-Ll7QYaeDZDe4AIod-Mq2B3FwUuDB8-ik36oeKhCWKUUfMYjxgnyxTbPpDNoEbMV1gcoXF8dYBb9IRV
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:39 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame C4AA 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEMcsSRGCcvMmwyFiC7zHqwU&google_cver=1&google_push=AavPq0MC4JogScuzSlxMCN4K3KxfijPg_DOzbJ7wtXo0pP_AKI1-XlKWN--_17K6aLikERZ985zPnQjRz4cfPSpoKLLILTgBI70
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 27 Dec 2022 18:59:39 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame C4AA
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMxcKktFIKDr-xs_5RTzrqM&google_cver=1&google_push=AavPq0NpH_cFUGxBBOx_VtYi4245w6hNApd5CEKxqHbT4DH5PWv0Dx4nN_894vDYPz9sHImfQrQKMn6j5DD-0L...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4MTkwNTA2OTUzMjUxMDM0OQ%3D%3D&google_push=AavPq0NpH_cFUGxBBOx_VtYi4245w6hNApd5CEKxqHbT4DH5PWv0Dx4nN_894vDYPz9sHImfQrQKMn6j5DD-0LfraP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4MTkwNTA2OTUzMjUxMDM0OQ%3D%3D&google_push=AavPq0NpH_cFUGxBBOx_VtYi4245w6hNApd5CEKxqHbT4DH5PWv0Dx4nN_894vDYPz9sHImfQrQKMn6j5DD-0LfraPDyPnZqhYY6
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4MTkwNTA2OTUzMjUxMDM0OQ%3D%3D&google_push=AavPq0NpH_cFUGxBBOx_VtYi4245w6hNApd5CEKxqHbT4DH5PWv0Dx4nN_894vDYPz9sHImfQrQKMn6j5DD-0LfraPDyPnZqhYY6
Date
Tue, 27 Dec 2022 18:59:40 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame C4AA
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oJgWev5_TSGJjqH72DnGhA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oJgWev5_TSGJjqH72DnGhA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0OvVHGzg2rw56_IS3FjVJ1U06v9WxaSBspJg5Im4GF1pjh0BwQtFYZJmC7L9z5KpBzmBR023QZTPuk2-YZV3nBTlGm0Wx2L
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oJgWev5_TSGJjqH72DnGhA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0OvVHGzg2rw56_IS3FjVJ1U06v9WxaSBspJg5Im4GF1pjh0BwQtFYZJmC7L9z5KpBzmBR023QZTPuk2-YZV3nBTlGm0Wx2L
date
Tue, 27 Dec 2022 18:59:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame C4AA
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOsB8g3xeOAUxw5-aBwQ4KM&google_cver=1&google_push=AavPq0MmIBV0I4E_phu38mdj9y_vCmRyrx2SeiuFzu7MKzP0UUCgCjWctCg1ktUFisVGys854SNu5d7o3ynqzJhoq...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOsB8g3xeOAUxw5-aBwQ4KM&google_cver=1&google_push=AavPq0MmIBV0I4E_phu38mdj9y_vCmRyrx2SeiuFzu7MKzP0UUCgCjWctCg1ktUFisVGys854SNu5d7o3ynqzJhoq...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0MmIBV0I4E_phu38mdj9y_vCmRyrx2SeiuFzu7MKzP0UUCgCjWctCg1ktUFisVGys854SNu5d7o3ynqzJhoqU0woSBEfxc&google_hm=F4zTqGZHc22BnojfQUeyfFNL
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0MmIBV0I4E_phu38mdj9y_vCmRyrx2SeiuFzu7MKzP0UUCgCjWctCg1ktUFisVGys854SNu5d7o3ynqzJhoqU0woSBEfxc&google_hm=F4zTqGZHc22BnojfQUeyfFNL
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 27 Dec 2022 18:59:40 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0MmIBV0I4E_phu38mdj9y_vCmRyrx2SeiuFzu7MKzP0UUCgCjWctCg1ktUFisVGys854SNu5d7o3ynqzJhoqU0woSBEfxc&google_hm=F4zTqGZHc22BnojfQUeyfFNL
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame C4AA
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESECi-qEY15-U3lM-4aNEYkJU&google_cver=1&google_push=AavPq0ONNVRh_Z5-t7sX2Gd1LhHWkcecAKfO_Cg4ll5aTcr3hgptmIR-uLnZhzp3dHgyFdIXwG8soWevSrsfu5FCVZ25rPyN9j0_
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0ONNVRh_Z5-t7sX2Gd1LhHWkcecAKfO_Cg4ll5aTcr3hgptmIR-uLnZhzp3dHgyFdIXwG8soWevSrsfu5FCVZ25rPyN9j0...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzA1MTUzNzMwNDk0MDk3NDM5MjI%3D&google_push=AavPq0ONNVRh_Z5-t7sX2Gd1LhHWkcecAKfO_Cg4ll5aTcr3hgptmIR-uLnZhz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzA1MTUzNzMwNDk0MDk3NDM5MjI%3D&google_push=AavPq0ONNVRh_Z5-t7sX2Gd1LhHWkcecAKfO_Cg4ll5aTcr3hgptmIR-uLnZhzp3dHgyFdIXwG8soWevSrsfu5FCVZ25rPyN9j0_
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzA1MTUzNzMwNDk0MDk3NDM5MjI%3D&google_push=AavPq0ONNVRh_Z5-t7sX2Gd1LhHWkcecAKfO_Cg4ll5aTcr3hgptmIR-uLnZhzp3dHgyFdIXwG8soWevSrsfu5FCVZ25rPyN9j0_
date
Tue, 27 Dec 2022 18:59:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/match/ Frame C4AA
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEB3H72QAsLWB5KkW1GilWxI&google_cver=1&google_push=AavPq0NEuDkDPJXtrIqck7McLTULeZO69s_WY9qzmT7a29eATrTQ_lZGi1R18QgdxuIvBwgSxoH2wDzHoey...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NEuDkDPJXtrIqck7McLTULeZO69s_WY9qzmT7a29eATrTQ_lZGi1R18QgdxuIvBwgSxoH2wDzHoeyHlG--WBfRcGVZga9zCg
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame C4AA 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KqiSxvRs-n2f4wIDbzsTXtQrKNWZ_90m_yGRAnzCZRECBiv7thcCzj5qMI716j552jeGrYcw
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame DAF3 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 13:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
20838
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2568
x-xss-protection
0
server
cafe
etag
6734328975651772599
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 28 Dec 2022 13:12:21 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DAF3 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 19:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
83193
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 27 Dec 2022 19:53:06 GMT
120fb889c9d3d02c8d3dd0555cf62ab3.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame DAF3 		104 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abf06691088fd3e48eeca737b56e448a96b06b1d7abb1495b634efcc2795aa89
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Dec 2022 03:17:25 GMT
age
315734
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30375
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 24 Dec 2023 03:17:25 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 6A1B 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 13:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
20838
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2568
x-xss-protection
0
server
cafe
etag
6734328975651772599
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 28 Dec 2022 13:12:21 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6A1B 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 19:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
83193
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 27 Dec 2022 19:53:06 GMT
120fb889c9d3d02c8d3dd0555cf62ab3.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame 6A1B 		104 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abf06691088fd3e48eeca737b56e448a96b06b1d7abb1495b634efcc2795aa89
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Dec 2022 03:17:25 GMT
age
315734
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30375
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 24 Dec 2023 03:17:25 GMT
truncated
/ Frame B7E9 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
70d4e25092885a425be01ae9cce8c5cb7abde6dfcf41816b44c06390cd08e0ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
current
dclk-match.dotomi.com/match/bounce/ Frame 69ED 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIZJHugG2AV_SCH6T8AnhUg&google_cver=1&google_push=AavPq0Oi34jB0W7gM0kW6-7unNcf-pz_Ah7Fb8bY_wg_sSmkIWq0_0jUuWTVF2WYZmBPia1o4oMYDQmNqNkyZJxp0cT4Y7PuCzoo
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame 69ED
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKngkx15S2T0qD6tSs4c4_g&google_cver=1&google_push=AavPq0OrkIOVwtMjIXmqKijqwcCdL4LJCvpDZpRjK7ufwZJifA53aum3eifiyHnqdwy9O19C_vSKNO04Kv78sm-71SQvvVDFWpuN&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKngkx15S2T0qD6tSs4c4_g&google_cver=1&google_push=AavPq0OrkIOVwtMjIXmqKijqwcCdL4LJCvpDZpRjK7ufwZJifA53aum3eifiyHnqdwy9O19C_vSKNO04Kv78sm-71SQvvVDFWpu...
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKngkx15S2T0qD6tSs4c4_g&google_cver=1&google_push=AavPq0OrkIOVwtMjIXmqKijqwcCdL4LJCvpDZpRjK7ufwZJifA53aum3eifiyHnqdwy9O19C_vSKNO04Kv78sm-71SQvvVDFWpuN&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OrkIOVwtMjIXmqKijqwcCdL4LJCvpDZpRjK7ufwZJifA53aum3eifiyHnqdwy9O19C_vSKNO04Kv78sm-71SQvvVDFWpuN%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
78044b7108ddbb7f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
544
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKngkx15S2T0qD6tSs4c4_g&google_cver=1&google_push=AavPq0OrkIOVwtMjIXmqKijqwcCdL4LJCvpDZpRjK7ufwZJifA53aum3eifiyHnqdwy9O19C_vSKNO04Kv78sm-71SQvvVDFWpuN&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OrkIOVwtMjIXmqKijqwcCdL4LJCvpDZpRjK7ufwZJifA53aum3eifiyHnqdwy9O19C_vSKNO04Kv78sm-71SQvvVDFWpuN%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
78044b6f3cd8bb7f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 69ED
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEI_SZv3qVI9q0DAvg8hhyi4&google_cver=1&google_push=AavPq0OfbKVHiWfceRY3N4xVwY4IWvPb-8HILO7bPzNnf0a0jrSdThtgPkE8Y9jt7BH5FvB2YVAs1IO4W_AZFDb44vvY...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEI_SZv3qVI9q0DAvg8hhyi4&google_cver=1&google_push=AavPq0OfbKVHiWfceRY3N4xVwY4IWvPb-8HILO7bPzNnf0a0jrSdThtgPkE8Y9jt7BH5FvB2YVAs1IO4W_AZFD...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0OfbKVHiWfceRY3N4xVwY4IWvPb-8HILO7bPzNnf0a0jrSdThtgPkE8Y9jt7BH5FvB2YVAs1IO4W_AZFDb44vvYJlf6Zc-C&google_hm=X9tjhUtuTRethV_EEVF8gQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0OfbKVHiWfceRY3N4xVwY4IWvPb-8HILO7bPzNnf0a0jrSdThtgPkE8Y9jt7BH5FvB2YVAs1IO4W_AZFDb44vvYJlf6Zc-C&google_hm=X9tjhUtuTRethV_EEVF8gQ==
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0OfbKVHiWfceRY3N4xVwY4IWvPb-8HILO7bPzNnf0a0jrSdThtgPkE8Y9jt7BH5FvB2YVAs1IO4W_AZFDb44vvYJlf6Zc-C&google_hm=X9tjhUtuTRethV_EEVF8gQ==
date
Tue, 27 Dec 2022 18:59:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 69ED
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAsssdNmUInX80yYaGCefW4&google_cver=1&google_push=AavPq0NyEhQ7aK6TDJ2lexA6Bm-pvuxOFxppCRR7KSOtLj0QqmX50zoQ_5FvpF1MEXF_3PlZ3zw...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEM2TEVJRUYtMUItTENWTg==&google_push=AavPq0NyEhQ7aK6TDJ2lexA6Bm-pvuxOFxppCRR7KSOtLj0QqmX50zoQ_5FvpF1MEXF_3PlZ3zwebSQA2g3itnKST4aR0rMyD3mW
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEM2TEVJRUYtMUItTENWTg==&google_push=AavPq0NyEhQ7aK6TDJ2lexA6Bm-pvuxOFxppCRR7KSOtLj0QqmX50zoQ_5FvpF1MEXF_3PlZ3zwebSQA2g3itnKST4aR0rMyD3mW
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEM2TEVJRUYtMUItTENWTg==&google_push=AavPq0NyEhQ7aK6TDJ2lexA6Bm-pvuxOFxppCRR7KSOtLj0QqmX50zoQ_5FvpF1MEXF_3PlZ3zwebSQA2g3itnKST4aR0rMyD3mW
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
pixel
cm.g.doubleclick.net/ Frame 69ED
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEETM3lfZ-jd-j4dBgVJBbMs&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEETM3lfZ-jd-j4dBgVJBbMs&google_push=Aa...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEETM3lfZ-jd-j4dBgVJBbMs&google_hm=Y6tAnFi_IC2HzCwwKq4qmwAABL4AAAAB&google_nid=index&google_push=AavPq0P9sDyR_eUaKPqWO4hR4xn9LdIvtvslR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEETM3lfZ-jd-j4dBgVJBbMs&google_hm=Y6tAnFi_IC2HzCwwKq4qmwAABL4AAAAB&google_nid=index&google_push=AavPq0P9sDyR_eUaKPqWO4hR4xn9LdIvtvslRjUZqCbxwjjz4uvOEmq8uTygwtcSV6k4XolSjLfW-1T5MVyGeRqAJyYh--s4SVHn
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xn4p9AiEgpxQ7P8Q8Occ%2F%2F2Rqsoh24tF23A25DJfEPxbHX%2Fnm7D1S%2FUw27oqHsWbzASqd7Klndvlv5OE2ObGXX3ICk0lKCraVa69O9cQTqP%2FCWIf7VVDJt9XhAfCJCAFySiSTVlqBn7ufQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEETM3lfZ-jd-j4dBgVJBbMs&google_hm=Y6tAnFi_IC2HzCwwKq4qmwAABL4AAAAB&google_nid=index&google_push=AavPq0P9sDyR_eUaKPqWO4hR4xn9LdIvtvslRjUZqCbxwjjz4uvOEmq8uTygwtcSV6k4XolSjLfW-1T5MVyGeRqAJyYh--s4SVHn
cache-control
no-cache
cf-ray
78044b709aa69a09-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 69ED
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0Mb1b8SBK2C5c8xncSihbt5C1jBTFULL97xJUWqmj2ySPlNinyo8koaQ4Tojxzvt5aWW0znAIf_pkarYzZodXJahTP-M3Y&redir=https%3A%2F%2Fcm.g.double...
  • https://sync.targeting.unrulymedia.com/csync/RX-1f2a300c-f65a-4844-a55c-ab52b268c37c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0Mb1b8SBK2C5c8xncSih...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0Mb1b8SBK2C5c8xncSihbt5C1jBTFULL97xJUWqmj2ySPlNinyo8koaQ4Tojxzvt5aWW0znAIf_pkarYzZodXJahTP-M3Y&google_hm=Ax8qMAz2WkhEpVyrUrJow3w
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0Mb1b8SBK2C5c8xncSihbt5C1jBTFULL97xJUWqmj2ySPlNinyo8koaQ4Tojxzvt5aWW0znAIf_pkarYzZodXJahTP-M3Y&google_hm=Ax8qMAz2WkhEpVyrUrJow3w
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0Mb1b8SBK2C5c8xncSihbt5C1jBTFULL97xJUWqmj2ySPlNinyo8koaQ4Tojxzvt5aWW0znAIf_pkarYzZodXJahTP-M3Y&google_hm=Ax8qMAz2WkhEpVyrUrJow3w
date
Tue, 27 Dec 2022 18:59:40 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1f2a300cf65a4844a55cab52b268c37c003
content-type
text/html
sync
ssbsync.smartadserver.com/api/ Frame 69ED 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFYJzRaV2y2r3hXT3b5z8Y0&google_cver=1&google_push=AavPq0NhlUNZOxAyns7Oj1_Tnww1kbrma-4Jraryy_RjBLgZaG4RIVkY4IULwL1Mk-BrWPMBZrS8veyx00SA1TM0KdYfvwriuTc
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 69ED 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LuJErrmUdQGJAH-njWPGG79L4sgYTdSzBpuWtDPeJhWo7mU9JZFZC7kLm_baN2AsQuNIlZ
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 33CD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
043b2f9a6caebcf2c98b2f88da519a75b5bd019b1bc07a3be10a5d313bb54e1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8ECC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELL0WZnHG9jUVNwGdOhMDM4&google_cver=1&google_push=AavPq0Pk7f_2YnxRkn8pelTl-LV4-nJn9DrrUxxxyJI9UfglUXAJnB5HbT1rosFlT7zUsmDMlvAoQtWBVfbvZ1VWAXRV8L6-kCJLbQ
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA3NzM2MjM5MDQ3MDEwNjA3Ng==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDaiHuWYK3a7vbJvCa1A5mk&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDaiHuWYK3a7vbJvCa1A5mk&google_cver=1
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDaiHuWYK3a7vbJvCa1A5mk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 8ECC 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEB3umQOZ1iF-PE3BjcNi6a8&google_cver=1&google_push=AavPq0OQRcdb-95azETi_X3YiJaUqpY0AyD3iaTAwzBJ7DWDOUv6f98_fsbAUWG3aLAU0uSrFlK-OUmsg7pMSGy1Qj8iseoK1YUBGw
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:39 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8ECC
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPp39T2BvWhnskt2r6DvH9A&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPp39T2BvWhnskt2r6DvH9A&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZVhxSmxpNGwxUGFmYVE1&google_gid=CAESEPp39T2BvWhnskt2r6DvH9A&google_cver=1&google_push=AavPq0NM14igSNvmji-9uKbH3VcUTtEJU6ZqnRPqvGYmh_K...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZVhxSmxpNGwxUGFmYVE1&google_gid=CAESEPp39T2BvWhnskt2r6DvH9A&google_cver=1&google_push=AavPq0NM14igSNvmji-9uKbH3VcUTtEJU6ZqnRPqvGYmh_KQoPYzBFeE5NLR6PbWOFjU63wEqhWKDZAlRYybrCtMEZjwgcEa7A7l1w
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Dec 2022 18:59:39 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-0902e59d1fecaf133@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZVhxSmxpNGwxUGFmYVE1&google_gid=CAESEPp39T2BvWhnskt2r6DvH9A&google_cver=1&google_push=AavPq0NM14igSNvmji-9uKbH3VcUTtEJU6ZqnRPqvGYmh_KQoPYzBFeE5NLR6PbWOFjU63wEqhWKDZAlRYybrCtMEZjwgcEa7A7l1w
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8ECC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFU6Dybd6KeKuJ-2CIbJMXY&google_push=AavPq0NPbbEf_LfvDj9ukd7LugNxC0EQEvFEQuve9Ef_XVGvEPMDlxSfGk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFU6Dybd6KeKuJ-2CIbJMXY&google_push=AavPq0NPbbEf_LfvDj9ukd7LugNxC0EQEvFEQuve9Ef_XVGvEPMDlxSfGkPSLOJHMkk14taCRkZFrDIU9iFi34Je9VdwV7tmcLaqDA
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-hhn-etou8220046-HHN
pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1672167580.068945,VS0,VE92
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFU6Dybd6KeKuJ-2CIbJMXY&google_push=AavPq0NPbbEf_LfvDj9ukd7LugNxC0EQEvFEQuve9Ef_XVGvEPMDlxSfGkPSLOJHMkk14taCRkZFrDIU9iFi34Je9VdwV7tmcLaqDA
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 8ECC
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESELJQVf4xPGKGLgZojyZMXMk&google_cver=1&google_push=AavPq0OSNLNxXCjAMyEbY9ngxUYc6VTLWI1XisrcH9yE733hU4dvBY1nOrsSZJwAXWWt5CW0DURU95jBVDanFaZau1_D1U6Q9rxJpQ
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F32F64588B514D2B99F9F86E870BD35C&google_push=AavPq0OSNLNxXCjAMyEbY9ngxUYc6VTLWI1XisrcH9yE733hU4dvBY1nOrsSZJwAXWWt5CW0DURU95jBVDanFaZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F32F64588B514D2B99F9F86E870BD35C&google_push=AavPq0OSNLNxXCjAMyEbY9ngxUYc6VTLWI1XisrcH9yE733hU4dvBY1nOrsSZJwAXWWt5CW0DURU95jBVDanFaZau1_D1U6Q9rxJpQ
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 27 Dec 2022 18:59:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F32F64588B514D2B99F9F86E870BD35C&google_push=AavPq0OSNLNxXCjAMyEbY9ngxUYc6VTLWI1XisrcH9yE733hU4dvBY1nOrsSZJwAXWWt5CW0DURU95jBVDanFaZau1_D1U6Q9rxJpQ
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 26 Dec 2022 18:59:40 GMT
pixel
cm.g.doubleclick.net/ Frame 8ECC
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wAoah9WZQpmkDncCJCtW6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wAoah9WZQpmkDncCJCtW6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0Np-IWVj82laZ6pFvPb1E-mM9PpYQ1I6ISZXAOugzIwuOdApH_K4z1qEb1phv77OQR0UjhJ_se7Nwzv6fE1oZ6EH3UmHsAWdQ
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wAoah9WZQpmkDncCJCtW6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0Np-IWVj82laZ6pFvPb1E-mM9PpYQ1I6ISZXAOugzIwuOdApH_K4z1qEb1phv77OQR0UjhJ_se7Nwzv6fE1oZ6EH3UmHsAWdQ
date
Tue, 27 Dec 2022 18:59:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 8ECC
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEGY0EltTak4MZ5UhgvfqOsQ&google_cver=1&google_push=AavPq0NUDJPMZsCGE...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEGY0EltTak4MZ5UhgvfqOsQ%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTA5MjU4NzgwNzMyODczMTIyOQ%3D%3D&google_gid=CAESEGY0EltTak4MZ5UhgvfqOsQ&google_cver=1&google_push=AavPq0NUDJPMZsCGEfU4t4f1sDtuTuxaCl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTA5MjU4NzgwNzMyODczMTIyOQ%3D%3D&google_gid=CAESEGY0EltTak4MZ5UhgvfqOsQ&google_cver=1&google_push=AavPq0NUDJPMZsCGEfU4t4f1sDtuTuxaClN70EFGiF6WyVTNmlZWtj0vYzDbCTFFb3S5VVAeEKxRvNQ3EGlyVzE1lMIcPzFH7GAFpOk
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 27 Dec 2022 18:59:40 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.104; 80.255.7.104; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
873f306b-f7e5-4e81-a84f-196413f48fb0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTA5MjU4NzgwNzMyODczMTIyOQ%3D%3D&google_gid=CAESEGY0EltTak4MZ5UhgvfqOsQ&google_cver=1&google_push=AavPq0NUDJPMZsCGEfU4t4f1sDtuTuxaClN70EFGiF6WyVTNmlZWtj0vYzDbCTFFb3S5VVAeEKxRvNQ3EGlyVzE1lMIcPzFH7GAFpOk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 8ECC 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I1JRdZck9kAxRfVTdlWpslW6nmoorkrDPOeEisJnupWKjRhm5Cm_gHQNssDAQ89wiWizWyYA
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 47BF
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date
Tue, 27 Dec 2022 18:59:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 3893 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f7ca24ad2be837dd50de8d312d38180f495a0908d4f8fcba86c09b4d8f2e8a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5673
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELL0WZnHG9jUVNwGdOhMDM4&google_cver=1&google_push=AavPq0MNepJCM7npI9p3y-6zShmbvFkst66Jmq25cUGdI01J_b6iPYiQlfS7wNx1noHdLDqcgwPgPwi8J8nz7EkwSmStxfBib2Y
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzE0OTQxOTk4NDUwODAzNDAxMg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDaiHuWYK3a7vbJvCa1A5mk&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDaiHuWYK3a7vbJvCa1A5mk&google_cver=1
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDaiHuWYK3a7vbJvCa1A5mk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 5673 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEMcsSRGCcvMmwyFiC7zHqwU&google_cver=1&google_push=AavPq0Ot-7JduG6Crq75PaBC3kk0kWPK-ICZZeh5SkbUa_lD8iWN_WiPgekyf-hSM2fXQZkcoK0oT_cEn4ckD6YZdTDqjL05u19V
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 27 Dec 2022 18:59:39 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 5673
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBx8M3CVHjFLXu1atBbM9kM&google_cver=1&google_push=AavPq0N72AjBbFqxj8qHGRmpwt7rnBlHcBhjHdwOPNCQPIBIScsBGn_EJD6ZZfoYuazVrgMK5ZO857FJdVg...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0N72AjBbFqxj8qHGRmpwt7rnBlHcBhjHdwOPNCQPIBIScsBGn_EJD6ZZfoYuazVrgMK5ZO857FJdVgDjrwt_K8l70nNFfJJ&google_hm=GNkL2xEmQBKkwYpK32_FvWg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0N72AjBbFqxj8qHGRmpwt7rnBlHcBhjHdwOPNCQPIBIScsBGn_EJD6ZZfoYuazVrgMK5ZO857FJdVgDjrwt_K8l70nNFfJJ&google_hm=GNkL2xEmQBKkwYpK32_FvWg
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:39 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0N72AjBbFqxj8qHGRmpwt7rnBlHcBhjHdwOPNCQPIBIScsBGn_EJD6ZZfoYuazVrgMK5ZO857FJdVgDjrwt_K8l70nNFfJJ&google_hm=GNkL2xEmQBKkwYpK32_FvWg
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5673
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEO0vZO7-HJOV-stgzXLwOUw&google_cver=1&google_push=AavPq0OCSlwI4QSNwZ0HSTs5OKbHLGR8ZhcZ8pBYzfxJGLhoz2jUa962yqlJbHmnxmi44qg-ySvBk4_ZI3dmCGcs...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=31Fq-dLGT_yO9vrgyZV77w2&google_push=AavPq0OCSlwI4QSNwZ0HSTs5OKbHLGR8ZhcZ8pBYzfxJGLhoz2jUa962yqlJbHmnxmi44qg-ySvBk4_ZI3dmCGcsM7EsZJiB5ZMU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=31Fq-dLGT_yO9vrgyZV77w2&google_push=AavPq0OCSlwI4QSNwZ0HSTs5OKbHLGR8ZhcZ8pBYzfxJGLhoz2jUa962yqlJbHmnxmi44qg-ySvBk4_ZI3dmCGcsM7EsZJiB5ZMU
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 27 Dec 2022 18:59:40 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=31Fq-dLGT_yO9vrgyZV77w2&google_push=AavPq0OCSlwI4QSNwZ0HSTs5OKbHLGR8ZhcZ8pBYzfxJGLhoz2jUa962yqlJbHmnxmi44qg-ySvBk4_ZI3dmCGcsM7EsZJiB5ZMU
x-host
tde-deliveryengine-production-769c9db745-r75lk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5673
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEETM3lfZ-jd-j4dBgVJBbMs&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEETM3lfZ-jd-j4dBgVJBbMs&google_push=Aa...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEETM3lfZ-jd-j4dBgVJBbMs&google_hm=Y6tAnFi_IC2HzCwwKq4qmwAABL4AAAAB&google_nid=index&google_push=AavPq0NVJ4hxh4FXpORqMzfbP_K0Sf_EEokSz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEETM3lfZ-jd-j4dBgVJBbMs&google_hm=Y6tAnFi_IC2HzCwwKq4qmwAABL4AAAAB&google_nid=index&google_push=AavPq0NVJ4hxh4FXpORqMzfbP_K0Sf_EEokSznOAUagHvYWHrwZfrSW-fMVhCW0f6GAhBwfdbFsgyiw9gCQbPXAc7qTwlyX7CcEH
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHhmsow9XyFc9NHLD547AZWDy0Zl5O6ngyB9lagk1%2FWbUmsMCyRdDzABlMnxb7orFb0Le8uWOi0PWSKFS6oqVm%2BBSMUWBSi%2F%2FoTGxkhUTViXAp85NdoT%2B%2FZo5NhYPm%2FQf08bPS7KHlwnQA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEETM3lfZ-jd-j4dBgVJBbMs&google_hm=Y6tAnFi_IC2HzCwwKq4qmwAABL4AAAAB&google_nid=index&google_push=AavPq0NVJ4hxh4FXpORqMzfbP_K0Sf_EEokSznOAUagHvYWHrwZfrSW-fMVhCW0f6GAhBwfdbFsgyiw9gCQbPXAc7qTwlyX7CcEH
cache-control
no-cache
cf-ray
78044b709aa99a09-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
sync
ssbsync.smartadserver.com/api/ Frame 5673 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFYJzRaV2y2r3hXT3b5z8Y0&google_cver=1&google_push=AavPq0OCOgMRfjnqdByBZnAQtJBlWxroFL1X8DrnbOJIzXw-76ZTGvwvLQ5ABNyUc7z1GoqDtTHSBhK5Ix2q8lJzU3largOP8NBs
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5673
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENBvA7bHx...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENB...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=5fdb6385-4b6e-4d17-ad85-5fc411517c81&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=5fdb6385-4b6e-4d17-ad85-5fc411517c81&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=5fdb6385-4b6e-4d17-ad85-5fc411517c81&%%GOOGLE_PUSH_PAIR%%
date
Tue, 27 Dec 2022 18:59:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 5673 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JfKwqoUIYj2_bzOKL2gkZN57ekAOSkSIQfWQ8g3vF8OLw0jmZBulr1yHq9jBwIImAcC9fo3g
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
s
googleads.g.doubleclick.net/pagead/drt/ Frame B00B 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3132
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:07:27 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2244 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:19:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
2385
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 18:19:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2244 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 09:01:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
35869
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 09:01:50 GMT
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 36F6 		89 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kp2bcvt6678re4p7q1yb39wxf9dz0tf6drg185z49g992tg3z1z8m2z28h72vqzzr1dsywqy904ncg75kaw4htyg6v3sywbwy9mdd0vtkw0yqpr50nmg261668md8ghg22cp5s449dh77zr9xj4vhyh7bet0yykw2ydz9hjj9g5mnthnj672z8hkxpke5zpemkrfnzmhkej2qh01s5q9102efhanrpcfgfa8zzckqm2tbaj6srjc2smmyk63dzgw1az5ysk810j1grrw9wqv78gzckmz83ezs870pqr8xryr2csbv7v13we4q88hng55xhv90d83m7q1qn8qf2d8pgz9vxptdmavex1284y423qdx545kvd39b79sz1y1bjp5dvme7f5baag2mw940khas6m52sc968q4v0p89hbct18sg69vqge1n7ebewj38bchk43vrvpc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%26client%3Dca-pub-5398989680841221%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kp2bcvt6678re4p7q1yb39wxf9dz0tf6drg185z49g992tg3z1z8m2z28h72vqzzr1dsywqy904ncg75kaw4htyg6v3sywbwy9mdd0vtkw0yqpr50nmg261668md8ghg22cp5s449dh77zr9xj4vhyh7bet0yykw2ydz9hjj9g5mnthnj672z8hkxpke5zpemkrfnzmhkej2qh01s5q9102efhanrpcfgfa8zzckqm2tbaj6srjc2smmyk63dzgw1az5ysk810j1grrw9wqv78gzckmz83ezs870pqr8xryr2csbv7v13we4q88hng55xhv90d83m7q1qn8qf2d8pgz9vxptdmavex1284y423qdx545kvd39b79sz1y1bjp5dvme7f5baag2mw940khas6m52sc968q4v0p89hbct18sg69vqge1n7ebewj38bchk43vrvpc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%26client%3Dca-pub-5398989680841221%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
22345
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f62phh9JUbOEbRDgBmjl%2BJ4o%2BoeP9mi7sNjDg4uTj7jvrzAWzj9zT7iqtZ2ljoTJMXu%2BMy4ceTSaF69zBJhTqKFz7uTWZhgBm%2Fh9greWIddWE4UpQnET%2Ff0209S0GP4oW6pa%2FSxqjmU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
78044b6f2daebbbf-FRA
expires
Tue, 27 Dec 2022 19:59:40 GMT
r62eglto.js
ad4m.at/ Frame 36F6 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kp2bcvt6678re4p7q1yb39wxf9dz0tf6drg185z49g992tg3z1z8m2z28h72vqzzr1dsywqy904ncg75kaw4htyg6v3sywbwy9mdd0vtkw0yqpr50nmg261668md8ghg22cp5s449dh77zr9xj4vhyh7bet0yykw2ydz9hjj9g5mnthnj672z8hkxpke5zpemkrfnzmhkej2qh01s5q9102efhanrpcfgfa8zzckqm2tbaj6srjc2smmyk63dzgw1az5ysk810j1grrw9wqv78gzckmz83ezs870pqr8xryr2csbv7v13we4q88hng55xhv90d83m7q1qn8qf2d8pgz9vxptdmavex1284y423qdx545kvd39b79sz1y1bjp5dvme7f5baag2mw940khas6m52sc968q4v0p89hbct18sg69vqge1n7ebewj38bchk43vrvpc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%26client%3Dca-pub-5398989680841221%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Nov 2022 06:17:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
45689
etag
W/"49e3b0ffd5e74f27b691e89cf271d672"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D3RFvg72Ad%2BECSZpu5VR9OjnAXNSdimT6i0YGp920GNcOH3Uty%2FuecoUq5Z5ErTQ%2B6OotCp5DHYVuIJZu9ypQwlu2ENDfv8vR2lpJjT%2BoaU0oIdVwcwFCpABp1XUrJ669TdMVa4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
78044b6efc439b3d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 27 Dec 2022 06:18:11 GMT
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 0208 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hzdse8caegd9a5f4f0z00m5yzbmh3ybj2tjr968yw332y5awhnxzhp424spfy226vm40dhjwwxkk0jc0dztzzg1jm7xng38c2gd6901c05b49me5tbtvsgycby0ek9qnr27c0chrq6s7ydbnay67rbwb9fpmpdz3mhnq46yn4fz0b70p5kcw52q7xpjpczne951cewzm3eaweecy02n8t1jrrxsbeqskdgn6fgxefh1h0tqe5wwet4x4x8w020xdawxx1rp1s7cbjcnm1g3yy5z78ynj51q7whxywv8xb9gght4f4j64c0dfkw9fa0nf9ep685ygpm680hfbx7t6q25cgbqf90d9c84qp2fghzax4nb489xp8a8nh5tjw99d0z70467q7011xmj7tc7pz5jm033xkrn5zrpv26v4ct1pevtxng6j3z7jk3zkpq1mdx3yj9efgz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%26client%3Dca-pub-5398989680841221%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hzdse8caegd9a5f4f0z00m5yzbmh3ybj2tjr968yw332y5awhnxzhp424spfy226vm40dhjwwxkk0jc0dztzzg1jm7xng38c2gd6901c05b49me5tbtvsgycby0ek9qnr27c0chrq6s7ydbnay67rbwb9fpmpdz3mhnq46yn4fz0b70p5kcw52q7xpjpczne951cewzm3eaweecy02n8t1jrrxsbeqskdgn6fgxefh1h0tqe5wwet4x4x8w020xdawxx1rp1s7cbjcnm1g3yy5z78ynj51q7whxywv8xb9gght4f4j64c0dfkw9fa0nf9ep685ygpm680hfbx7t6q25cgbqf90d9c84qp2fghzax4nb489xp8a8nh5tjw99d0z70467q7011xmj7tc7pz5jm033xkrn5zrpv26v4ct1pevtxng6j3z7jk3zkpq1mdx3yj9efgz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%26client%3Dca-pub-5398989680841221%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
22345
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjCpgjeu7QWl1D1bBZsHc7YpgNQFskbjmAZBEeD2W%2BqFx4oR0KiNOL9n0d33NkdkkGbDqxPoaE3sfAxCa8Iq%2FfhtlU7K3eD7joT3TbYkUDsS5m3x8kjrySpUVijapl5I1OqGnO%2BoL%2BQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
78044b6f2dabbbbf-FRA
expires
Tue, 27 Dec 2022 19:59:40 GMT
r62eglto.js
ad4m.at/ Frame 0208 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hzdse8caegd9a5f4f0z00m5yzbmh3ybj2tjr968yw332y5awhnxzhp424spfy226vm40dhjwwxkk0jc0dztzzg1jm7xng38c2gd6901c05b49me5tbtvsgycby0ek9qnr27c0chrq6s7ydbnay67rbwb9fpmpdz3mhnq46yn4fz0b70p5kcw52q7xpjpczne951cewzm3eaweecy02n8t1jrrxsbeqskdgn6fgxefh1h0tqe5wwet4x4x8w020xdawxx1rp1s7cbjcnm1g3yy5z78ynj51q7whxywv8xb9gght4f4j64c0dfkw9fa0nf9ep685ygpm680hfbx7t6q25cgbqf90d9c84qp2fghzax4nb489xp8a8nh5tjw99d0z70467q7011xmj7tc7pz5jm033xkrn5zrpv26v4ct1pevtxng6j3z7jk3zkpq1mdx3yj9efgz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%26client%3Dca-pub-5398989680841221%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Nov 2022 06:17:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
45689
etag
W/"49e3b0ffd5e74f27b691e89cf271d672"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=syUDrhgP6GyixoWJbw3APjmYgdLFjMKLWAuCwLY4UBCc8%2FO0utRKQzXy3NU48z3CbH6gAVqMpg8qlMOAi3vNIgiFMYhSujhZeY0t80GUJiwl8RAG%2BHDSKTmT6ZAj1BkNgC1o0Hc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
78044b6f0c639b3d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 27 Dec 2022 06:18:11 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2F4C 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3133
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:07:27 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 73CE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:19:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
2386
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 18:19:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 73CE 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 09:01:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
35870
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 09:01:50 GMT
block
api.unibots.in/ 		45 B
288 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.unibots.in/block?client=&page=jalantikus.com/tips/download-youtube-premium-apk/
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScriptBlocking.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.79.126.27 Mumbai, India, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
45-79-126-27.ip.linodeusercontent.com
Software
/ Express
Resource Hash
7079c4a270a27cec5738869ff1c650bcb431e7427aa282e507005fbdd4102b4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Dec 2022 18:59:40 GMT
Keep-Alive
timeout=5
X-Powered-By
Express
Content-Length
45
ETag
W/"2d-u7Q5CwGaa1ObtHaIkSK9AjhXyhU"
Content-Type
application/json; charset=utf-8
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		43 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=9d09ddc0-8618-11ed-b075-2f2775135070&ea=waterfall.fallStart&pp=300%2C168.75%2C1300%2C899.25&bp=1600%2C1200&wp=1600%2C11233%2C0%2C0&pgu=https%253A%252F%252Fjalantikus.com%252Ftips%252Fdownload-youtube-premium-apk%252F&pgt=YouTube%20Premium%20MOD%20APK%2017.45.34%20Premium%20Unlocked%202022%20%7C%20JalanTikus&sid=glia-id_jalantikus_desktop_simple&sk=id_jalantikus_desktop&si=id_jalantikus_desktop_simple&sa=id_jalantikus&pt=SimplePlayer&pv=0.3.97&ab=0&ta=0&cb=3453922850814617
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
plyr.css
cdn.plyr.io/3.7.2/ 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.plyr.io/3.7.2/plyr.css
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-plyr.js?v=0.3.97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d1c0431c216e6bc20750cba7eaff0399e7f1885a883f51ebb755358dedbeb15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
N4CD6EQNA2QN671N
age
63951
cf-polished
origSize=33875
x-cache
HIT, MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
eBBA9E/1ut3fU4+LuCguxXfWp4k8FzIfbEnQMl0N+jnpWpUK9BQVMbgI3Y+5go/PELlwz06ZJ8w=
x-served-by
cache-iad-kjyo7100086-IAD, cache-yyz4524-YYZ
cf-bgj
minify
last-modified
Wed, 20 Apr 2022 10:14:54 GMT
server
cloudflare
x-timer
S1650478617.156003,VS0,VE24
etag
W/"a1aeec768d6108bf625dcb56212430fc"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iboOj%2BG8id2gRJn8No8%2BRBMbv2Ty6R87L0uyeDMTK%2F%2Bu%2BQYOyEIE7MAJS06gcgkwRfBOhLBDKL1rVDCLteAF32Xosew%2B6xxwRLevYuq7Mf%2Fj6%2B3TDUTV%2FPO708WrzJdS7fRntYOVC2j"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control
max-age=31536000, immutable
cf-ray
78044b6fbd387480-LHR
x-cache-hits
1, 0
plyr.js
cdn.plyr.io/3.7.2/ 		108 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.plyr.io/3.7.2/plyr.js
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-plyr.js?v=0.3.97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8511b3608ee3391e3f6a006ea476f62ddce8cfff29115277d56bf1c555341821

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21707627
x-amz-request-id
N4C55XBPC355XPHP
cf-polished
origSize=110918
x-cache
HIT, MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
ZAt8Nk9RB1v8QwP+a/Ti0Q0Gzu41NfMf/ofTH6JZAtBD9+SV9B3aCl8vT9Dvckdgue2gYi7K1lA=
x-served-by
cache-iad-kjyo7100134-IAD, cache-lcy19236-LCY
cf-bgj
minify
last-modified
Wed, 20 Apr 2022 10:14:08 GMT
server
cloudflare
x-timer
S1650459954.879317,VS0,VE78
etag
W/"9f40125939372a80ab9cd478b8dd31b7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSGZpv9EqAN06IcxiOD5atAE9LgZ1IUf6ZgaXJNbQOWW92lKD%2F7i2EeSD9P47aiR2hA8zrMYyZbc9mD1PjxPBSkifMMuIU4cSbAFNdRXHY0j%2FMy813gRtRJzQmvKdJ%2FvQVEfbA%2BcCWuk"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control
max-age=31536000, immutable
cf-ray
78044b6fbd397480-LHR
x-cache-hits
1, 0
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame 25AD 		693 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
179197
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 17:13:03 GMT
expires
Mon, 25 Dec 2023 17:13:03 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 27 Dec 2022 18:59:40 GMT
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		43 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=9d09ddc0-8618-11ed-b075-2f2775135070&ea=ad.request&aui=63941&aup=freakout_indonesia&auo=1&aut=google&pp=300%2C168.75%2C1300%2C899.25&bp=1600%2C1200&wp=1600%2C11233%2C0%2C0&pgu=https%253A%252F%252Fjalantikus.com%252Ftips%252Fdownload-youtube-premium-apk%252F&pgt=YouTube%20Premium%20MOD%20APK%2017.45.34%20Premium%20Unlocked%202022%20%7C%20JalanTikus&sid=glia-id_jalantikus_desktop_simple&sk=id_jalantikus_desktop&si=id_jalantikus_desktop_simple&sa=id_jalantikus&pt=SimplePlayer&pv=0.3.97&ab=0&ta=0&cb=5733216912063341
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
ad
ad.rfp.fout.jp/ 		66 B
442 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.rfp.fout.jp/ad?ad_type=12&media_id=5465&adspot_id=MTU2OjE4NDE4&audience_id_type=2
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gliaplayer-plyr.js?v=0.3.97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.12.84 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
84.12.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
8e5a5c160b608e80a2508a2c37d6a01018fcc4e2c3a81879bc019c011024202e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:40 GMT
content-encoding
gzip
via
1.1 google
server
openresty
vary
Accept-Encoding
p3p
CP="ADM NOI OUR"
access-control-allow-origin
https://jalantikus.com
content-type
application/xml
cache-control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 7F00 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gpbfam3xsgp6bzeyfvva8c7d5f8syrzrxctvr7aepnebk82gtewbkbxnxh4jy3rgfbykfh0tn7aa220zb2vgfhcaz2zr7dvamcat15ktjt6bhf36jyqxm7fgb15hp779v3t3q8p78pmynadqsh5rhxh5rkpwdnjvbnydr55hq2rgkpf36brqyp3m1rbjwmntv67dm343bzqvbf97z7x74scjmhjp1v1k48pwnvnwcpzq4f21dp4pmrx3x40ath9t6frw3vp34tnzyxr0t5wfp5nxg6jgxbak7aqnsk9wezdbtr6n23bevz1jkr00sa6j58nrpm0y7mepz5440pf3qv3m77q2kndnr5w04e9w9bzczmssq9jx9j5amg239yqbjpwd12vj1wwqxvc6wspze899q1kjvetar8fb67rtdhh13gzmvd35t8d666sqmg9san5xs407510&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%26client%3Dca-pub-5398989680841221%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gpbfam3xsgp6bzeyfvva8c7d5f8syrzrxctvr7aepnebk82gtewbkbxnxh4jy3rgfbykfh0tn7aa220zb2vgfhcaz2zr7dvamcat15ktjt6bhf36jyqxm7fgb15hp779v3t3q8p78pmynadqsh5rhxh5rkpwdnjvbnydr55hq2rgkpf36brqyp3m1rbjwmntv67dm343bzqvbf97z7x74scjmhjp1v1k48pwnvnwcpzq4f21dp4pmrx3x40ath9t6frw3vp34tnzyxr0t5wfp5nxg6jgxbak7aqnsk9wezdbtr6n23bevz1jkr00sa6j58nrpm0y7mepz5440pf3qv3m77q2kndnr5w04e9w9bzczmssq9jx9j5amg239yqbjpwd12vj1wwqxvc6wspze899q1kjvetar8fb67rtdhh13gzmvd35t8d666sqmg9san5xs407510&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%26client%3Dca-pub-5398989680841221%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
22345
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8lp8YIIjzQ17Qed%2BZyVhuNYiP9Xnbd8kxDShGHU8IfAAPIjrUrh%2FRYfWf9rwm62VEg2UgYEUdZp%2BNWsTsPuZ4V%2FQHrEwdmsUIe7blHRu38tEtIWoMoPCHdGSFfYp%2FMJfr5HGwqktp0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
78044b6f5e14bbbf-FRA
expires
Tue, 27 Dec 2022 19:59:40 GMT
r62eglto.js
ad4m.at/ Frame 7F00 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gpbfam3xsgp6bzeyfvva8c7d5f8syrzrxctvr7aepnebk82gtewbkbxnxh4jy3rgfbykfh0tn7aa220zb2vgfhcaz2zr7dvamcat15ktjt6bhf36jyqxm7fgb15hp779v3t3q8p78pmynadqsh5rhxh5rkpwdnjvbnydr55hq2rgkpf36brqyp3m1rbjwmntv67dm343bzqvbf97z7x74scjmhjp1v1k48pwnvnwcpzq4f21dp4pmrx3x40ath9t6frw3vp34tnzyxr0t5wfp5nxg6jgxbak7aqnsk9wezdbtr6n23bevz1jkr00sa6j58nrpm0y7mepz5440pf3qv3m77q2kndnr5w04e9w9bzczmssq9jx9j5amg239yqbjpwd12vj1wwqxvc6wspze899q1kjvetar8fb67rtdhh13gzmvd35t8d666sqmg9san5xs407510&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%26client%3Dca-pub-5398989680841221%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Nov 2022 06:17:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
44984
etag
W/"49e3b0ffd5e74f27b691e89cf271d672"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3xSoXql8U5jwnYGnMekfDWR0zkHAuSaULwvezyYV1UH5tStbJamf3zPlhMw1wTnedyQ2XG%2BdD3hjQivU4CQtIqcPDRRWlztVZrSbBFM5gRTQeqDMcYe0%2FgywfEjA%2FaS%2Fr26Prs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
78044b6f5e15bbbf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 27 Dec 2022 06:18:11 GMT
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame F3B7 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jgfam7mgtswdxjrxggzrekryewxpqgfakym2158dennr4xwhjnntjhswxe3fr8chvwf52qz670wkbdexzm1n7kch5bgaajmja559ae6fb3qfb84ctsnmd30y1mxr34dwfeqtze1y4c6n4vfz5y6njk6wewf9m34wntrv3e684sw1w8cc9da4vwj5gswhh6ymtk8x6b9ncesnnkr2vj78a2ns9avr9xhbrc03qk0zeed559csajmm1e6x8yv2fs7xz5dt6fs3849xpndtd9gv1xgev9959x2etjw7pr2a2pw4bhbhacg76h9g30w5gdjehpb1hrasv32xpsvc9wyceptr96pygesm0qc7f56qm483ztjjjfj5p923486fe8h49v5453h4dv570nm25kq2jhr0rdjqh0h34c0vrzzv6xqhb8gy4pv8qqm9fvas3xptgqpf30y6m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%26client%3Dca-pub-5398989680841221%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jgfam7mgtswdxjrxggzrekryewxpqgfakym2158dennr4xwhjnntjhswxe3fr8chvwf52qz670wkbdexzm1n7kch5bgaajmja559ae6fb3qfb84ctsnmd30y1mxr34dwfeqtze1y4c6n4vfz5y6njk6wewf9m34wntrv3e684sw1w8cc9da4vwj5gswhh6ymtk8x6b9ncesnnkr2vj78a2ns9avr9xhbrc03qk0zeed559csajmm1e6x8yv2fs7xz5dt6fs3849xpndtd9gv1xgev9959x2etjw7pr2a2pw4bhbhacg76h9g30w5gdjehpb1hrasv32xpsvc9wyceptr96pygesm0qc7f56qm483ztjjjfj5p923486fe8h49v5453h4dv570nm25kq2jhr0rdjqh0h34c0vrzzv6xqhb8gy4pv8qqm9fvas3xptgqpf30y6m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%26client%3Dca-pub-5398989680841221%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
22345
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEVAGHQA7Nvq9DcURPjIIGJcrVymiH6MERWX%2Bo4aT4Lo1v%2FdzlwwdheDurLhI8H0e76F4%2B47wJ8BwPXKk%2BpM2zfv2XTm1Knqb7sE5xlIgAz%2B4GM3LvDb%2B6CJqnLJV5vdtB%2BI9DCfESo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
78044b6f6e35bbbf-FRA
expires
Tue, 27 Dec 2022 19:59:40 GMT
r62eglto.js
ad4m.at/ Frame F3B7 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jgfam7mgtswdxjrxggzrekryewxpqgfakym2158dennr4xwhjnntjhswxe3fr8chvwf52qz670wkbdexzm1n7kch5bgaajmja559ae6fb3qfb84ctsnmd30y1mxr34dwfeqtze1y4c6n4vfz5y6njk6wewf9m34wntrv3e684sw1w8cc9da4vwj5gswhh6ymtk8x6b9ncesnnkr2vj78a2ns9avr9xhbrc03qk0zeed559csajmm1e6x8yv2fs7xz5dt6fs3849xpndtd9gv1xgev9959x2etjw7pr2a2pw4bhbhacg76h9g30w5gdjehpb1hrasv32xpsvc9wyceptr96pygesm0qc7f56qm483ztjjjfj5p923486fe8h49v5453h4dv570nm25kq2jhr0rdjqh0h34c0vrzzv6xqhb8gy4pv8qqm9fvas3xptgqpf30y6m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%26client%3Dca-pub-5398989680841221%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Nov 2022 06:17:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
44984
etag
W/"49e3b0ffd5e74f27b691e89cf271d672"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MH9mgRoXisV86kPUG73IDg7sn5eEp%2BmbIrkCBxyVpvMgvEW3QWH2SYIFujx8UiiMYjJnCJZ0SJPlhqBvpWpCRo1v7QBU0iceqyC4b%2B7z9fs%2BWTZwRHWYn4RE0%2F90ip9hoENgYPU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
78044b6f6e37bbbf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 27 Dec 2022 06:18:11 GMT
css
fonts.googleapis.com/ Frame DAF3 		6 KB
730 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
78631aa2658006d43b70adcf42bfef831d29315d91bfe9e67bb4acd5f9b349e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Dec 2022 18:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 17:37:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Dec 2022 18:59:40 GMT
7296e22ca20ac6472628647a52a912af.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/ Frame DAF3 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/7296e22ca20ac6472628647a52a912af.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6847a453292f6db177d022b32b68ec91da611dd1bc18c6e33d26ed726339bc60
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 23 Dec 2022 15:18:04 GMT
x-content-type-options
nosniff
age
358896
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8880
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 23 Dec 2023 15:18:04 GMT
0eeebe2aab7fa2fb99c2a447383fb9a6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/ Frame DAF3 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/0eeebe2aab7fa2fb99c2a447383fb9a6.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a842670e0c9a10d0c42dc6de87889c6b9de065232e6bf125d5ca43a163f6d9fd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 23 Dec 2022 14:44:18 GMT
x-content-type-options
nosniff
age
360922
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9647
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 23 Dec 2023 14:44:18 GMT
undefinedz9njpo
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame DAF3 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/undefinedz9njpo
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Tue, 27 Dec 2022 18:59:40 GMT
7296e22ca20ac6472628647a52a912af.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/ Frame 6A1B 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/7296e22ca20ac6472628647a52a912af.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6847a453292f6db177d022b32b68ec91da611dd1bc18c6e33d26ed726339bc60
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 23 Dec 2022 15:18:04 GMT
x-content-type-options
nosniff
age
358896
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8880
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 23 Dec 2023 15:18:04 GMT
0eeebe2aab7fa2fb99c2a447383fb9a6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/ Frame 6A1B 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/0eeebe2aab7fa2fb99c2a447383fb9a6.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a842670e0c9a10d0c42dc6de87889c6b9de065232e6bf125d5ca43a163f6d9fd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 23 Dec 2022 14:44:18 GMT
x-content-type-options
nosniff
age
360922
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9647
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 23 Dec 2023 14:44:18 GMT
undefinedz9njpo
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame 6A1B 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/undefinedz9njpo
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Tue, 27 Dec 2022 18:59:40 GMT
css
fonts.googleapis.com/ Frame 6A1B 		6 KB
730 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
78631aa2658006d43b70adcf42bfef831d29315d91bfe9e67bb4acd5f9b349e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Dec 2022 18:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 17:40:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Dec 2022 18:59:40 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame B00B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:59:41 GMT
expires
Tue, 27 Dec 2022 18:59:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:59:40 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2F4C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:59:41 GMT
expires
Tue, 27 Dec 2022 18:59:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:59:40 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 36F6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
26102611
x-guploader-uploadid
ADPycdsAM1RKIW8NW9FXGsxgzhi5bSYe4VqqEbCt8J5Oc8iEgAF2SjSQc54Zb1FETUd5c-MZGmZZMUkSoxlmANI9NVVBPD3Irw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkz9qXCjfQVIdC71g6Dyiu2LD3X39O26qrRWEFMHDXInRdobSiiKqD9EAAi9KRj8%2BtftDR%2FQaibkYRn%2FaxhdBRPWQDOyAh7atKbbUyOJmoDNc%2BLzdr42CHnHTFMOkitS%2FMbYlpgmFs%2BHu7QF6XbNkWSa"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
78044b721d3f9b8f-FRA
expires
Tue, 28 Feb 2023 16:16:09 GMT
plyr.svg
cdn.plyr.io/3.7.2/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.plyr.io/3.7.2/plyr.svg
Requested by
Host: cdn.plyr.io
URL: https://cdn.plyr.io/3.7.2/plyr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
040F66MPF5WRAETH
age
1579383
x-cache
HIT, HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
bt03tEOairk1jr7MHTqXMsneCjAwhedWJYTJX0W+zBhayXG7JQWb7uFI31k7yYKZ4jll1QQIxYA=
x-served-by
cache-iad-kjyo7100037-IAD, cache-yyz4532-YYZ
last-modified
Wed, 20 Apr 2022 10:14:57 GMT
server
cloudflare
x-timer
S1670573879.881317,VS0,VE0
etag
W/"3a727a9b7eef825081d78cc6e48aaadf"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnuXFP1%2FwI%2FEJXQMEU3IgXPmmDx7FP%2BcoTP%2Fr3oa2JCOJTplmVL5xazHTdE9g6CML1wAofpYt1Yle2xLx7Xpbnth0K1aejLt2wGqdez1o6cIv7136IrMjCskxzpnUiJFDmQNxIAiWsvg"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control
max-age=31536000, immutable
cf-ray
78044b7218a2dccf-LHR
x-cache-hits
67, 185
plyr.svg
cdn.plyr.io/3.7.2/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.plyr.io/3.7.2/plyr.svg
Requested by
Host: cdn.plyr.io
URL: https://cdn.plyr.io/3.7.2/plyr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
040F66MPF5WRAETH
age
1579383
x-cache
HIT, HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
bt03tEOairk1jr7MHTqXMsneCjAwhedWJYTJX0W+zBhayXG7JQWb7uFI31k7yYKZ4jll1QQIxYA=
x-served-by
cache-iad-kjyo7100037-IAD, cache-yyz4532-YYZ
last-modified
Wed, 20 Apr 2022 10:14:57 GMT
server
cloudflare
x-timer
S1670573879.881317,VS0,VE0
etag
W/"3a727a9b7eef825081d78cc6e48aaadf"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQlu42nhlE1qcufj9ji0uE1CVWnfhKpFi3kS4FGCveVrBcnWw3kgGs3d%2BYEYbgdi47uz%2FMRBH51p5GqDU02AFsrOOfHWAHbCRCFWr5qI5rt%2FkyYZhmyYA5lbAkGWTuyVJp5366r4nlkY"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control
max-age=31536000, immutable
cf-ray
78044b7218a1dccf-LHR
x-cache-hits
67, 185
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		43 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=9d09ddc0-8618-11ed-b075-2f2775135070&ea=player.inited&pp=300%2C168.75%2C1300%2C899.25&bp=1600%2C1200&wp=1600%2C11233%2C0%2C0&pgu=https%253A%252F%252Fjalantikus.com%252Ftips%252Fdownload-youtube-premium-apk%252F&pgt=YouTube%20Premium%20MOD%20APK%2017.45.34%20Premium%20Unlocked%202022%20%7C%20JalanTikus&sid=glia-id_jalantikus_desktop_simple&sk=id_jalantikus_desktop&si=id_jalantikus_desktop_simple&sa=id_jalantikus&pt=SimplePlayer&pv=0.3.97&ab=0&ta=0&cb=8885052004197833
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 0208 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
26102611
x-guploader-uploadid
ADPycdsAM1RKIW8NW9FXGsxgzhi5bSYe4VqqEbCt8J5Oc8iEgAF2SjSQc54Zb1FETUd5c-MZGmZZMUkSoxlmANI9NVVBPD3Irw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9tZKmrrnkK2lDCPlchmETw4%2B47Nn%2BBOI2nzAHL6uvKVXvpI38KJa9OVAmGZJrZckRFvGF846L0tD9oCCuB%2BEkErVjO%2B%2FbuV3PkXvEQGRNilc1in3nfnC8uwOQfTy4Po3F2sKU1C%2BR6H3gT3YV3mNFhf"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
78044b721d419b8f-FRA
expires
Tue, 28 Feb 2023 16:16:09 GMT
l
www.google.com/ads/measurement/ Frame 2244 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ-MOpB20jTImRyv3gTOwDV1OBPvT9bHlMuspECeMlV5NEvz_qmREFRn97e9JcFIvLn598FlbvaeHAW-QGxv3dbAUwDhw
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2244 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Dec 2022 18:59:40 GMT
l
www.google.com/ads/measurement/ Frame 73CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQvPqjfDoWlGFiO4yzgx5cI6E8hBYAVrXIxa59ZDsxPC-N6x4qtvtaY7oTULlBz2deuX_6-9Ax1_-RFVB6eoDX00XKkKw
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 73CE 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Dec 2022 18:59:40 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame F3B7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
26102611
x-guploader-uploadid
ADPycdsAM1RKIW8NW9FXGsxgzhi5bSYe4VqqEbCt8J5Oc8iEgAF2SjSQc54Zb1FETUd5c-MZGmZZMUkSoxlmANI9NVVBPD3Irw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPjW3eSRCiEM53nFRIBSmCSLcM1aZvWalsxiH1Mm7fxkZM2ztRcrB3Spig4laiSKfvjgEtyYMzMcpiOc5hUvAHuVVmREO9QxT%2FP%2Bpzvwwz3oLDHVbPJ1ng3T5Rranrb3o8%2FEam0HaCMrvnNKb17%2FySQW"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
78044b721d3a9b8f-FRA
expires
Tue, 28 Feb 2023 16:16:09 GMT
truncated
/ Frame 2244 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e638079fbfc8bb79906848c8f433a3c2af9d27c56e546bd6606527ebfce8e335

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 73CE 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ece6f49936ec7d9e5f1b361f0ccb8b3a228f8034c9becd30c041175fe62b726a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 7F00 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
26102611
x-guploader-uploadid
ADPycdsAM1RKIW8NW9FXGsxgzhi5bSYe4VqqEbCt8J5Oc8iEgAF2SjSQc54Zb1FETUd5c-MZGmZZMUkSoxlmANI9NVVBPD3Irw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCXo%2F4VRCHCptKsXnWEP769OVA9XcDDe%2F0J0fyLQ7JssLq7BxRrWf0aprI9BGdQiSbYwkjICqlfoc%2BtZTbvlh1%2B9W1LiJq25OkGJvdc4acqLu3ivEyqUIOPr9K%2B9IUgDxYqJ7XTfNoWVVk9REwqHF%2Ba8"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
78044b721d429b8f-FRA
expires
Tue, 28 Feb 2023 16:16:09 GMT
frame.html
ad4m.at/ Frame 07B9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2674466
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
78044b71bb3ebbbf-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 27 Dec 2022 18:59:40 GMT
expires
Wed, 26 Oct 2022 23:22:52 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IbGUeLtyd12L3Dk6HwDxkf3tdrGo4UCoGvMtdshtDvdQy%2Btphjy66ft1tB%2BKj9csBHvHoEesTkys9pEfiRwuMc7O8K3OWKvpX1nqVp1M9G4Jat%2BD0Geu%2FetUEn2zWVhFTfTva5w%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
blank.mp4
cdn.plyr.io/static/ 		2 KB
3 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.plyr.io/static/blank.mp4
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5747997d80825cbafcdbe5ab97d7b5502c06b1aae85fed9610845348b3da4d98

Request headers

Referer
https://jalantikus.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NG1QTWM736CMFA9H
age
1948381
x-cache
HIT, HIT
Content-Range
bytes 0-1776/1777
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
1777
x-amz-id-2
9o1Oo3VPSByDjBm/MAkwUuYS+9BLxqULFkUdApO4AKAtJE7oiJk18RI8ZbETNZ6JwLIZuG4cyb4=
x-served-by
cache-iad-kcgs7200043-IAD, cache-jnb7027-JNB
last-modified
Wed, 14 Nov 2018 10:16:31 GMT
server
cloudflare
x-timer
S1667355507.373934,VS0,VE0
etag
"08fc2557b6c938f1a251e59b016e90e2"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
video/mp4
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6t8m3AqGAhJlR94RRqgfgrmzYMpedopLPwGaVfz0diVlCoVhVY0eMv%2FuyEmO%2Fej8ysTw6O1AKR0fyRc8SzxCxC0xB0wrC75MhUW96GHwzo0STtvBO1O%2FTHGiCUe3ckAU%2BXiGrgnYec6b"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control
max-age=31536000
cf-ray
78044b725c8e23bc-LHR
x-cache-hits
1, 1077
jalantikus.com-1671095064.873197.mp4
cdn-gliacloud.urekamedia.co/jalantikus.com/ 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn-gliacloud.urekamedia.co/jalantikus.com/jalantikus.com-1671095064.873197.mp4
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
274b7ab92cdb9b4c2057404901dbb48508ec074a7e5b357a35e920bdc73b9001

Request headers

Referer
https://jalantikus.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

x-77-nzt
AZySIRDVJlv/bXkAAA
x-accel-expires
@1673173295
date
Tue, 27 Dec 2022 18:59:40 GMT
x-77-pop
frankfurtDE
last-modified
Thu, 15 Dec 2022 09:04:30 GMT
server
CDN77-Turbo
etag
"639ae31e-2b8ea4"
x-77-nzt-ray
f6587a1d277324419c40ab63950ab020
x-cache
HIT
content-type
video/mp4
access-control-allow-origin
*
x-77-cache
HIT
Content-Range
bytes 0-2854563/2854564
x-age
31085
Content-Length
2854564
frame.html
ad4m.at/ Frame FCA1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2674466
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
78044b71cb5dbbbf-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 27 Dec 2022 18:59:40 GMT
expires
Wed, 26 Oct 2022 23:22:52 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3tDXvzcoKbQPDqpROyMjH7XC55yX7Q8LAMnLlnSjPJZ0DrDaTgLDlLAYSm1iY5HrO2SbtYBmv42mSAwdzSkBcawuzrN9knjYSVB7Epx5j6yYC%2FazDpP8AxDyi6eHwCIOAQ0IkQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame 63A0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2674466
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
78044b71cb63bbbf-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 27 Dec 2022 18:59:40 GMT
expires
Wed, 26 Oct 2022 23:22:52 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8sY%2F0h9QzG6krQeeuWy0QHGIxJ2v61cq73OQlgKWkSxx92222TgSskclDEFGUpDRbOpYpcEpy5TDJnHb2ch%2F1K4xvS6gmfz%2BPgTEKJEZkyk%2FBBg35y8ZwXPlrPm2Xh3TdVLmjzQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame 1CE4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2674466
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
78044b71cb66bbbf-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 27 Dec 2022 18:59:40 GMT
expires
Wed, 26 Oct 2022 23:22:52 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPFESlIYh8zdhXSAWvsXSDlllcjEG0jSGxeT07uTeeHBVy9%2FZYyXk4wez6umGqfPFv1%2BxPCS9%2BK3sapeMmq1SJLuBOiqZsXoSY7%2FCBqSFh7eEnHNC2gt%2BL5q4Mf8yjmbLVJuc70%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame 82C0 		693 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
179197
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 17:13:03 GMT
expires
Mon, 25 Dec 2023 17:13:03 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		43 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=9d09ddc0-8618-11ed-b075-2f2775135070&ea=ad.request&aui=63264&aup=unruly_video&auo=2&aut=google&pp=300%2C168.75%2C1300%2C899.25&bp=1600%2C1200&wp=1600%2C11233%2C0%2C0&pgu=https%253A%252F%252Fjalantikus.com%252Ftips%252Fdownload-youtube-premium-apk%252F&pgt=YouTube%20Premium%20MOD%20APK%2017.45.34%20Premium%20Unlocked%202022%20%7C%20JalanTikus&sid=glia-id_jalantikus_desktop_simple&sk=id_jalantikus_desktop&si=id_jalantikus_desktop_simple&sa=id_jalantikus&pt=SimplePlayer&pv=0.3.97&ab=0&ta=0&cb=6503441992528849
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
ads
pubads.g.doubleclick.net/gampad/ Frame 82C0 		19 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21818843116%2Funruly_video_id_jalantikus_desktop_1662445743.351691&description_url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4384443198775470&vpa=auto&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=2365973524&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&nel=0&eid=44748969%2C44765701&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&dt=1672167580649&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg&scor=748301216797107&ged=ve4_td4_tt1_pd4_la4000_er899.1300.1053.1600_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf47d82f4af3c72868edbf26d93fbf991e7b2c3cb384752e69a010749f336e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3383
x-xss-protection
0
google-lineitem-id
5827711174
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138370154076
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
rs
ad4m.at/ Frame 0208 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09bb28c664a6d52895a3cecb1f2c61cb7220efb250037e5b35f9667cdcb0d5f6

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azW7Ss9EIBWB7QabMPUNgIbNIdae%2F4ff5nRj5NTbpnoog2BJ7fN%2FA4y8qmf40KG%2BSPEZ3n7Ia42md0IJvOKWlputtn3v%2FNYHC8yFuwVSIcaKPmMg2gKKBIqtr6CLtRTRZSrI8CE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
78044b73ec8b91d8-FRA
x-backend-server
aa-reachservice-group-europe-west1-tbx2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 7F00 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f9c91f10d7675f172aa8385a04f8a740bf2e54e0ee412f30c3bfa786280f9b0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRasMnt%2FsgvkFLC1c%2ByWhxlJ9xCgTubnezeQ9%2FeMqIRlNTWtHYSRGSyWJbOCKkkEdULyoFApkiFTbNn4Y%2B6AdgcHyvJjqeeqApt4XiVT3UVxClpwyx4pc%2B7wZqt%2B4FI0EFgvU%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
78044b73ec8891d8-FRA
x-backend-server
aa-reachservice-group-europe-west1-tbx2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame F3B7 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f217daeb2d96c1459a631bcf0fb129a09ff39bd7901dd0dad9477a4f3225bdaa

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Bgx5q7YOLn96lpZE5jEcFah3H5Xr5JNtGK29LAdCaB9q8BSSHYDT1rqiqaQ8lqEGT6fC%2BvzsIf3qJIV5kraShC%2FvcDVyiGDZOoKcCNpN52zKI4A5OHFI2ykSXoH%2BCacRKlk6Sc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
78044b73ec7791d8-FRA
x-backend-server
aa-reachservice-group-europe-west1-tbx2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 36F6 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfd9ff9e71dbb70c669609d774ee1ec11590ba3b59e167a48b7b6a18f29881e4

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QwKODASsvAhX1rQZfMYq8LU6XxqF%2Fw3zb3zmWhjZD%2FTRkvRvO8odHCQ%2B15fHM9srKRTuqgkdP2JQV9CADT49b262glPrCeS1BCDXM5EqIiBWFIUyzFLmxPAKGnq2IbQFdBg4N9I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
78044b73dc6591d8-FRA
x-backend-server
aa-reachservice-group-europe-west1-tbx2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
78044b737b9191d8-FRA
content-length
24
content-type
text/plain
date
Tue, 27 Dec 2022 18:59:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BHnftUDXeLHLjWXuv%2BwAbPOO1zSaU0Wohh16iY4Slsbb194qlnDwVgaUFEQMSpOTCJtkD9BfBSwOOtscWnauot0aYbUT76uB1i31EidfQH1vzodwN2qlBx00sT4q7FOsaLQyEQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-tbx2
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
78044b737b9291d8-FRA
content-length
24
content-type
text/plain
date
Tue, 27 Dec 2022 18:59:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2i4tqSWv2ZwJvpB3Y2WXikuQDCz1cNkK8FEqwzut1781%2BnztEuhzggOLusmj3fn93sM7at5oV1iddCeZV0fVFebEllxUJ0tVjllWrxjpqfDx3Xls3V33bT7iiKcD3YPhoSm%2BjF0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-tbx2
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
78044b737b9391d8-FRA
content-length
24
content-type
text/plain
date
Tue, 27 Dec 2022 18:59:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8DpMdS627aBLGkZ85XL9nCOlf7BkApXPbiLvLaLkSYoX3DCs4Iejs5Y9eIPBi3EEnWLxsBQv6%2FhugKcartET1TpxrF8%2BlTrmH3CCixFNWNJHialVsWyk9URAKGqcGsBjVwU3cg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-tbx2
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
78044b737b8f91d8-FRA
content-length
24
content-type
text/plain
date
Tue, 27 Dec 2022 18:59:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MS9lqONoIoNjsh0xM5omWMfqyewk%2F1fC3Im0xJ3MONx6PN1YRUmpxxpTUb5taD0pyPv%2BN8gwhEFWf2Lq4O7lgkHrfFlubAbRiZWcmcEMyrw9Gp5cAQrqAifExH%2BBY8PrP7ABg5Y%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-tbx2
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		43 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=9d09ddc0-8618-11ed-b075-2f2775135070&ea=video.play&vk=gs-396708-jalantikus.com%7CSimplePlayer-sub0&pp=300%2C168.75%2C1300%2C899.25&bp=1600%2C1200&wp=1600%2C11233%2C0%2C0&pgu=https%253A%252F%252Fjalantikus.com%252Ftips%252Fdownload-youtube-premium-apk%252F&pgt=YouTube%20Premium%20MOD%20APK%2017.45.34%20Premium%20Unlocked%202022%20%7C%20JalanTikus&sid=glia-id_jalantikus_desktop_simple&sk=id_jalantikus_desktop&si=id_jalantikus_desktop_simple&sa=id_jalantikus&pt=SimplePlayer&pv=0.3.97&ab=0&ta=0&cb=3593958955673351
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
rar
as.ad4m.at/ad/ Frame 3A51 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=be016755f4073f6b04d872d288b01957%2F7808709755538034677&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580799&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbwpeg143xa8mmj89fyvgj58mfnndy1e7zay2qs44808z1qgsypycm1bfekmwxhaffe71ypbq78g2c47s55a34va1kkgdvxqads9x73r58ym5af3a62p3wbta0376h5pktpt4c7e1qv437gjfp28gkq4bfg3pref8x6fc0pnx9z3ma4rw8jmc55eaakxnr06j693ypqwcyp848b4czcdbsb625zc6318pzr2bzsge2vk9btvzs4p29sme8y5vdveyggmt8zvjdmkr3yx071bash4m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e668ad13862fe4f4d8631454881c1cabd4f5e9446192ca40c1ecc5892d7617cf
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1kp2bcvt6678re4p7q1yb39wxf9dz0tf6drg185z49g992tg3z1z8m2z28h72vqzzr1dsywqy904ncg75kaw4htyg6v3sywbwy9mdd0vtkw0yqpr50nmg261668md8ghg22cp5s449dh77zr9xj4vhyh7bet0yykw2ydz9hjj9g5mnthnj672z8hkxpke5zpemkrfnzmhkej2qh01s5q9102efhanrpcfgfa8zzckqm2tbaj6srjc2smmyk63dzgw1az5ysk810j1grrw9wqv78gzckmz83ezs870pqr8xryr2csbv7v13we4q88hng55xhv90d83m7q1qn8qf2d8pgz9vxptdmavex1284y423qdx545kvd39b79sz1y1bjp5dvme7f5baag2mw940khas6m52sc968q4v0p89hbct18sg69vqge1n7ebewj38bchk43vrvpc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%26client%3Dca-pub-5398989680841221%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
78044b7458d6bbbf-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:59:40 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame B363 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=e123439b35d898f1c8580f7c1038f13c%2F11001653626940761441&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580803&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kzn04ywzxwswb6jzj9bhbes67fp1taajs6qrd80kgjcpj88ba4bt7rwxb69ctm21zej89dv8j2gra2q8075zp0k3rgk5py56ny6etxsyf9psa4y2j1cnzq56zwbjq5z68k0fg3zw1vvkvdf8pgsaj7zf67gbh049hag0p2cahmym8015zegn4akagxgzjv9590wm985z1rjxq8zyk9j54393ry7wx6ym4psd0xxnfh88chkqa9mns4gjnz81vftjf8kc5300ademsaqksgshkga8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5131e5822d5f1d2780e14cd209c7c895b715e909b74993f5849d9809ca8276ff
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1jgfam7mgtswdxjrxggzrekryewxpqgfakym2158dennr4xwhjnntjhswxe3fr8chvwf52qz670wkbdexzm1n7kch5bgaajmja559ae6fb3qfb84ctsnmd30y1mxr34dwfeqtze1y4c6n4vfz5y6njk6wewf9m34wntrv3e684sw1w8cc9da4vwj5gswhh6ymtk8x6b9ncesnnkr2vj78a2ns9avr9xhbrc03qk0zeed559csajmm1e6x8yv2fs7xz5dt6fs3849xpndtd9gv1xgev9959x2etjw7pr2a2pw4bhbhacg76h9g30w5gdjehpb1hrasv32xpsvc9wyceptr96pygesm0qc7f56qm483ztjjjfj5p923486fe8h49v5453h4dv570nm25kq2jhr0rdjqh0h34c0vrzzv6xqhb8gy4pv8qqm9fvas3xptgqpf30y6m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%26client%3Dca-pub-5398989680841221%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
78044b7458dbbbbf-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:59:40 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 6B09 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=e9975e07edc1a6de0c3e891e03c06524%2F14878494519113093806&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkn691d4n5ghf53eyh1mtqjvsceeeggq6a5520vr02604k5zahvn1qw3rqee440vh88etz6sc9ch2fkpbbm96agn7mwyq50ht3xsqazv4fe42mz5v2sv1rw0j6yncw4dy7nftzw85tmkxpp604g7t8na978wwy4pvaqaekbsqpfjh6f6v96j48phxdnxqnweh7fh7p95yntsfncgmg55vyj268z0kh3v639fgq19xb3h4hz56aw3f1fez7p5ymyser60j1k8nvpndyf2tzhfkv89m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9ed515d0f1c1077d8eef63c4c178146a482f61ece1487f89e25d379e7be8a2f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hzdse8caegd9a5f4f0z00m5yzbmh3ybj2tjr968yw332y5awhnxzhp424spfy226vm40dhjwwxkk0jc0dztzzg1jm7xng38c2gd6901c05b49me5tbtvsgycby0ek9qnr27c0chrq6s7ydbnay67rbwb9fpmpdz3mhnq46yn4fz0b70p5kcw52q7xpjpczne951cewzm3eaweecy02n8t1jrrxsbeqskdgn6fgxefh1h0tqe5wwet4x4x8w020xdawxx1rp1s7cbjcnm1g3yy5z78ynj51q7whxywv8xb9gght4f4j64c0dfkw9fa0nf9ep685ygpm680hfbx7t6q25cgbqf90d9c84qp2fghzax4nb489xp8a8nh5tjw99d0z70467q7011xmj7tc7pz5jm033xkrn5zrpv26v4ct1pevtxng6j3z7jk3zkpq1mdx3yj9efgz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%26client%3Dca-pub-5398989680841221%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
78044b7468febbbf-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:59:40 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 3C93 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=2373b441359b7defc04bee61fdbd72fb%2F1234430002439753742&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kywn7502ds0r2s1phjpa7dbyjyrg05n2qv9ez8ejvv41t6zjvq3grhge22xpd9vdfbvp6qnv0np2wb35e557hy1dnd698nghcqbvjb4adg8s2pmbccj4nhah6qtyyavb814s8d3yfa0n7ca29rvh8pgszr51s1y812qt223nr1bzvm0be656bmzarpp16dx0xh9fcfd2ye3s7p0ptpws5jgzqrgcxb7hydyft1fgjt3sbw2a14xayd45geq0nkwsgg3xwgs9jtzqfnrkr3mcshnt4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ea8900707398d5d88f5f59e779f62b66ec1b7e41f5ccc25a8dc4aa0f9b94af7
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1gpbfam3xsgp6bzeyfvva8c7d5f8syrzrxctvr7aepnebk82gtewbkbxnxh4jy3rgfbykfh0tn7aa220zb2vgfhcaz2zr7dvamcat15ktjt6bhf36jyqxm7fgb15hp779v3t3q8p78pmynadqsh5rhxh5rkpwdnjvbnydr55hq2rgkpf36brqyp3m1rbjwmntv67dm343bzqvbf97z7x74scjmhjp1v1k48pwnvnwcpzq4f21dp4pmrx3x40ath9t6frw3vp34tnzyxr0t5wfp5nxg6jgxbak7aqnsk9wezdbtr6n23bevz1jkr00sa6j58nrpm0y7mepz5440pf3qv3m77q2kndnr5w04e9w9bzczmssq9jx9j5amg239yqbjpwd12vj1wwqxvc6wspze899q1kjvetar8fb67rtdhh13gzmvd35t8d666sqmg9san5xs407510&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%26client%3Dca-pub-5398989680841221%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
78044b746908bbbf-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:59:40 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
7296e22ca20ac6472628647a52a912af.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/ Frame DAF3 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/7296e22ca20ac6472628647a52a912af.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6847a453292f6db177d022b32b68ec91da611dd1bc18c6e33d26ed726339bc60
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 23 Dec 2022 15:18:04 GMT
x-content-type-options
nosniff
age
358896
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8880
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 23 Dec 2023 15:18:04 GMT
0eeebe2aab7fa2fb99c2a447383fb9a6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/ Frame DAF3 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/0eeebe2aab7fa2fb99c2a447383fb9a6.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a842670e0c9a10d0c42dc6de87889c6b9de065232e6bf125d5ca43a163f6d9fd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 23 Dec 2022 14:44:18 GMT
x-content-type-options
nosniff
age
360922
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9647
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 23 Dec 2023 14:44:18 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame DAF3 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:48:10 GMT
x-content-type-options
nosniff
age
339090
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18688
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 20:48:10 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame DAF3 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 17:51:19 GMT
x-content-type-options
nosniff
age
90501
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Dec 2023 17:51:19 GMT
Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame DAF3 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09591867279cfa308e6366b2d6be5033904ef3de3c86b6f89cbe47e3022b7d99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 12:05:31 GMT
x-content-type-options
nosniff
age
370449
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20496
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 12:05:31 GMT
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 3A51 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=be016755f4073f6b04d872d288b01957%2F7808709755538034677&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580799&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbwpeg143xa8mmj89fyvgj58mfnndy1e7zay2qs44808z1qgsypycm1bfekmwxhaffe71ypbq78g2c47s55a34va1kkgdvxqads9x73r58ym5af3a62p3wbta0376h5pktpt4c7e1qv437gjfp28gkq4bfg3pref8x6fc0pnx9z3ma4rw8jmc55eaakxnr06j693ypqwcyp848b4czcdbsb625zc6318pzr2bzsge2vk9btvzs4p29sme8y5vdveyggmt8zvjdmkr3yx071bash4m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=be016755f4073f6b04d872d288b01957%2F7808709755538034677&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580799&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbwpeg143xa8mmj89fyvgj58mfnndy1e7zay2qs44808z1qgsypycm1bfekmwxhaffe71ypbq78g2c47s55a34va1kkgdvxqads9x73r58ym5af3a62p3wbta0376h5pktpt4c7e1qv437gjfp28gkq4bfg3pref8x6fc0pnx9z3ma4rw8jmc55eaakxnr06j693ypqwcyp848b4czcdbsb625zc6318pzr2bzsge2vk9btvzs4p29sme8y5vdveyggmt8zvjdmkr3yx071bash4m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
22345
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2oebofLgs4zapnz%2BY6Q0Bsl%2BF%2B8QDutrMq8B3QGE%2BT3BicCZ8otKblZwB391%2FPZwkuzomIBtEI%2FS5CNlcanxaW20JuyBSdlLA86h%2B1E2QVOcrWqJQ0A1%2FFQhMGUjJ5O2lA%2FTk%2B9Bos%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
78044b74d9f8bbbf-FRA
expires
Tue, 27 Dec 2022 19:59:40 GMT
F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 3A51 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=be016755f4073f6b04d872d288b01957%2F7808709755538034677&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580799&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbwpeg143xa8mmj89fyvgj58mfnndy1e7zay2qs44808z1qgsypycm1bfekmwxhaffe71ypbq78g2c47s55a34va1kkgdvxqads9x73r58ym5af3a62p3wbta0376h5pktpt4c7e1qv437gjfp28gkq4bfg3pref8x6fc0pnx9z3ma4rw8jmc55eaakxnr06j693ypqwcyp848b4czcdbsb625zc6318pzr2bzsge2vk9btvzs4p29sme8y5vdveyggmt8zvjdmkr3yx071bash4m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
608371
cf-polished
origFmt=png, origSize=233620
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
130162
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:10:51 GMT
server
cloudflare
etag
"d1d171dd651522f41a2fc0dba256a546"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0as1gkVg6wF8HSSaMu9J3x4dWr9hAo1d3L%2BSKESY9aMts3f4Otffh%2FCfCgU7MfNrcm4kayRIwXRnNlHVjJCNscA7y%2BzeXR0B3vyO5HYwy55qURCgRNSFzaW0uAzK23MnUSx9h4iLcZXZXnh"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78044b74fea79b3d-FRA
expires
Wed, 28 Dec 2022 18:59:40 GMT
1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 3A51 		461 KB
462 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=be016755f4073f6b04d872d288b01957%2F7808709755538034677&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580799&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbwpeg143xa8mmj89fyvgj58mfnndy1e7zay2qs44808z1qgsypycm1bfekmwxhaffe71ypbq78g2c47s55a34va1kkgdvxqads9x73r58ym5af3a62p3wbta0376h5pktpt4c7e1qv437gjfp28gkq4bfg3pref8x6fc0pnx9z3ma4rw8jmc55eaakxnr06j693ypqwcyp848b4czcdbsb625zc6318pzr2bzsge2vk9btvzs4p29sme8y5vdveyggmt8zvjdmkr3yx071bash4m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1808427
cf-polished
origFmt=png, origSize=731561
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
471752
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:03:31 GMT
server
cloudflare
etag
"1b69278243c107df5b11186b1f6ca585"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKxt8u4OpM3roIfZn7bcvr6otU115YXYqQkWZSSH6kLloVBKUplElKW%2F0xonPG1jmmQ1urGXhBxf%2FHeoWt%2FMrEebE12n1LtgIxQ%2BjUYBGm1ti9sgULstyhHtYcItj2PjK84IwYWgW82qiFpC"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78044b751eeb9b3d-FRA
expires
Wed, 28 Dec 2022 18:59:40 GMT
B540011309A7A223CA190FD615D127B7570B1721E653B82E0DAAFC2C259A71C0F7A4F55653D39625199B295853A73F49D4B1D98FEBCF9E844CFCAA1103DBF4F7
assets.ad4m.at/logo/ Frame 3A51 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B540011309A7A223CA190FD615D127B7570B1721E653B82E0DAAFC2C259A71C0F7A4F55653D39625199B295853A73F49D4B1D98FEBCF9E844CFCAA1103DBF4F7
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=be016755f4073f6b04d872d288b01957%2F7808709755538034677&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580799&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbwpeg143xa8mmj89fyvgj58mfnndy1e7zay2qs44808z1qgsypycm1bfekmwxhaffe71ypbq78g2c47s55a34va1kkgdvxqads9x73r58ym5af3a62p3wbta0376h5pktpt4c7e1qv437gjfp28gkq4bfg3pref8x6fc0pnx9z3ma4rw8jmc55eaakxnr06j693ypqwcyp848b4czcdbsb625zc6318pzr2bzsge2vk9btvzs4p29sme8y5vdveyggmt8zvjdmkr3yx071bash4m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ee900286c520753f34371eafdc56c97188e32638a97eaaf5e5b60afdb4064f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
515744
cf-polished
origFmt=png, origSize=89638
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
64408
cf-bgj
imgq:85,h2pri
last-modified
Fri, 22 May 2020 12:20:14 GMT
server
cloudflare
etag
"5260549f152cd629e826b547dd714c3a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJMLi8DTqHZLooXCD%2FLGDVefIgqbdU85O0N7FdC%2FQsGovrf2mycdptRZKwaWKpzCMmtw%2Bt78Us%2Bcy0yfzttEFbNw1yjXu8iCbqVMigkXPBAJFSk2nm8hArZU4MGn5dYAsciv3dAwvdsTmKQx"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78044b751ef09b3d-FRA
expires
Wed, 28 Dec 2022 18:59:40 GMT
C56693D9A1B08B42506D042029986348D3C5B748950763FE678C4ED7115C882C37EE23A3213A99CBF6307528E019DC6BC2DD9649960D0B55F98BB6E5636CA060
assets.ad4m.at/ Frame 3A51 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/C56693D9A1B08B42506D042029986348D3C5B748950763FE678C4ED7115C882C37EE23A3213A99CBF6307528E019DC6BC2DD9649960D0B55F98BB6E5636CA060
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=be016755f4073f6b04d872d288b01957%2F7808709755538034677&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580799&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbwpeg143xa8mmj89fyvgj58mfnndy1e7zay2qs44808z1qgsypycm1bfekmwxhaffe71ypbq78g2c47s55a34va1kkgdvxqads9x73r58ym5af3a62p3wbta0376h5pktpt4c7e1qv437gjfp28gkq4bfg3pref8x6fc0pnx9z3ma4rw8jmc55eaakxnr06j693ypqwcyp848b4czcdbsb625zc6318pzr2bzsge2vk9btvzs4p29sme8y5vdveyggmt8zvjdmkr3yx071bash4m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14538419c15807c9a5e7d913afbb17223f76134b8da12b51574a7d13ee4046c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1813519
cf-polished
qual=85, origFmt=jpeg, origSize=68718
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29350
cf-bgj
imgq:85,h2pri
last-modified
Wed, 18 Mar 2020 10:20:14 GMT
server
cloudflare
etag
"3608be436fa33cfe8447c6f429d36a9d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQoQfHwuBJMRs9NNLZCCm7qLIPvGcU3HatU%2BYZ3zB%2F%2FV7Msvj7BYjUlNC%2FiVk5zE2PHot7N7z6s03ipUHEFmLElbd7LBLaWdorAzbbVxv%2FuB7fNtriXp0WzV6%2FQPUYlk9TpNYnHg5TlnRx4T"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78044b751ef59b3d-FRA
expires
Wed, 28 Dec 2022 18:59:41 GMT
32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
assets.ad4m.at/logo/ Frame 3A51 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=be016755f4073f6b04d872d288b01957%2F7808709755538034677&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580799&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbwpeg143xa8mmj89fyvgj58mfnndy1e7zay2qs44808z1qgsypycm1bfekmwxhaffe71ypbq78g2c47s55a34va1kkgdvxqads9x73r58ym5af3a62p3wbta0376h5pktpt4c7e1qv437gjfp28gkq4bfg3pref8x6fc0pnx9z3ma4rw8jmc55eaakxnr06j693ypqwcyp848b4czcdbsb625zc6318pzr2bzsge2vk9btvzs4p29sme8y5vdveyggmt8zvjdmkr3yx071bash4m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
509012
cf-polished
origFmt=png, origSize=85233
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54280
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 17:18:26 GMT
server
cloudflare
etag
"0bc184d99872986e7c36d6945f607e59"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eom9Rg0A8IvE9Ma8wQ6LV1X4F9F%2BuvZTFHDmFKqLo%2FoO7a2Icx0Dcbpkv2Cl%2FsxZ1kvV6hWwe2rwjv2xRD8yOd5rQHd7%2BwH8osdxLAA5UjEzdZnwEyWi6xejpr1RYJAWzdalj2OCG4cVJWYy"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78044b751ef99b3d-FRA
expires
Wed, 28 Dec 2022 18:59:40 GMT
831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
assets.ad4m.at/product_image/ Frame 3A51 		193 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=be016755f4073f6b04d872d288b01957%2F7808709755538034677&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580799&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbwpeg143xa8mmj89fyvgj58mfnndy1e7zay2qs44808z1qgsypycm1bfekmwxhaffe71ypbq78g2c47s55a34va1kkgdvxqads9x73r58ym5af3a62p3wbta0376h5pktpt4c7e1qv437gjfp28gkq4bfg3pref8x6fc0pnx9z3ma4rw8jmc55eaakxnr06j693ypqwcyp848b4czcdbsb625zc6318pzr2bzsge2vk9btvzs4p29sme8y5vdveyggmt8zvjdmkr3yx071bash4m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
334920
cf-polished
origFmt=png, origSize=311499
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
197460
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 17:45:43 GMT
server
cloudflare
etag
"3e47fe2e828ecba46fd7e6ae452966ae"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rJtW7d4wPZFGKVK%2FP4OaD4WTEJ0S7GGbRgCDqukapoMP3Gjmxb%2F9J1rHkXRNPekfFcb0AUVaKl5t1ADnoONFjcnoUyJU1073jlvjCXg7jpo4ElHatKb1S3laJWS7MjF8hbG5m2EWH3G0SYq"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78044b751f019b3d-FRA
expires
Wed, 28 Dec 2022 18:59:40 GMT
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame B363 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=e123439b35d898f1c8580f7c1038f13c%2F11001653626940761441&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580803&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kzn04ywzxwswb6jzj9bhbes67fp1taajs6qrd80kgjcpj88ba4bt7rwxb69ctm21zej89dv8j2gra2q8075zp0k3rgk5py56ny6etxsyf9psa4y2j1cnzq56zwbjq5z68k0fg3zw1vvkvdf8pgsaj7zf67gbh049hag0p2cahmym8015zegn4akagxgzjv9590wm985z1rjxq8zyk9j54393ry7wx6ym4psd0xxnfh88chkqa9mns4gjnz81vftjf8kc5300ademsaqksgshkga8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=e123439b35d898f1c8580f7c1038f13c%2F11001653626940761441&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580803&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kzn04ywzxwswb6jzj9bhbes67fp1taajs6qrd80kgjcpj88ba4bt7rwxb69ctm21zej89dv8j2gra2q8075zp0k3rgk5py56ny6etxsyf9psa4y2j1cnzq56zwbjq5z68k0fg3zw1vvkvdf8pgsaj7zf67gbh049hag0p2cahmym8015zegn4akagxgzjv9590wm985z1rjxq8zyk9j54393ry7wx6ym4psd0xxnfh88chkqa9mns4gjnz81vftjf8kc5300ademsaqksgshkga8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
22345
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BlTa3ZYly2ElYVI5IYp3zUekHsNDjSeVDzKWxyjnF1fX39j5rzJdi3Cst9e%2Fym40DOXTbP%2B0iJ8R8jaOZj8X2Mon1%2FeN576C10qXvfx5bKZsuKuNHuxwFbskN0MVjcRyhmlQbv74rns%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
78044b74ea11bbbf-FRA
expires
Tue, 27 Dec 2022 19:59:40 GMT
F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame B363 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=e123439b35d898f1c8580f7c1038f13c%2F11001653626940761441&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580803&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kzn04ywzxwswb6jzj9bhbes67fp1taajs6qrd80kgjcpj88ba4bt7rwxb69ctm21zej89dv8j2gra2q8075zp0k3rgk5py56ny6etxsyf9psa4y2j1cnzq56zwbjq5z68k0fg3zw1vvkvdf8pgsaj7zf67gbh049hag0p2cahmym8015zegn4akagxgzjv9590wm985z1rjxq8zyk9j54393ry7wx6ym4psd0xxnfh88chkqa9mns4gjnz81vftjf8kc5300ademsaqksgshkga8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
608371
cf-polished
origFmt=png, origSize=233620
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
130162
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:10:51 GMT
server
cloudflare
etag
"d1d171dd651522f41a2fc0dba256a546"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlM5znyY6UVCbiKgz1Jo3UnUTYXdxd05jO5FysI4f1xhBv9jsggBKBegoLBxEx%2BgFGUc4XpvG7L5%2Bos%2F7eHzIv6nL9t5QOJrdbk%2BcMlIsVKsSfHTeMo349sJN9RUDlM%2FfDZZLXra2gu%2Bnzym"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78044b74ee9e9b3d-FRA
expires
Wed, 28 Dec 2022 18:59:40 GMT
1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame B363 		461 KB
461 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=e123439b35d898f1c8580f7c1038f13c%2F11001653626940761441&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580803&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kzn04ywzxwswb6jzj9bhbes67fp1taajs6qrd80kgjcpj88ba4bt7rwxb69ctm21zej89dv8j2gra2q8075zp0k3rgk5py56ny6etxsyf9psa4y2j1cnzq56zwbjq5z68k0fg3zw1vvkvdf8pgsaj7zf67gbh049hag0p2cahmym8015zegn4akagxgzjv9590wm985z1rjxq8zyk9j54393ry7wx6ym4psd0xxnfh88chkqa9mns4gjnz81vftjf8kc5300ademsaqksgshkga8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1808427
cf-polished
origFmt=png, origSize=731561
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
471752
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:03:31 GMT
server
cloudflare
etag
"1b69278243c107df5b11186b1f6ca585"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CkRtX22oiMUst1oQ9HdNVcA5WtHtEWVQ80uCWj%2Bpei3knqyOlxgCsKMosGxEwLnSR%2BaytIBwj5bb%2FiakRw3y3U0nwXDW7f33BGQSedmBnSi86avII5oa9D6qG%2FTfrsRRS5sI0VhUDlzdElQ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78044b751f049b3d-FRA
expires
Wed, 28 Dec 2022 18:59:40 GMT
B540011309A7A223CA190FD615D127B7570B1721E653B82E0DAAFC2C259A71C0F7A4F55653D39625199B295853A73F49D4B1D98FEBCF9E844CFCAA1103DBF4F7
assets.ad4m.at/logo/ Frame B363 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B540011309A7A223CA190FD615D127B7570B1721E653B82E0DAAFC2C259A71C0F7A4F55653D39625199B295853A73F49D4B1D98FEBCF9E844CFCAA1103DBF4F7
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=e123439b35d898f1c8580f7c1038f13c%2F11001653626940761441&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580803&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kzn04ywzxwswb6jzj9bhbes67fp1taajs6qrd80kgjcpj88ba4bt7rwxb69ctm21zej89dv8j2gra2q8075zp0k3rgk5py56ny6etxsyf9psa4y2j1cnzq56zwbjq5z68k0fg3zw1vvkvdf8pgsaj7zf67gbh049hag0p2cahmym8015zegn4akagxgzjv9590wm985z1rjxq8zyk9j54393ry7wx6ym4psd0xxnfh88chkqa9mns4gjnz81vftjf8kc5300ademsaqksgshkga8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ee900286c520753f34371eafdc56c97188e32638a97eaaf5e5b60afdb4064f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
515745
cf-polished
origFmt=png, origSize=89638
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
64408
cf-bgj
imgq:85,h2pri
last-modified
Fri, 22 May 2020 12:20:14 GMT
server
cloudflare
etag
"5260549f152cd629e826b547dd714c3a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1HlJEHp4We9PPAMn3YJ15DvVSFeebRZ%2FxIy2CEzyaiLBFFW%2FB2Lp5Ahkiw5NkBjPHbHd7fkQt2PACmbwWIQDlaaMCFTDZM0eGDGUfKNncq2ozN9YAgOKi2rkAeqkXaU8QXlrzGfcVW8HrXNl"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78044b752f259b3d-FRA
expires
Wed, 28 Dec 2022 18:59:41 GMT
C56693D9A1B08B42506D042029986348D3C5B748950763FE678C4ED7115C882C37EE23A3213A99CBF6307528E019DC6BC2DD9649960D0B55F98BB6E5636CA060
assets.ad4m.at/ Frame B363 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/C56693D9A1B08B42506D042029986348D3C5B748950763FE678C4ED7115C882C37EE23A3213A99CBF6307528E019DC6BC2DD9649960D0B55F98BB6E5636CA060
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=e123439b35d898f1c8580f7c1038f13c%2F11001653626940761441&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580803&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kzn04ywzxwswb6jzj9bhbes67fp1taajs6qrd80kgjcpj88ba4bt7rwxb69ctm21zej89dv8j2gra2q8075zp0k3rgk5py56ny6etxsyf9psa4y2j1cnzq56zwbjq5z68k0fg3zw1vvkvdf8pgsaj7zf67gbh049hag0p2cahmym8015zegn4akagxgzjv9590wm985z1rjxq8zyk9j54393ry7wx6ym4psd0xxnfh88chkqa9mns4gjnz81vftjf8kc5300ademsaqksgshkga8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14538419c15807c9a5e7d913afbb17223f76134b8da12b51574a7d13ee4046c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1813520
cf-polished
qual=85, origFmt=jpeg, origSize=68718
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29350
cf-bgj
imgq:85,h2pri
last-modified
Wed, 18 Mar 2020 10:20:14 GMT
server
cloudflare
etag
"3608be436fa33cfe8447c6f429d36a9d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsyzsMS9ERSs1Jf%2BJK%2FtUO0p1%2FeEJBhx8QpcBtTpwug3NdWnJXjnWNFRFmq3TSzEyqsudjA%2F%2B9gFGPZvRcndExHot3kuYuDyjBWVhERr3mnWCfTYwZhkzjZLfKUhmcZ%2BlHIc6zoLKiVNuhzN"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78044b752f289b3d-FRA
expires
Wed, 28 Dec 2022 18:59:41 GMT
32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
assets.ad4m.at/logo/ Frame B363 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=e123439b35d898f1c8580f7c1038f13c%2F11001653626940761441&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580803&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kzn04ywzxwswb6jzj9bhbes67fp1taajs6qrd80kgjcpj88ba4bt7rwxb69ctm21zej89dv8j2gra2q8075zp0k3rgk5py56ny6etxsyf9psa4y2j1cnzq56zwbjq5z68k0fg3zw1vvkvdf8pgsaj7zf67gbh049hag0p2cahmym8015zegn4akagxgzjv9590wm985z1rjxq8zyk9j54393ry7wx6ym4psd0xxnfh88chkqa9mns4gjnz81vftjf8kc5300ademsaqksgshkga8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
509013
cf-polished
origFmt=png, origSize=85233
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54280
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 17:18:26 GMT
server
cloudflare
etag
"0bc184d99872986e7c36d6945f607e59"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7im0Bj14gHWgN1KZiuXbLCTERg1thFyA0%2FCnISKFSuY2Nvo5eBROSVIsN5CBKXiOSk4kr5v%2Bh2Wne%2B7AduO3IsgO8VtczMvzkR%2BRC95RUSE%2B0LyITQsvkoeF1Vnolwuz9%2FwpSqEQBDEuYHbF"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78044b752f2a9b3d-FRA
expires
Wed, 28 Dec 2022 18:59:41 GMT
831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
assets.ad4m.at/product_image/ Frame B363 		193 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=e123439b35d898f1c8580f7c1038f13c%2F11001653626940761441&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580803&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kzn04ywzxwswb6jzj9bhbes67fp1taajs6qrd80kgjcpj88ba4bt7rwxb69ctm21zej89dv8j2gra2q8075zp0k3rgk5py56ny6etxsyf9psa4y2j1cnzq56zwbjq5z68k0fg3zw1vvkvdf8pgsaj7zf67gbh049hag0p2cahmym8015zegn4akagxgzjv9590wm985z1rjxq8zyk9j54393ry7wx6ym4psd0xxnfh88chkqa9mns4gjnz81vftjf8kc5300ademsaqksgshkga8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
334921
cf-polished
origFmt=png, origSize=311499
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
197460
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 17:45:43 GMT
server
cloudflare
etag
"3e47fe2e828ecba46fd7e6ae452966ae"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXmEOTSz2Htk9tq4Zi4yjlHYRBPUR0jRfLV5oJ2BUSqaPylZPiI%2BW56626TokUwobX0t%2BKtBxwWBPQOfi%2FlRVTeN1pY9fBLd%2BxKwrQpwWyE0K%2By%2FD27p%2FaQ9AhotgYzBPGKGdlb2KpLPjJB%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78044b752f2b9b3d-FRA
expires
Wed, 28 Dec 2022 18:59:41 GMT
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 6B09 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=e9975e07edc1a6de0c3e891e03c06524%2F14878494519113093806&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkn691d4n5ghf53eyh1mtqjvsceeeggq6a5520vr02604k5zahvn1qw3rqee440vh88etz6sc9ch2fkpbbm96agn7mwyq50ht3xsqazv4fe42mz5v2sv1rw0j6yncw4dy7nftzw85tmkxpp604g7t8na978wwy4pvaqaekbsqpfjh6f6v96j48phxdnxqnweh7fh7p95yntsfncgmg55vyj268z0kh3v639fgq19xb3h4hz56aw3f1fez7p5ymyser60j1k8nvpndyf2tzhfkv89m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=e9975e07edc1a6de0c3e891e03c06524%2F14878494519113093806&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkn691d4n5ghf53eyh1mtqjvsceeeggq6a5520vr02604k5zahvn1qw3rqee440vh88etz6sc9ch2fkpbbm96agn7mwyq50ht3xsqazv4fe42mz5v2sv1rw0j6yncw4dy7nftzw85tmkxpp604g7t8na978wwy4pvaqaekbsqpfjh6f6v96j48phxdnxqnweh7fh7p95yntsfncgmg55vyj268z0kh3v639fgq19xb3h4hz56aw3f1fez7p5ymyser60j1k8nvpndyf2tzhfkv89m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
22345
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BjNX3WfAEmoCo1jRvaL16zSkArU4iZJ9qOdZbZ11hOuodZf8JKwCl7nVi53viniYTLefpMLhvve3otqi3%2FgCnmdkJ85lmB9Kig3xeRWhqkwk5nfT1R3Xz6kuYIWfR6NpNclO0ZiLHqo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
78044b74fa23bbbf-FRA
expires
Tue, 27 Dec 2022 19:59:40 GMT
F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 6B09 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=e9975e07edc1a6de0c3e891e03c06524%2F14878494519113093806&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkn691d4n5ghf53eyh1mtqjvsceeeggq6a5520vr02604k5zahvn1qw3rqee440vh88etz6sc9ch2fkpbbm96agn7mwyq50ht3xsqazv4fe42mz5v2sv1rw0j6yncw4dy7nftzw85tmkxpp604g7t8na978wwy4pvaqaekbsqpfjh6f6v96j48phxdnxqnweh7fh7p95yntsfncgmg55vyj268z0kh3v639fgq19xb3h4hz56aw3f1fez7p5ymyser60j1k8nvpndyf2tzhfkv89m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
608371
cf-polished
origFmt=png, origSize=233620
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
130162
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:10:51 GMT
server
cloudflare
etag
"d1d171dd651522f41a2fc0dba256a546"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHUvCPMGQgNAN2WvwF0wgzwCTDfD%2BCOLMBbqzizHn3JvpOr8PmKpfFsyaH%2BjQHipKSGSBrWQqtA%2FzPPqbnm1jl4gz%2FeF%2FwNwJk505DUTRQ5lUuA0f%2ByKPv%2F1ePiLI%2FXiFQlHYnGljzlZ1Est"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78044b74fea99b3d-FRA
expires
Wed, 28 Dec 2022 18:59:40 GMT
1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 6B09 		461 KB
462 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=e9975e07edc1a6de0c3e891e03c06524%2F14878494519113093806&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkn691d4n5ghf53eyh1mtqjvsceeeggq6a5520vr02604k5zahvn1qw3rqee440vh88etz6sc9ch2fkpbbm96agn7mwyq50ht3xsqazv4fe42mz5v2sv1rw0j6yncw4dy7nftzw85tmkxpp604g7t8na978wwy4pvaqaekbsqpfjh6f6v96j48phxdnxqnweh7fh7p95yntsfncgmg55vyj268z0kh3v639fgq19xb3h4hz56aw3f1fez7p5ymyser60j1k8nvpndyf2tzhfkv89m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1808428
cf-polished
origFmt=png, origSize=731561
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
471752
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:03:31 GMT
server
cloudflare
etag
"1b69278243c107df5b11186b1f6ca585"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5ASdA9jk778%2BoofrNY4IqbJMzJcEpE5iGY5WXxkmfZ%2FHLUuAMU4490HUnbfpL0OpUt%2Bw6T%2BzLKnuAToTSsPpT4ZeiZ2d5071eibDI2PGhThQnLpw6TCjeOjnUqmlKADHbQhCqJC68YWsvEi"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78044b752f2c9b3d-FRA
expires
Wed, 28 Dec 2022 18:59:41 GMT
B540011309A7A223CA190FD615D127B7570B1721E653B82E0DAAFC2C259A71C0F7A4F55653D39625199B295853A73F49D4B1D98FEBCF9E844CFCAA1103DBF4F7
assets.ad4m.at/logo/ Frame 6B09 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B540011309A7A223CA190FD615D127B7570B1721E653B82E0DAAFC2C259A71C0F7A4F55653D39625199B295853A73F49D4B1D98FEBCF9E844CFCAA1103DBF4F7
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=e9975e07edc1a6de0c3e891e03c06524%2F14878494519113093806&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkn691d4n5ghf53eyh1mtqjvsceeeggq6a5520vr02604k5zahvn1qw3rqee440vh88etz6sc9ch2fkpbbm96agn7mwyq50ht3xsqazv4fe42mz5v2sv1rw0j6yncw4dy7nftzw85tmkxpp604g7t8na978wwy4pvaqaekbsqpfjh6f6v96j48phxdnxqnweh7fh7p95yntsfncgmg55vyj268z0kh3v639fgq19xb3h4hz56aw3f1fez7p5ymyser60j1k8nvpndyf2tzhfkv89m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ee900286c520753f34371eafdc56c97188e32638a97eaaf5e5b60afdb4064f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
515745
cf-polished
origFmt=png, origSize=89638
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
64408
cf-bgj
imgq:85,h2pri
last-modified
Fri, 22 May 2020 12:20:14 GMT
server
cloudflare
etag
"5260549f152cd629e826b547dd714c3a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbswE%2BxA4xG6ROLSjaq7tBVfAuFdv7UdjNmqvjZpn5copGsQiiBfV2LZWahjqbwz%2Bxt2%2FHozXozcu%2BM4O3aHB9mGdL67BcK2A%2BFSYZCeCBVmewarjIph1MU2BE1%2FYCiHQNoPoiu0Oqcq3ZEB"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78044b752f2f9b3d-FRA
expires
Wed, 28 Dec 2022 18:59:41 GMT
C56693D9A1B08B42506D042029986348D3C5B748950763FE678C4ED7115C882C37EE23A3213A99CBF6307528E019DC6BC2DD9649960D0B55F98BB6E5636CA060
assets.ad4m.at/ Frame 6B09 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/C56693D9A1B08B42506D042029986348D3C5B748950763FE678C4ED7115C882C37EE23A3213A99CBF6307528E019DC6BC2DD9649960D0B55F98BB6E5636CA060
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=e9975e07edc1a6de0c3e891e03c06524%2F14878494519113093806&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkn691d4n5ghf53eyh1mtqjvsceeeggq6a5520vr02604k5zahvn1qw3rqee440vh88etz6sc9ch2fkpbbm96agn7mwyq50ht3xsqazv4fe42mz5v2sv1rw0j6yncw4dy7nftzw85tmkxpp604g7t8na978wwy4pvaqaekbsqpfjh6f6v96j48phxdnxqnweh7fh7p95yntsfncgmg55vyj268z0kh3v639fgq19xb3h4hz56aw3f1fez7p5ymyser60j1k8nvpndyf2tzhfkv89m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14538419c15807c9a5e7d913afbb17223f76134b8da12b51574a7d13ee4046c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1813520
cf-polished
qual=85, origFmt=jpeg, origSize=68718
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29350
cf-bgj
imgq:85,h2pri
last-modified
Wed, 18 Mar 2020 10:20:14 GMT
server
cloudflare
etag
"3608be436fa33cfe8447c6f429d36a9d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iga49hndukojUGNNEtYa1p%2Fl7HdNz9yq34Rp79mFRNxlf%2Fu%2FcDG9PSAZT1PEkIrG1p1xlZJfipmxZBkwHW7nKr0VqrpIOAt4z%2FgerWIIRA0PEZsKh7zu5H%2FVkxGopOZkH1jUJqTuEPHLk298"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78044b752f319b3d-FRA
expires
Wed, 28 Dec 2022 18:59:41 GMT
32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
assets.ad4m.at/logo/ Frame 6B09 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=e9975e07edc1a6de0c3e891e03c06524%2F14878494519113093806&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkn691d4n5ghf53eyh1mtqjvsceeeggq6a5520vr02604k5zahvn1qw3rqee440vh88etz6sc9ch2fkpbbm96agn7mwyq50ht3xsqazv4fe42mz5v2sv1rw0j6yncw4dy7nftzw85tmkxpp604g7t8na978wwy4pvaqaekbsqpfjh6f6v96j48phxdnxqnweh7fh7p95yntsfncgmg55vyj268z0kh3v639fgq19xb3h4hz56aw3f1fez7p5ymyser60j1k8nvpndyf2tzhfkv89m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
509013
cf-polished
origFmt=png, origSize=85233
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54280
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 17:18:26 GMT
server
cloudflare
etag
"0bc184d99872986e7c36d6945f607e59"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQ6bzQe4Pow2b%2BJ2Y0r7c%2B7QGZPc2j7bGJSBixCZi1nc%2FAjCt9fhla7BtuaZCJiEJhhcbNx1j4Sn%2BI2w%2BPONfLNRG2JAe80PGJQ46y7enoE9bdDKcxjQwNpJ2dqLTb2%2Bp3sidevvQWhBlPwM"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78044b752f349b3d-FRA
expires
Wed, 28 Dec 2022 18:59:41 GMT
831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
assets.ad4m.at/product_image/ Frame 6B09 		193 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=e9975e07edc1a6de0c3e891e03c06524%2F14878494519113093806&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkn691d4n5ghf53eyh1mtqjvsceeeggq6a5520vr02604k5zahvn1qw3rqee440vh88etz6sc9ch2fkpbbm96agn7mwyq50ht3xsqazv4fe42mz5v2sv1rw0j6yncw4dy7nftzw85tmkxpp604g7t8na978wwy4pvaqaekbsqpfjh6f6v96j48phxdnxqnweh7fh7p95yntsfncgmg55vyj268z0kh3v639fgq19xb3h4hz56aw3f1fez7p5ymyser60j1k8nvpndyf2tzhfkv89m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
334921
cf-polished
origFmt=png, origSize=311499
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
197460
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 17:45:43 GMT
server
cloudflare
etag
"3e47fe2e828ecba46fd7e6ae452966ae"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNMOiBHkZ5pdW6lN8fVZGY0YYZMQc%2BjblTbYWwpCrOWZUNlpSvp7Cp%2BhjEAJ%2BjBJ6KpdXvtpgi%2BsmvBU%2FMi9dVoxvsGxTN9XKxypktOOmEv9MATE9QlbTM2en1f%2BTGhkbrDIEabYs3bOWlrj"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78044b752f379b3d-FRA
expires
Wed, 28 Dec 2022 18:59:41 GMT
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 3C93 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=2373b441359b7defc04bee61fdbd72fb%2F1234430002439753742&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kywn7502ds0r2s1phjpa7dbyjyrg05n2qv9ez8ejvv41t6zjvq3grhge22xpd9vdfbvp6qnv0np2wb35e557hy1dnd698nghcqbvjb4adg8s2pmbccj4nhah6qtyyavb814s8d3yfa0n7ca29rvh8pgszr51s1y812qt223nr1bzvm0be656bmzarpp16dx0xh9fcfd2ye3s7p0ptpws5jgzqrgcxb7hydyft1fgjt3sbw2a14xayd45geq0nkwsgg3xwgs9jtzqfnrkr3mcshnt4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=2373b441359b7defc04bee61fdbd72fb%2F1234430002439753742&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kywn7502ds0r2s1phjpa7dbyjyrg05n2qv9ez8ejvv41t6zjvq3grhge22xpd9vdfbvp6qnv0np2wb35e557hy1dnd698nghcqbvjb4adg8s2pmbccj4nhah6qtyyavb814s8d3yfa0n7ca29rvh8pgszr51s1y812qt223nr1bzvm0be656bmzarpp16dx0xh9fcfd2ye3s7p0ptpws5jgzqrgcxb7hydyft1fgjt3sbw2a14xayd45geq0nkwsgg3xwgs9jtzqfnrkr3mcshnt4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
22345
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qn8DmceIs0HIZ4qdIW6k%2F6I6IkEVGgoTD6dEaopZBou%2B%2BK%2BwbcTLNrAygiypZ%2Fq%2FsMPXWINxZPij66h6fQKJlMhTFAo5VNfaAg33GHC06sjA%2BOVpJDfpycO9uKrmFEqm7s1PY1kqrT4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
78044b74fa36bbbf-FRA
expires
Tue, 27 Dec 2022 19:59:40 GMT
F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 3C93 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=2373b441359b7defc04bee61fdbd72fb%2F1234430002439753742&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kywn7502ds0r2s1phjpa7dbyjyrg05n2qv9ez8ejvv41t6zjvq3grhge22xpd9vdfbvp6qnv0np2wb35e557hy1dnd698nghcqbvjb4adg8s2pmbccj4nhah6qtyyavb814s8d3yfa0n7ca29rvh8pgszr51s1y812qt223nr1bzvm0be656bmzarpp16dx0xh9fcfd2ye3s7p0ptpws5jgzqrgcxb7hydyft1fgjt3sbw2a14xayd45geq0nkwsgg3xwgs9jtzqfnrkr3mcshnt4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
608371
cf-polished
origFmt=png, origSize=233620
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
130162
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:10:51 GMT
server
cloudflare
etag
"d1d171dd651522f41a2fc0dba256a546"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjDPWm1Tv1YQQ%2FVjcmGkQtqa5c7lvxrp1Te8j6AgmvnpuY0vITkcTZRcYTvw%2FfmFGEOCXHCSPUDKPWIgdlfIQ%2FYKH3WqRqpT7RtBgORitBlG%2FB3s9J4tXBamhNQiqFPp%2BwC2nnTukGztei9W"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78044b74feb49b3d-FRA
expires
Wed, 28 Dec 2022 18:59:40 GMT
1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 3C93 		461 KB
462 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=2373b441359b7defc04bee61fdbd72fb%2F1234430002439753742&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kywn7502ds0r2s1phjpa7dbyjyrg05n2qv9ez8ejvv41t6zjvq3grhge22xpd9vdfbvp6qnv0np2wb35e557hy1dnd698nghcqbvjb4adg8s2pmbccj4nhah6qtyyavb814s8d3yfa0n7ca29rvh8pgszr51s1y812qt223nr1bzvm0be656bmzarpp16dx0xh9fcfd2ye3s7p0ptpws5jgzqrgcxb7hydyft1fgjt3sbw2a14xayd45geq0nkwsgg3xwgs9jtzqfnrkr3mcshnt4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1808428
cf-polished
origFmt=png, origSize=731561
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
471752
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:03:31 GMT
server
cloudflare
etag
"1b69278243c107df5b11186b1f6ca585"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNL%2BdR%2Bl1rBhIpy%2FRXuI2LLHMdf%2FcupcIf82D%2Fr51%2Fq9onsA6WHp5W5dtxF0rW3CgMdCQlR52kGUz0Sd6c%2FmyG8iCfSHR2snNEUsc%2FL3oeRjGlXmljLZwM3VpjHeEPXpx4KtBImhEEhanFkb"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78044b752f399b3d-FRA
expires
Wed, 28 Dec 2022 18:59:41 GMT
B540011309A7A223CA190FD615D127B7570B1721E653B82E0DAAFC2C259A71C0F7A4F55653D39625199B295853A73F49D4B1D98FEBCF9E844CFCAA1103DBF4F7
assets.ad4m.at/logo/ Frame 3C93 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B540011309A7A223CA190FD615D127B7570B1721E653B82E0DAAFC2C259A71C0F7A4F55653D39625199B295853A73F49D4B1D98FEBCF9E844CFCAA1103DBF4F7
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=2373b441359b7defc04bee61fdbd72fb%2F1234430002439753742&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kywn7502ds0r2s1phjpa7dbyjyrg05n2qv9ez8ejvv41t6zjvq3grhge22xpd9vdfbvp6qnv0np2wb35e557hy1dnd698nghcqbvjb4adg8s2pmbccj4nhah6qtyyavb814s8d3yfa0n7ca29rvh8pgszr51s1y812qt223nr1bzvm0be656bmzarpp16dx0xh9fcfd2ye3s7p0ptpws5jgzqrgcxb7hydyft1fgjt3sbw2a14xayd45geq0nkwsgg3xwgs9jtzqfnrkr3mcshnt4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ee900286c520753f34371eafdc56c97188e32638a97eaaf5e5b60afdb4064f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
515745
cf-polished
origFmt=png, origSize=89638
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
64408
cf-bgj
imgq:85,h2pri
last-modified
Fri, 22 May 2020 12:20:14 GMT
server
cloudflare
etag
"5260549f152cd629e826b547dd714c3a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=366sRVGfGBAXZLyCrxKg21kRf6lzjZMLTTSVBUXMOvNzipWPoFmf5NEjkLz%2FAjtYJy9c5SeRifnAP1EweTY4O8izR5wVycTyN8bX8wv%2B%2BHuC6jjicebz0bMTOl%2FWG%2BRLs7G0w3krV%2FFUKfk4"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78044b752f3b9b3d-FRA
expires
Wed, 28 Dec 2022 18:59:41 GMT
C56693D9A1B08B42506D042029986348D3C5B748950763FE678C4ED7115C882C37EE23A3213A99CBF6307528E019DC6BC2DD9649960D0B55F98BB6E5636CA060
assets.ad4m.at/ Frame 3C93 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/C56693D9A1B08B42506D042029986348D3C5B748950763FE678C4ED7115C882C37EE23A3213A99CBF6307528E019DC6BC2DD9649960D0B55F98BB6E5636CA060
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=2373b441359b7defc04bee61fdbd72fb%2F1234430002439753742&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kywn7502ds0r2s1phjpa7dbyjyrg05n2qv9ez8ejvv41t6zjvq3grhge22xpd9vdfbvp6qnv0np2wb35e557hy1dnd698nghcqbvjb4adg8s2pmbccj4nhah6qtyyavb814s8d3yfa0n7ca29rvh8pgszr51s1y812qt223nr1bzvm0be656bmzarpp16dx0xh9fcfd2ye3s7p0ptpws5jgzqrgcxb7hydyft1fgjt3sbw2a14xayd45geq0nkwsgg3xwgs9jtzqfnrkr3mcshnt4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14538419c15807c9a5e7d913afbb17223f76134b8da12b51574a7d13ee4046c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1813520
cf-polished
qual=85, origFmt=jpeg, origSize=68718
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29350
cf-bgj
imgq:85,h2pri
last-modified
Wed, 18 Mar 2020 10:20:14 GMT
server
cloudflare
etag
"3608be436fa33cfe8447c6f429d36a9d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KqWFfQ7EECz%2B%2FAGi1h1h00JHrKKKYdTamPkoUnwOpngmSwfv%2BoHVpKg%2BnxOtO%2F2Uy5NweGNApZBejAWlQk8AkPhgD4CO8XMn7lzOrUovotU%2B68uZfzkhPPmEmc%2B6cQHUHlCh2VgITbGHIpe7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78044b752f3e9b3d-FRA
expires
Wed, 28 Dec 2022 18:59:41 GMT
32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
assets.ad4m.at/logo/ Frame 3C93 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=2373b441359b7defc04bee61fdbd72fb%2F1234430002439753742&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kywn7502ds0r2s1phjpa7dbyjyrg05n2qv9ez8ejvv41t6zjvq3grhge22xpd9vdfbvp6qnv0np2wb35e557hy1dnd698nghcqbvjb4adg8s2pmbccj4nhah6qtyyavb814s8d3yfa0n7ca29rvh8pgszr51s1y812qt223nr1bzvm0be656bmzarpp16dx0xh9fcfd2ye3s7p0ptpws5jgzqrgcxb7hydyft1fgjt3sbw2a14xayd45geq0nkwsgg3xwgs9jtzqfnrkr3mcshnt4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
509013
cf-polished
origFmt=png, origSize=85233
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54280
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 17:18:26 GMT
server
cloudflare
etag
"0bc184d99872986e7c36d6945f607e59"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WoXGupXNvHa%2FSCIPrkyN%2B5knajnD3DpWm1JUVtx31I1Nb7i%2FTDefV35WDrMWEvO136atjx2ec%2FXWTnVdS2Ek%2Fm7%2Bmz4wQINhSlyK653utPoN%2BRtjgGag6Fev4L%2FLRXG1YswM0EvcF0PA9%2BEa"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78044b752f419b3d-FRA
expires
Wed, 28 Dec 2022 18:59:41 GMT
831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
assets.ad4m.at/product_image/ Frame 3C93 		193 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=2373b441359b7defc04bee61fdbd72fb%2F1234430002439753742&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kywn7502ds0r2s1phjpa7dbyjyrg05n2qv9ez8ejvv41t6zjvq3grhge22xpd9vdfbvp6qnv0np2wb35e557hy1dnd698nghcqbvjb4adg8s2pmbccj4nhah6qtyyavb814s8d3yfa0n7ca29rvh8pgszr51s1y812qt223nr1bzvm0be656bmzarpp16dx0xh9fcfd2ye3s7p0ptpws5jgzqrgcxb7hydyft1fgjt3sbw2a14xayd45geq0nkwsgg3xwgs9jtzqfnrkr3mcshnt4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
334921
cf-polished
origFmt=png, origSize=311499
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
197460
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 17:45:43 GMT
server
cloudflare
etag
"3e47fe2e828ecba46fd7e6ae452966ae"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7XmcMsfP7lOtP2KtiL3H5cAVhLugj03jQ%2FgP1LgkfWcN0aiMBBbgWiaX2WNkDpgCXtMnpS44tyjImwd3k241KHUjmI8gn6MDUZiwvhTMchfc1Y0Mh0%2BVaZfpL5reNstHQx4Fszyqft%2FSDaQ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78044b752f429b3d-FRA
expires
Wed, 28 Dec 2022 18:59:41 GMT
7296e22ca20ac6472628647a52a912af.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/ Frame 6A1B 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/7296e22ca20ac6472628647a52a912af.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6847a453292f6db177d022b32b68ec91da611dd1bc18c6e33d26ed726339bc60
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 23 Dec 2022 15:18:04 GMT
x-content-type-options
nosniff
age
358896
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8880
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 23 Dec 2023 15:18:04 GMT
0eeebe2aab7fa2fb99c2a447383fb9a6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/ Frame 6A1B 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/0eeebe2aab7fa2fb99c2a447383fb9a6.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a842670e0c9a10d0c42dc6de87889c6b9de065232e6bf125d5ca43a163f6d9fd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 23 Dec 2022 14:44:18 GMT
x-content-type-options
nosniff
age
360922
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9647
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 23 Dec 2023 14:44:18 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame 6A1B 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:48:10 GMT
x-content-type-options
nosniff
age
339090
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18688
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 20:48:10 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame 6A1B 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 17:51:19 GMT
x-content-type-options
nosniff
age
90501
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Dec 2023 17:51:19 GMT
Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame 6A1B 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09591867279cfa308e6366b2d6be5033904ef3de3c86b6f89cbe47e3022b7d99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 12:05:31 GMT
x-content-type-options
nosniff
age
370449
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20496
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 12:05:31 GMT
vast2
tag.targeting.unrulymedia.com/rmp/239912/0/ Frame 82C0 		168 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/239912/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https://jalantikus.com/tips/download-youtube-premium-apk/&w=640&h=480
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
pragma
no-cache
date
Tue, 27 Dec 2022 18:59:41 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
content-type
application/xml
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		43 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=9d09ddc0-8618-11ed-b075-2f2775135070&ea=video.begin&vk=gs-396708-jalantikus.com%7CSimplePlayer-sub0&pp=300%2C168.75%2C1300%2C899.25&bp=1600%2C1200&wp=1600%2C11233%2C0%2C0&pgu=https%253A%252F%252Fjalantikus.com%252Ftips%252Fdownload-youtube-premium-apk%252F&pgt=YouTube%20Premium%20MOD%20APK%2017.45.34%20Premium%20Unlocked%202022%20%7C%20JalanTikus&sid=glia-id_jalantikus_desktop_simple&sk=id_jalantikus_desktop&si=id_jalantikus_desktop_simple&sa=id_jalantikus&pt=SimplePlayer&pv=0.3.97&ab=0&ta=0&cb=8908413945153502
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame DAF3 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 09:30:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Dec 2023 09:30:51 GMT
link.html
track.webgains.com/ Frame 3A51 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h106r0h55qahw8kgm3yrjm1dsw1zk9bgbw7megwad84bjh7x99m4qv9syatmjtm8j9v9b01y4tmwr3qrjz0vsy5yj8q0g0r5awwawp8rz7mth0sfbfj5zc9kzrbvzh9jqgm74p1119twbpvedq2shz6rf42wmt24st8emda159tpr6a2qdbf8sybt5q6gm2p06gph6y0tmdw1cpjdc2j7xxv1vspvsxcb4tzr6qgm9b9kwz3syg1f4bpvdj56a34c7g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbwpeg143xa8mmj89fyvgj58mfnndy1e7zay2qs44808z1qgsypycm1bfekmwxhaffe71ypbq78g2c47s55a34va1kkgdvxqads9x73r58ym5af3a62p3wbta0376h5pktpt4c7e1qv437gjfp28gkq4bfg3pref8x6fc0pnx9z3ma4rw8jmc55eaakxnr06j693ypqwcyp848b4czcdbsb625zc6318pzr2bzsge2vk9btvzs4p29sme8y5vdveyggmt8zvjdmkr3yx071bash4m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=be016755f4073f6b04d872d288b01957%2F7808709755538034677&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580799&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbwpeg143xa8mmj89fyvgj58mfnndy1e7zay2qs44808z1qgsypycm1bfekmwxhaffe71ypbq78g2c47s55a34va1kkgdvxqads9x73r58ym5af3a62p3wbta0376h5pktpt4c7e1qv437gjfp28gkq4bfg3pref8x6fc0pnx9z3ma4rw8jmc55eaakxnr06j693ypqwcyp848b4czcdbsb625zc6318pzr2bzsge2vk9btvzs4p29sme8y5vdveyggmt8zvjdmkr3yx071bash4m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.53.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
0a7c7b3284bb11fa85851360bfddd57ea13afcb6ea4fe6707b884849e051596a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
last-modified
Tue, 27 Dec 2022 18:59:41 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 27 Dec 2022 19:00:41 GMT
link.html
track.webgains.com/ Frame 3A51 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2611455&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gq2cvv0qsrgz60q5w9zk1n0qy1jqkwd3wdqyphfhgadmgxx31et1ezycs1yx6q1mnggpcbv8c5zfkzy2ates0rnp3xwj0d07gb8m2bdd2ry0g1wbmw1a6sdmatc6z9xdyy5ecqknwxq7fd1hhhsx5266d72z9vfkgvm5dzvbcjg197hmcttn4wyegw5r31v3s96w4vyacq98q9cw7ggvnas3k3ttkjsxxhtfpvsj86qqeqj3rqhkv39vjfqqnch0g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbwpeg143xa8mmj89fyvgj58mfnndy1e7zay2qs44808z1qgsypycm1bfekmwxhaffe71ypbq78g2c47s55a34va1kkgdvxqads9x73r58ym5af3a62p3wbta0376h5pktpt4c7e1qv437gjfp28gkq4bfg3pref8x6fc0pnx9z3ma4rw8jmc55eaakxnr06j693ypqwcyp848b4czcdbsb625zc6318pzr2bzsge2vk9btvzs4p29sme8y5vdveyggmt8zvjdmkr3yx071bash4m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4woneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneid1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqVoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=be016755f4073f6b04d872d288b01957%2F7808709755538034677&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580799&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbwpeg143xa8mmj89fyvgj58mfnndy1e7zay2qs44808z1qgsypycm1bfekmwxhaffe71ypbq78g2c47s55a34va1kkgdvxqads9x73r58ym5af3a62p3wbta0376h5pktpt4c7e1qv437gjfp28gkq4bfg3pref8x6fc0pnx9z3ma4rw8jmc55eaakxnr06j693ypqwcyp848b4czcdbsb625zc6318pzr2bzsge2vk9btvzs4p29sme8y5vdveyggmt8zvjdmkr3yx071bash4m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.53.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
cc3b3b02fc8f8feba02382016f1982a7bb5f7ea5172b8a93db71a152b58ecc24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
last-modified
Tue, 27 Dec 2022 18:59:41 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 27 Dec 2022 19:00:41 GMT
link.html
track.webgains.com/ Frame 3A51 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kw3gwhgj124ja9eb5hktt6cany82ct2xfq377e4gbfqh8arh6qt2kjyayt38gtgp4b6e74fpq3aeg9jxaqz6kce9jhfwn731gdpktc220dvmpxtd0fs89dcxgrrc2mbxavahf04spmjcjcws7x1qxvyjtsds30jp0n42vp88f2fdb5wa8dsy7c2azccfx46rcyj0qtpfb2waypmqwrzgd20y03c8czfbqyh0g4r9tvd3zaqhnxh6ge1ypyb7yxvqz2p8%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbwpeg143xa8mmj89fyvgj58mfnndy1e7zay2qs44808z1qgsypycm1bfekmwxhaffe71ypbq78g2c47s55a34va1kkgdvxqads9x73r58ym5af3a62p3wbta0376h5pktpt4c7e1qv437gjfp28gkq4bfg3pref8x6fc0pnx9z3ma4rw8jmc55eaakxnr06j693ypqwcyp848b4czcdbsb625zc6318pzr2bzsge2vk9btvzs4p29sme8y5vdveyggmt8zvjdmkr3yx071bash4m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=be016755f4073f6b04d872d288b01957%2F7808709755538034677&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580799&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbwpeg143xa8mmj89fyvgj58mfnndy1e7zay2qs44808z1qgsypycm1bfekmwxhaffe71ypbq78g2c47s55a34va1kkgdvxqads9x73r58ym5af3a62p3wbta0376h5pktpt4c7e1qv437gjfp28gkq4bfg3pref8x6fc0pnx9z3ma4rw8jmc55eaakxnr06j693ypqwcyp848b4czcdbsb625zc6318pzr2bzsge2vk9btvzs4p29sme8y5vdveyggmt8zvjdmkr3yx071bash4m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.53.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
f7b085fd5522691004b76008420efaf41f9119c11cf85a1d93f442d2da219270

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
last-modified
Tue, 27 Dec 2022 18:59:41 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 27 Dec 2022 19:00:41 GMT
link.html
track.webgains.com/ Frame B363 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hxtxk204ye5z87gz3c28zcznbypx9pxr95fe54g3c8qwhjfa4kra37k2hjpg6ek1q45bp7v1x7cs4jt0f6fhaca4m265wcvywj83cxj7y4pwn9hyx4z60mrra26xq3ztk83t2d8q214c0e07kx8qgdw64gjxhgk8wwkjz8zx9y7cssss701xfpcs2kcsde2qmyr1zb1v3vs7mz0e8s985adzq75nbte3w5x1ef8y9hfdrkwk84stx9y76vngznhpftp0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kzn04ywzxwswb6jzj9bhbes67fp1taajs6qrd80kgjcpj88ba4bt7rwxb69ctm21zej89dv8j2gra2q8075zp0k3rgk5py56ny6etxsyf9psa4y2j1cnzq56zwbjq5z68k0fg3zw1vvkvdf8pgsaj7zf67gbh049hag0p2cahmym8015zegn4akagxgzjv9590wm985z1rjxq8zyk9j54393ry7wx6ym4psd0xxnfh88chkqa9mns4gjnz81vftjf8kc5300ademsaqksgshkga8g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=e123439b35d898f1c8580f7c1038f13c%2F11001653626940761441&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580803&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kzn04ywzxwswb6jzj9bhbes67fp1taajs6qrd80kgjcpj88ba4bt7rwxb69ctm21zej89dv8j2gra2q8075zp0k3rgk5py56ny6etxsyf9psa4y2j1cnzq56zwbjq5z68k0fg3zw1vvkvdf8pgsaj7zf67gbh049hag0p2cahmym8015zegn4akagxgzjv9590wm985z1rjxq8zyk9j54393ry7wx6ym4psd0xxnfh88chkqa9mns4gjnz81vftjf8kc5300ademsaqksgshkga8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.53.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
1dd73524c37e1d795d6ca082cd31dfcc8898e547bd3a51433495ff05cb4385c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
last-modified
Tue, 27 Dec 2022 18:59:41 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 27 Dec 2022 19:00:41 GMT
link.html
track.webgains.com/ Frame 6B09 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g4cnm4xb1whxd0cgpgy8zwmxk1ytc8ymgft7qznxw6wf8dyy5dxbk0a77kej7cmaxhs7r5a6kfbymv259jsqkkf05nprph5b7wet8phmydz9mxwqq2zvtyd6mqpkp1e2b9q3e0e7svke1gakk05nkk1w46etaemgf6sj4mczc3k1k627qca59mzcy292g6hg1ecdzpcsj2xq4p6bagk0khzq2nr6q9emgtecktzsrqravjqvnesjahepyqwjag6fb176%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hkn691d4n5ghf53eyh1mtqjvsceeeggq6a5520vr02604k5zahvn1qw3rqee440vh88etz6sc9ch2fkpbbm96agn7mwyq50ht3xsqazv4fe42mz5v2sv1rw0j6yncw4dy7nftzw85tmkxpp604g7t8na978wwy4pvaqaekbsqpfjh6f6v96j48phxdnxqnweh7fh7p95yntsfncgmg55vyj268z0kh3v639fgq19xb3h4hz56aw3f1fez7p5ymyser60j1k8nvpndyf2tzhfkv89m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=e9975e07edc1a6de0c3e891e03c06524%2F14878494519113093806&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkn691d4n5ghf53eyh1mtqjvsceeeggq6a5520vr02604k5zahvn1qw3rqee440vh88etz6sc9ch2fkpbbm96agn7mwyq50ht3xsqazv4fe42mz5v2sv1rw0j6yncw4dy7nftzw85tmkxpp604g7t8na978wwy4pvaqaekbsqpfjh6f6v96j48phxdnxqnweh7fh7p95yntsfncgmg55vyj268z0kh3v639fgq19xb3h4hz56aw3f1fez7p5ymyser60j1k8nvpndyf2tzhfkv89m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.53.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
13a25e2a43cfd675df7e97b50ee7feab72bf3598ad14ded80436e7da2a86772d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
last-modified
Tue, 27 Dec 2022 18:59:41 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 27 Dec 2022 19:00:41 GMT
link.html
track.webgains.com/ Frame B363 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2611455&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kzcnm9zjxg5v0cfakfpkj6xepwv45yb72a1b5b79vqy6z2bbn0149qaajmb1rgajytn1qpvkrfd248nga95xnht20rvmqqymk1echkhj321sez09h0ma5f5xs9qj3hka5pz269gs83fa6fz13xt3ctck568c6y9xzt9na3f1183wytcsgkny97hjv3m4j8g8p25vbmg7mvd853646wrs2npd85abrm8hwq97eh0xx01m2dkjynkgt26gbxv4q8t9hng%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kzn04ywzxwswb6jzj9bhbes67fp1taajs6qrd80kgjcpj88ba4bt7rwxb69ctm21zej89dv8j2gra2q8075zp0k3rgk5py56ny6etxsyf9psa4y2j1cnzq56zwbjq5z68k0fg3zw1vvkvdf8pgsaj7zf67gbh049hag0p2cahmym8015zegn4akagxgzjv9590wm985z1rjxq8zyk9j54393ry7wx6ym4psd0xxnfh88chkqa9mns4gjnz81vftjf8kc5300ademsaqksgshkga8g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4woneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneid1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqVoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=e123439b35d898f1c8580f7c1038f13c%2F11001653626940761441&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580803&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kzn04ywzxwswb6jzj9bhbes67fp1taajs6qrd80kgjcpj88ba4bt7rwxb69ctm21zej89dv8j2gra2q8075zp0k3rgk5py56ny6etxsyf9psa4y2j1cnzq56zwbjq5z68k0fg3zw1vvkvdf8pgsaj7zf67gbh049hag0p2cahmym8015zegn4akagxgzjv9590wm985z1rjxq8zyk9j54393ry7wx6ym4psd0xxnfh88chkqa9mns4gjnz81vftjf8kc5300ademsaqksgshkga8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.53.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
739388d5ca07a9c13da9c8aa176cb05bf7b2dead384c4c1fa732646de122a046

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
last-modified
Tue, 27 Dec 2022 18:59:41 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 27 Dec 2022 19:00:41 GMT
link.html
track.webgains.com/ Frame B363 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jnfpse52aqbdmbf1av1f2t9fmcmtke8172mmma3hdxfn2svp89qzhfambqz0sr1d0qaatqcba9rxpjvhgxbzeyg5cwkcs9sp6y9wqemtsnna42kdx2b8mdmnay24r98a54sn89j85ba802nfn7hj4a8arx8ynepyt47nqay13ykp8dmqhc4f6ktzhf8eexvst13q8xnwgfknef7b2s506cfht62h7c00w8xx2jxtvcmanx1s8xv8tvdzzq3tjcz3kx7j0r%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kzn04ywzxwswb6jzj9bhbes67fp1taajs6qrd80kgjcpj88ba4bt7rwxb69ctm21zej89dv8j2gra2q8075zp0k3rgk5py56ny6etxsyf9psa4y2j1cnzq56zwbjq5z68k0fg3zw1vvkvdf8pgsaj7zf67gbh049hag0p2cahmym8015zegn4akagxgzjv9590wm985z1rjxq8zyk9j54393ry7wx6ym4psd0xxnfh88chkqa9mns4gjnz81vftjf8kc5300ademsaqksgshkga8g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=e123439b35d898f1c8580f7c1038f13c%2F11001653626940761441&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580803&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kzn04ywzxwswb6jzj9bhbes67fp1taajs6qrd80kgjcpj88ba4bt7rwxb69ctm21zej89dv8j2gra2q8075zp0k3rgk5py56ny6etxsyf9psa4y2j1cnzq56zwbjq5z68k0fg3zw1vvkvdf8pgsaj7zf67gbh049hag0p2cahmym8015zegn4akagxgzjv9590wm985z1rjxq8zyk9j54393ry7wx6ym4psd0xxnfh88chkqa9mns4gjnz81vftjf8kc5300ademsaqksgshkga8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.53.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
a89824b3eb9a6a2365361b688be5ba4dc14998e3565ae5b4fbaeff55469d2f12

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
last-modified
Tue, 27 Dec 2022 18:59:41 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 27 Dec 2022 19:00:41 GMT
link.html
track.webgains.com/ Frame 6B09 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2611455&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h8cx4jw6nj3yv1x3nkcbaepgz767tr6zmkkfv8y7paq71h9dame4h0qhdt0ans4wcaxa04c4tec2vy24n9zqcms5rxh4ynaf3rmjn73a6fjjj5ny5sc1apjdffga8eawwyfa5e7evatkpmvz3095pye1e2pfqda6d4xv7d5hm6as969vhmgq1pzyn5ayzp8p0ehfr4vjw42cmdccxwmt812xbs0ajxbwbq0f59t9ycyw2acesz37h047ntzzcz3xbe0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hkn691d4n5ghf53eyh1mtqjvsceeeggq6a5520vr02604k5zahvn1qw3rqee440vh88etz6sc9ch2fkpbbm96agn7mwyq50ht3xsqazv4fe42mz5v2sv1rw0j6yncw4dy7nftzw85tmkxpp604g7t8na978wwy4pvaqaekbsqpfjh6f6v96j48phxdnxqnweh7fh7p95yntsfncgmg55vyj268z0kh3v639fgq19xb3h4hz56aw3f1fez7p5ymyser60j1k8nvpndyf2tzhfkv89m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4woneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneid1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqVoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=e9975e07edc1a6de0c3e891e03c06524%2F14878494519113093806&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkn691d4n5ghf53eyh1mtqjvsceeeggq6a5520vr02604k5zahvn1qw3rqee440vh88etz6sc9ch2fkpbbm96agn7mwyq50ht3xsqazv4fe42mz5v2sv1rw0j6yncw4dy7nftzw85tmkxpp604g7t8na978wwy4pvaqaekbsqpfjh6f6v96j48phxdnxqnweh7fh7p95yntsfncgmg55vyj268z0kh3v639fgq19xb3h4hz56aw3f1fez7p5ymyser60j1k8nvpndyf2tzhfkv89m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.53.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
36129173d01745d6649f1a2cc5b176b5403030851332b0266d088cea4536696c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
last-modified
Tue, 27 Dec 2022 18:59:41 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 27 Dec 2022 19:00:41 GMT
link.html
track.webgains.com/ Frame 6B09 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k39stwvbsqhcamm34yeaxj5pjh7hg8ry95jzj8xrwn6bw53rymzv3nrtxdash7db9wtnfz87aw7e9w6d7w8qkkb8wmm92yt19r6drefynnjnf6g0vvgp38q7n8rbe4t20wk9hs8qqqd14vxjzxydp6dys8bjf627gdvxsbwq1zqn72ngpeac4k98xsgwzgwzjypq212jrtprbab78gwp71jb0bjcjskk1s1fdnqf31dp0js0remh5qh5b4yrhyrdqcwh08%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hkn691d4n5ghf53eyh1mtqjvsceeeggq6a5520vr02604k5zahvn1qw3rqee440vh88etz6sc9ch2fkpbbm96agn7mwyq50ht3xsqazv4fe42mz5v2sv1rw0j6yncw4dy7nftzw85tmkxpp604g7t8na978wwy4pvaqaekbsqpfjh6f6v96j48phxdnxqnweh7fh7p95yntsfncgmg55vyj268z0kh3v639fgq19xb3h4hz56aw3f1fez7p5ymyser60j1k8nvpndyf2tzhfkv89m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=e9975e07edc1a6de0c3e891e03c06524%2F14878494519113093806&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkn691d4n5ghf53eyh1mtqjvsceeeggq6a5520vr02604k5zahvn1qw3rqee440vh88etz6sc9ch2fkpbbm96agn7mwyq50ht3xsqazv4fe42mz5v2sv1rw0j6yncw4dy7nftzw85tmkxpp604g7t8na978wwy4pvaqaekbsqpfjh6f6v96j48phxdnxqnweh7fh7p95yntsfncgmg55vyj268z0kh3v639fgq19xb3h4hz56aw3f1fez7p5ymyser60j1k8nvpndyf2tzhfkv89m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.53.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e2d92e12f58630ab7f9b6690efac30381bf9815b06f590fe315c90c5df9942b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
last-modified
Tue, 27 Dec 2022 18:59:41 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 27 Dec 2022 19:00:41 GMT
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 6A1B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 09:30:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34130
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Dec 2023 09:30:51 GMT
link.html
track.webgains.com/ Frame 3C93 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1grrbjqw9drnppskv7yz452admvpjtjej4rbm6n2t33250zw0va2sh4na9fhm2nrwtaa6d6hn4yb4rpatyhwbfttm2kaaksm91n53tkaqme2ht059sehc80ph86tds9nhfpdr86xapmwgr0ab4q85e8bg5ycjs6xtrnc2dh0pms9xf3cj56wty83czmvz7kcehjhnrepajxa68sfmtkasp2kz2m7y58w6j8sb7m71s2gcq2p4a4efvq8xm3qmapybrtg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kywn7502ds0r2s1phjpa7dbyjyrg05n2qv9ez8ejvv41t6zjvq3grhge22xpd9vdfbvp6qnv0np2wb35e557hy1dnd698nghcqbvjb4adg8s2pmbccj4nhah6qtyyavb814s8d3yfa0n7ca29rvh8pgszr51s1y812qt223nr1bzvm0be656bmzarpp16dx0xh9fcfd2ye3s7p0ptpws5jgzqrgcxb7hydyft1fgjt3sbw2a14xayd45geq0nkwsgg3xwgs9jtzqfnrkr3mcshnt4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=2373b441359b7defc04bee61fdbd72fb%2F1234430002439753742&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kywn7502ds0r2s1phjpa7dbyjyrg05n2qv9ez8ejvv41t6zjvq3grhge22xpd9vdfbvp6qnv0np2wb35e557hy1dnd698nghcqbvjb4adg8s2pmbccj4nhah6qtyyavb814s8d3yfa0n7ca29rvh8pgszr51s1y812qt223nr1bzvm0be656bmzarpp16dx0xh9fcfd2ye3s7p0ptpws5jgzqrgcxb7hydyft1fgjt3sbw2a14xayd45geq0nkwsgg3xwgs9jtzqfnrkr3mcshnt4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.53.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
4fc902e4a6e84f38917b57847633ea8e827a42a4af437fce1d54fede5d7cf7ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
last-modified
Tue, 27 Dec 2022 18:59:41 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 27 Dec 2022 19:00:41 GMT
link.html
track.webgains.com/ Frame 3C93 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2611455&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j2sejq1efr3gjph4mr3d3rrgws3a48rw1mvptcye177c4y18jhbaxz7j5bb7d8868a6sbxfgc1gb63eyag63vqzngpkn53ztpmbdmemk8f86qt1kbjj98xqa19e274jj22vmyxn75wr9ygzz11z7fq96vnwwr08p46qqtz0mrhqv7jt6f4ybyh1e7heftztp4v3cqeky8dv2ke5qnsab1djn55j1re48xamn9905e76ye30zbfhzewrqr66pj8pt4%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kywn7502ds0r2s1phjpa7dbyjyrg05n2qv9ez8ejvv41t6zjvq3grhge22xpd9vdfbvp6qnv0np2wb35e557hy1dnd698nghcqbvjb4adg8s2pmbccj4nhah6qtyyavb814s8d3yfa0n7ca29rvh8pgszr51s1y812qt223nr1bzvm0be656bmzarpp16dx0xh9fcfd2ye3s7p0ptpws5jgzqrgcxb7hydyft1fgjt3sbw2a14xayd45geq0nkwsgg3xwgs9jtzqfnrkr3mcshnt4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4woneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneid1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqVoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=2373b441359b7defc04bee61fdbd72fb%2F1234430002439753742&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kywn7502ds0r2s1phjpa7dbyjyrg05n2qv9ez8ejvv41t6zjvq3grhge22xpd9vdfbvp6qnv0np2wb35e557hy1dnd698nghcqbvjb4adg8s2pmbccj4nhah6qtyyavb814s8d3yfa0n7ca29rvh8pgszr51s1y812qt223nr1bzvm0be656bmzarpp16dx0xh9fcfd2ye3s7p0ptpws5jgzqrgcxb7hydyft1fgjt3sbw2a14xayd45geq0nkwsgg3xwgs9jtzqfnrkr3mcshnt4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.53.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
1ebe74f3fad6fc1903d89a316f03b643164998b4849c5b3f594425e901b81f64

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
last-modified
Tue, 27 Dec 2022 18:59:41 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 27 Dec 2022 19:00:41 GMT
link.html
track.webgains.com/ Frame 3C93 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j311zzjhtdgtgwfbzec9gktas25yjffe90mh02k6fmfpshfdg8232zjrahs15qnvx89fj16bfv2ggzr6s9fw6ew7a18gc0hz770pgwae8k747xrqy6375f3evnbj89he78qn2fnr7wqvw8t7fgdejcesr8vcx4yjhy7bbb7w0rr7zh3sdt73w3s0c7b4sbya9v44fqyfbp2khwaq4q7m5v7ff5g5236mm2enrbhthynd274c1ftewst3wzrsnqscn28e%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kywn7502ds0r2s1phjpa7dbyjyrg05n2qv9ez8ejvv41t6zjvq3grhge22xpd9vdfbvp6qnv0np2wb35e557hy1dnd698nghcqbvjb4adg8s2pmbccj4nhah6qtyyavb814s8d3yfa0n7ca29rvh8pgszr51s1y812qt223nr1bzvm0be656bmzarpp16dx0xh9fcfd2ye3s7p0ptpws5jgzqrgcxb7hydyft1fgjt3sbw2a14xayd45geq0nkwsgg3xwgs9jtzqfnrkr3mcshnt4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=300&d=600&e=&g=2373b441359b7defc04bee61fdbd72fb%2F1234430002439753742&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580810&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kywn7502ds0r2s1phjpa7dbyjyrg05n2qv9ez8ejvv41t6zjvq3grhge22xpd9vdfbvp6qnv0np2wb35e557hy1dnd698nghcqbvjb4adg8s2pmbccj4nhah6qtyyavb814s8d3yfa0n7ca29rvh8pgszr51s1y812qt223nr1bzvm0be656bmzarpp16dx0xh9fcfd2ye3s7p0ptpws5jgzqrgcxb7hydyft1fgjt3sbw2a14xayd45geq0nkwsgg3xwgs9jtzqfnrkr3mcshnt4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.53.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
134d673ded76a611417320dcaa78730b81a7d8a8ea0d277a50403c4dc11942f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
last-modified
Tue, 27 Dec 2022 18:59:41 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 27 Dec 2022 19:00:41 GMT
truncated
/ Frame 82C0 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame 41B9 		693 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
179198
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 17:13:03 GMT
expires
Mon, 25 Dec 2023 17:13:03 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		43 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=9d09ddc0-8618-11ed-b075-2f2775135070&ea=ad.request&aui=96159&aup=glia_adx_8&auo=3&aut=google&pp=300%2C168.75%2C1300%2C899.25&bp=1600%2C1200&wp=1600%2C11233%2C0%2C0&pgu=https%253A%252F%252Fjalantikus.com%252Ftips%252Fdownload-youtube-premium-apk%252F&pgt=YouTube%20Premium%20MOD%20APK%2017.45.34%20Premium%20Unlocked%202022%20%7C%20JalanTikus&sid=glia-id_jalantikus_desktop_simple&sk=id_jalantikus_desktop&si=id_jalantikus_desktop_simple&sa=id_jalantikus&pt=SimplePlayer&pv=0.3.97&ab=0&ta=0&cb=981961988605737.4
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 33CD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvswhdIvHJaCi2ydGNCSBC6I07Wwf-R0fKLQBZIvFpefO0NDrt9FznWd1f6mIdQMUu2NnwlCU9fRW3-_veVoqHEYQMC&sig=Cg0ArKJSzKRTnkfld9c8EAE&cid=CAASF-RoQgrZKMXsgGCbMaJiCqFxjYjCnOV3&id=lidar2&mcvt=1050&p=86,436,176,1164&mtos=1050,1050,1050,1050,1050&tos=1050,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2231953469&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672167579559&rpt=575&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 3A51 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2611455&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gq2cvv0qsrgz60q5w9zk1n0qy1jqkwd3wdqyphfhgadmgxx31et1ezycs1yx6q1mnggpcbv8c5zfkzy2ates0rnp3xwj0d07gb8m2bdd2ry0g1wbmw1a6sdmatc6z9xdyy5ecqknwxq7fd1hhhsx5266d72z9vfkgvm5dzvbcjg197hmcttn4wyegw5r31v3s96w4vyacq98q9cw7ggvnas3k3ttkjsxxhtfpvsj86qqeqj3rqhkv39vjfqqnch0g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbwpeg143xa8mmj89fyvgj58mfnndy1e7zay2qs44808z1qgsypycm1bfekmwxhaffe71ypbq78g2c47s55a34va1kkgdvxqads9x73r58ym5af3a62p3wbta0376h5pktpt4c7e1qv437gjfp28gkq4bfg3pref8x6fc0pnx9z3ma4rw8jmc55eaakxnr06j693ypqwcyp848b4czcdbsb625zc6318pzr2bzsge2vk9btvzs4p29sme8y5vdveyggmt8zvjdmkr3yx071bash4m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4woneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneid1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqVoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-42.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 08:50:10 GMT
content-encoding
gzip
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 10:53:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
36571
etag
W/"0d5045593d14c9612a5d5576928a5209"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Lu-fh_1YsOfzLNebiGbirdY2aHLna3cpmD5Eq4j5h7HVO3wVcg2-cw==
link.html
track.webgains.com/ Frame 3A51 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneid1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqVoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=2611455
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=be016755f4073f6b04d872d288b01957%2F7808709755538034677&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580799&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbwpeg143xa8mmj89fyvgj58mfnndy1e7zay2qs44808z1qgsypycm1bfekmwxhaffe71ypbq78g2c47s55a34va1kkgdvxqads9x73r58ym5af3a62p3wbta0376h5pktpt4c7e1qv437gjfp28gkq4bfg3pref8x6fc0pnx9z3ma4rw8jmc55eaakxnr06j693ypqwcyp848b4czcdbsb625zc6318pzr2bzsge2vk9btvzs4p29sme8y5vdveyggmt8zvjdmkr3yx071bash4m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.53.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
0bb7d041ebd9fd009fc12482885c6dca63ebe0ca1b9ce960bbd047a0e5391cb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
last-modified
Tue, 27 Dec 2022 18:59:41 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 27 Dec 2022 19:00:41 GMT
link.html
track.webgains.com/ Frame 3A51 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=2194035
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=be016755f4073f6b04d872d288b01957%2F7808709755538034677&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580799&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbwpeg143xa8mmj89fyvgj58mfnndy1e7zay2qs44808z1qgsypycm1bfekmwxhaffe71ypbq78g2c47s55a34va1kkgdvxqads9x73r58ym5af3a62p3wbta0376h5pktpt4c7e1qv437gjfp28gkq4bfg3pref8x6fc0pnx9z3ma4rw8jmc55eaakxnr06j693ypqwcyp848b4czcdbsb625zc6318pzr2bzsge2vk9btvzs4p29sme8y5vdveyggmt8zvjdmkr3yx071bash4m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.53.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
last-modified
Tue, 27 Dec 2022 18:59:41 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 27 Dec 2022 19:00:41 GMT
Logo120x90.jpg
cdn.track.production.webgains.team/294690/ Frame 3A51 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/294690/Logo120x90.jpg?Expires=1672167881&Signature=UlFtDKZG0tuVlNduoM5iUf96R6FJnnbE-HZtnbHLY42ZHzhdIQBJHsdhFlbgQb-Ejiv6PQJVwJVX2Hopsnqiv9xhOceJ88Tctg~MUuvNhaSJuyqCkkCdQe4m0UQVfKv8v9LBp1OeoQtRL2AcHEttAa1UxNWvZpTzuZR7~pPSCPpoB3j39WrLpGuaXgRBK2WFB0AF7JGicSMdRgMvW7jrIlFxqh4-UcMdE0fWyGc7vBlYqS4-122AAYSJhfCKba~kYHJ3mrTz-YjW9KTYb~Z2bw5c4ECwsmMqdloc-kv4fStCUrpgBRlUSN7JXkPhQLnnlH-ezT2imN8LyMVwwwdmoQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C22122%2C321735&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2C1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqV%2CeYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpb&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4w%2CDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjW&c=728&d=90&e=&g=be016755f4073f6b04d872d288b01957%2F7808709755538034677&i=20597%2C16804%2C110819&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1672167580799&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbwpeg143xa8mmj89fyvgj58mfnndy1e7zay2qs44808z1qgsypycm1bfekmwxhaffe71ypbq78g2c47s55a34va1kkgdvxqads9x73r58ym5af3a62p3wbta0376h5pktpt4c7e1qv437gjfp28gkq4bfg3pref8x6fc0pnx9z3ma4rw8jmc55eaakxnr06j693ypqwcyp848b4czcdbsb625zc6318pzr2bzsge2vk9btvzs4p29sme8y5vdveyggmt8zvjdmkr3yx071bash4m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCypium0CrY4raA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSJAk_Qy-V9EyTnN6Z06rs3owZYihonHEO_IU_gMHa8SltdqZH4z8ntw7nU5HfvLf-HV8AC4SF37QDGh1VzOKmkbOH4UnHk8FS58IIh5VsFBVpk8SmcNomMzIbsOT43RgGNU2xapq4tZyuqZMESFgFrZES9NPPQTyyccDOdFELWjovNncMjGXGTKzO0KU4kRwz7RxmswyLa_1cyQZw4YuLZHNyqM_Mfqiqw-OhqfnlwOK4hb0H1BXXBlfSTj_ajkDRxPKgUP2dCl9hWOjaeL-SFZ-FT6bA-gu03FLEnj7OiohrAKVe3FJrc7XDaa7flYrrcJYfhHs1Of5VpLW5Zzsu7x9zyTlECeeL26_LgBAGABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gkjYkoE3h5SHLoSeFVI9E-CagJw%2526client%253Dca-pub-5398989680841221%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-53.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afc207386e69748f65e917a95513ca8ef20068a3dc11c87b393733030d80f3d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 00:54:47 GMT
x-amz-version-id
null
via
1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
last-modified
Thu, 04 Aug 2022 13:56:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
65094
etag
"66da632e2658ba90a2b4863be372b9cf"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
content-length
2298
x-amz-cf-id
UKUuHnB1lmq4LMMGAcIkI6Tj7SEdWIBcvm6LbaOG1QP32N8HeXno5Q==
ads
pubads.g.doubleclick.net/gampad/ Frame 41B9 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21818843116%2Fglia_adx_8_id_jalantikus_desktop_1670576711.791534&description_url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&unviewed_position_start=1&env=vp&correlator=2305285684523026&output=xml_vast4&ad_rule=0&vpa=auto&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=3659685959&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&nel=0&eid=44748969%2C44765701&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&dt=1672167581265&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg&scor=4278329907069492&ged=ve4_td4_tt1_pd4_la4000_er899.1300.1053.1600_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame B363 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jnfpse52aqbdmbf1av1f2t9fmcmtke8172mmma3hdxfn2svp89qzhfambqz0sr1d0qaatqcba9rxpjvhgxbzeyg5cwkcs9sp6y9wqemtsnna42kdx2b8mdmnay24r98a54sn89j85ba802nfn7hj4a8arx8ynepyt47nqay13ykp8dmqhc4f6ktzhf8eexvst13q8xnwgfknef7b2s506cfht62h7c00w8xx2jxtvcmanx1s8xv8tvdzzq3tjcz3kx7j0r%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kzn04ywzxwswb6jzj9bhbes67fp1taajs6qrd80kgjcpj88ba4bt7rwxb69ctm21zej89dv8j2gra2q8075zp0k3rgk5py56ny6etxsyf9psa4y2j1cnzq56zwbjq5z68k0fg3zw1vvkvdf8pgsaj7zf67gbh049hag0p2cahmym8015zegn4akagxgzjv9590wm985z1rjxq8zyk9j54393ry7wx6ym4psd0xxnfh88chkqa9mns4gjnz81vftjf8kc5300ademsaqksgshkga8g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-42.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 08:50:10 GMT
content-encoding
gzip
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 10:53:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
36571
etag
W/"0d5045593d14c9612a5d5576928a5209"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
uZGqPA62Ozw6lBFbDIjNVNu3I8YxALsVL3BWdSvZCifTYdUvx4nE5g==
Logo120x90.jpg
cdn.track.production.webgains.team/294690/ Frame B363 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/294690/Logo120x90.jpg?Expires=1672167881&Signature=UlFtDKZG0tuVlNduoM5iUf96R6FJnnbE-HZtnbHLY42ZHzhdIQBJHsdhFlbgQb-Ejiv6PQJVwJVX2Hopsnqiv9xhOceJ88Tctg~MUuvNhaSJuyqCkkCdQe4m0UQVfKv8v9LBp1OeoQtRL2AcHEttAa1UxNWvZpTzuZR7~pPSCPpoB3j39WrLpGuaXgRBK2WFB0AF7JGicSMdRgMvW7jrIlFxqh4-UcMdE0fWyGc7vBlYqS4-122AAYSJhfCKba~kYHJ3mrTz-YjW9KTYb~Z2bw5c4ECwsmMqdloc-kv4fStCUrpgBRlUSN7JXkPhQLnnlH-ezT2imN8LyMVwwwdmoQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jnfpse52aqbdmbf1av1f2t9fmcmtke8172mmma3hdxfn2svp89qzhfambqz0sr1d0qaatqcba9rxpjvhgxbzeyg5cwkcs9sp6y9wqemtsnna42kdx2b8mdmnay24r98a54sn89j85ba802nfn7hj4a8arx8ynepyt47nqay13ykp8dmqhc4f6ktzhf8eexvst13q8xnwgfknef7b2s506cfht62h7c00w8xx2jxtvcmanx1s8xv8tvdzzq3tjcz3kx7j0r%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kzn04ywzxwswb6jzj9bhbes67fp1taajs6qrd80kgjcpj88ba4bt7rwxb69ctm21zej89dv8j2gra2q8075zp0k3rgk5py56ny6etxsyf9psa4y2j1cnzq56zwbjq5z68k0fg3zw1vvkvdf8pgsaj7zf67gbh049hag0p2cahmym8015zegn4akagxgzjv9590wm985z1rjxq8zyk9j54393ry7wx6ym4psd0xxnfh88chkqa9mns4gjnz81vftjf8kc5300ademsaqksgshkga8g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-53.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afc207386e69748f65e917a95513ca8ef20068a3dc11c87b393733030d80f3d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 00:54:47 GMT
x-amz-version-id
null
via
1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
last-modified
Thu, 04 Aug 2022 13:56:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
65094
etag
"66da632e2658ba90a2b4863be372b9cf"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
content-length
2298
x-amz-cf-id
ZSJmcSwuVNk5zpD4fIeU-8yh6bH72wWlrRU9zs3KHWwC18Bqs39MsQ==
pvClk.min.js
analytics.webgains.io/ Frame 6B09 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k39stwvbsqhcamm34yeaxj5pjh7hg8ry95jzj8xrwn6bw53rymzv3nrtxdash7db9wtnfz87aw7e9w6d7w8qkkb8wmm92yt19r6drefynnjnf6g0vvgp38q7n8rbe4t20wk9hs8qqqd14vxjzxydp6dys8bjf627gdvxsbwq1zqn72ngpeac4k98xsgwzgwzjypq212jrtprbab78gwp71jb0bjcjskk1s1fdnqf31dp0js0remh5qh5b4yrhyrdqcwh08%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hkn691d4n5ghf53eyh1mtqjvsceeeggq6a5520vr02604k5zahvn1qw3rqee440vh88etz6sc9ch2fkpbbm96agn7mwyq50ht3xsqazv4fe42mz5v2sv1rw0j6yncw4dy7nftzw85tmkxpp604g7t8na978wwy4pvaqaekbsqpfjh6f6v96j48phxdnxqnweh7fh7p95yntsfncgmg55vyj268z0kh3v639fgq19xb3h4hz56aw3f1fez7p5ymyser60j1k8nvpndyf2tzhfkv89m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-42.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 08:50:10 GMT
content-encoding
gzip
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 10:53:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
36571
etag
W/"0d5045593d14c9612a5d5576928a5209"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
-m2k7Fyryi8ejiXHQ22INbFphGGK0_W88zP_NZj3bVho8LqHgAsDcA==
Logo120x90.jpg
cdn.track.production.webgains.team/294690/ Frame 6B09 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/294690/Logo120x90.jpg?Expires=1672167881&Signature=UlFtDKZG0tuVlNduoM5iUf96R6FJnnbE-HZtnbHLY42ZHzhdIQBJHsdhFlbgQb-Ejiv6PQJVwJVX2Hopsnqiv9xhOceJ88Tctg~MUuvNhaSJuyqCkkCdQe4m0UQVfKv8v9LBp1OeoQtRL2AcHEttAa1UxNWvZpTzuZR7~pPSCPpoB3j39WrLpGuaXgRBK2WFB0AF7JGicSMdRgMvW7jrIlFxqh4-UcMdE0fWyGc7vBlYqS4-122AAYSJhfCKba~kYHJ3mrTz-YjW9KTYb~Z2bw5c4ECwsmMqdloc-kv4fStCUrpgBRlUSN7JXkPhQLnnlH-ezT2imN8LyMVwwwdmoQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k39stwvbsqhcamm34yeaxj5pjh7hg8ry95jzj8xrwn6bw53rymzv3nrtxdash7db9wtnfz87aw7e9w6d7w8qkkb8wmm92yt19r6drefynnjnf6g0vvgp38q7n8rbe4t20wk9hs8qqqd14vxjzxydp6dys8bjf627gdvxsbwq1zqn72ngpeac4k98xsgwzgwzjypq212jrtprbab78gwp71jb0bjcjskk1s1fdnqf31dp0js0remh5qh5b4yrhyrdqcwh08%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hkn691d4n5ghf53eyh1mtqjvsceeeggq6a5520vr02604k5zahvn1qw3rqee440vh88etz6sc9ch2fkpbbm96agn7mwyq50ht3xsqazv4fe42mz5v2sv1rw0j6yncw4dy7nftzw85tmkxpp604g7t8na978wwy4pvaqaekbsqpfjh6f6v96j48phxdnxqnweh7fh7p95yntsfncgmg55vyj268z0kh3v639fgq19xb3h4hz56aw3f1fez7p5ymyser60j1k8nvpndyf2tzhfkv89m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-53.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afc207386e69748f65e917a95513ca8ef20068a3dc11c87b393733030d80f3d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 00:54:47 GMT
x-amz-version-id
null
via
1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
last-modified
Thu, 04 Aug 2022 13:56:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
65094
etag
"66da632e2658ba90a2b4863be372b9cf"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
content-length
2298
x-amz-cf-id
GyhjKiLkLRqeyqRzoT-M7_j95C2zuUJEAgY9i_RgU9E6zg2bkU5v6w==
link.html
track.webgains.com/ Frame 6B09 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneid1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqVoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=2611455
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2611455&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h8cx4jw6nj3yv1x3nkcbaepgz767tr6zmkkfv8y7paq71h9dame4h0qhdt0ans4wcaxa04c4tec2vy24n9zqcms5rxh4ynaf3rmjn73a6fjjj5ny5sc1apjdffga8eawwyfa5e7evatkpmvz3095pye1e2pfqda6d4xv7d5hm6as969vhmgq1pzyn5ayzp8p0ehfr4vjw42cmdccxwmt812xbs0ajxbwbq0f59t9ycyw2acesz37h047ntzzcz3xbe0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hkn691d4n5ghf53eyh1mtqjvsceeeggq6a5520vr02604k5zahvn1qw3rqee440vh88etz6sc9ch2fkpbbm96agn7mwyq50ht3xsqazv4fe42mz5v2sv1rw0j6yncw4dy7nftzw85tmkxpp604g7t8na978wwy4pvaqaekbsqpfjh6f6v96j48phxdnxqnweh7fh7p95yntsfncgmg55vyj268z0kh3v639fgq19xb3h4hz56aw3f1fez7p5ymyser60j1k8nvpndyf2tzhfkv89m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4woneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneid1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqVoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.53.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
0bb7d041ebd9fd009fc12482885c6dca63ebe0ca1b9ce960bbd047a0e5391cb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
last-modified
Tue, 27 Dec 2022 18:59:41 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 27 Dec 2022 19:00:41 GMT
link.html
track.webgains.com/ Frame B363 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=2194035
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hxtxk204ye5z87gz3c28zcznbypx9pxr95fe54g3c8qwhjfa4kra37k2hjpg6ek1q45bp7v1x7cs4jt0f6fhaca4m265wcvywj83cxj7y4pwn9hyx4z60mrra26xq3ztk83t2d8q214c0e07kx8qgdw64gjxhgk8wwkjz8zx9y7cssss701xfpcs2kcsde2qmyr1zb1v3vs7mz0e8s985adzq75nbte3w5x1ef8y9hfdrkwk84stx9y76vngznhpftp0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kzn04ywzxwswb6jzj9bhbes67fp1taajs6qrd80kgjcpj88ba4bt7rwxb69ctm21zej89dv8j2gra2q8075zp0k3rgk5py56ny6etxsyf9psa4y2j1cnzq56zwbjq5z68k0fg3zw1vvkvdf8pgsaj7zf67gbh049hag0p2cahmym8015zegn4akagxgzjv9590wm985z1rjxq8zyk9j54393ry7wx6ym4psd0xxnfh88chkqa9mns4gjnz81vftjf8kc5300ademsaqksgshkga8g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.53.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
last-modified
Tue, 27 Dec 2022 18:59:41 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 27 Dec 2022 19:00:41 GMT
pvClk.min.js
analytics.webgains.io/ Frame 3C93 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2611455&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j2sejq1efr3gjph4mr3d3rrgws3a48rw1mvptcye177c4y18jhbaxz7j5bb7d8868a6sbxfgc1gb63eyag63vqzngpkn53ztpmbdmemk8f86qt1kbjj98xqa19e274jj22vmyxn75wr9ygzz11z7fq96vnwwr08p46qqtz0mrhqv7jt6f4ybyh1e7heftztp4v3cqeky8dv2ke5qnsab1djn55j1re48xamn9905e76ye30zbfhzewrqr66pj8pt4%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kywn7502ds0r2s1phjpa7dbyjyrg05n2qv9ez8ejvv41t6zjvq3grhge22xpd9vdfbvp6qnv0np2wb35e557hy1dnd698nghcqbvjb4adg8s2pmbccj4nhah6qtyyavb814s8d3yfa0n7ca29rvh8pgszr51s1y812qt223nr1bzvm0be656bmzarpp16dx0xh9fcfd2ye3s7p0ptpws5jgzqrgcxb7hydyft1fgjt3sbw2a14xayd45geq0nkwsgg3xwgs9jtzqfnrkr3mcshnt4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4woneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneid1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqVoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-42.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 08:50:10 GMT
content-encoding
gzip
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 10:53:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
36571
etag
W/"0d5045593d14c9612a5d5576928a5209"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
QdSSL5kO55klRsGKFUnUD_1R3i09QrvNszeV083Lo9KTDCTOM2CKLw==
link.html
track.webgains.com/ Frame 3C93 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneid1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqVoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=2611455
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2611455&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j2sejq1efr3gjph4mr3d3rrgws3a48rw1mvptcye177c4y18jhbaxz7j5bb7d8868a6sbxfgc1gb63eyag63vqzngpkn53ztpmbdmemk8f86qt1kbjj98xqa19e274jj22vmyxn75wr9ygzz11z7fq96vnwwr08p46qqtz0mrhqv7jt6f4ybyh1e7heftztp4v3cqeky8dv2ke5qnsab1djn55j1re48xamn9905e76ye30zbfhzewrqr66pj8pt4%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kywn7502ds0r2s1phjpa7dbyjyrg05n2qv9ez8ejvv41t6zjvq3grhge22xpd9vdfbvp6qnv0np2wb35e557hy1dnd698nghcqbvjb4adg8s2pmbccj4nhah6qtyyavb814s8d3yfa0n7ca29rvh8pgszr51s1y812qt223nr1bzvm0be656bmzarpp16dx0xh9fcfd2ye3s7p0ptpws5jgzqrgcxb7hydyft1fgjt3sbw2a14xayd45geq0nkwsgg3xwgs9jtzqfnrkr3mcshnt4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4woneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneid1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqVoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.53.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
0bb7d041ebd9fd009fc12482885c6dca63ebe0ca1b9ce960bbd047a0e5391cb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
last-modified
Tue, 27 Dec 2022 18:59:41 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 27 Dec 2022 19:00:41 GMT
link.html
track.webgains.com/ Frame B363 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneid1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqVoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=2611455
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2611455&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kzcnm9zjxg5v0cfakfpkj6xepwv45yb72a1b5b79vqy6z2bbn0149qaajmb1rgajytn1qpvkrfd248nga95xnht20rvmqqymk1echkhj321sez09h0ma5f5xs9qj3hka5pz269gs83fa6fz13xt3ctck568c6y9xzt9na3f1183wytcsgkny97hjv3m4j8g8p25vbmg7mvd853646wrs2npd85abrm8hwq97eh0xx01m2dkjynkgt26gbxv4q8t9hng%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kzn04ywzxwswb6jzj9bhbes67fp1taajs6qrd80kgjcpj88ba4bt7rwxb69ctm21zej89dv8j2gra2q8075zp0k3rgk5py56ny6etxsyf9psa4y2j1cnzq56zwbjq5z68k0fg3zw1vvkvdf8pgsaj7zf67gbh049hag0p2cahmym8015zegn4akagxgzjv9590wm985z1rjxq8zyk9j54393ry7wx6ym4psd0xxnfh88chkqa9mns4gjnz81vftjf8kc5300ademsaqksgshkga8g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCzSnem0CrY4baA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSRAk_Q0lLkEEPenv8Dj5yjd7OBLJotyDV2gvtYd4adAL5dIvSq65em7nMPW1Sto6JPhU0_tPCMy2vcbbIcnH-063NdY6aI04mT2R3jt9kPC3vs18CoI_EtEvYVqHUkfIy6YNMjEy9dF70dKXpl3OUuWTniHs-Z6mj-_yJmSY58kWmAEya9bzonIKQ2QdlVBtPnlMUklIBn6VrlZiuvNO67CG57haOnRA-F6q1xJVAcKDoTXSnp6VQd3OR4w6wnHAwP6qiKHL0KTerY-82cvZsO2zYbenvde_cHmuVkhMv2tAzYoK-Pevj99sKqPOYIHUzo94NxlLhCRbqzy4k7FfkOBkY7CyQFJB2EkrYrDc-emhpYpOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2BaM7R1g42HBk0v_p2xoBk2i3Lkw%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidwXVTdfjf6V7uEHRH2tECAMYHzSATmBYaXe4woneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneid1r7FbfKfrzec9HdH9tAtVpes2SKTGdAT9PqVoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.53.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
0bb7d041ebd9fd009fc12482885c6dca63ebe0ca1b9ce960bbd047a0e5391cb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
last-modified
Tue, 27 Dec 2022 18:59:41 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 27 Dec 2022 19:00:41 GMT
Logo120x90.jpg
cdn.track.production.webgains.team/294690/ Frame 3C93 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/294690/Logo120x90.jpg?Expires=1672167881&Signature=UlFtDKZG0tuVlNduoM5iUf96R6FJnnbE-HZtnbHLY42ZHzhdIQBJHsdhFlbgQb-Ejiv6PQJVwJVX2Hopsnqiv9xhOceJ88Tctg~MUuvNhaSJuyqCkkCdQe4m0UQVfKv8v9LBp1OeoQtRL2AcHEttAa1UxNWvZpTzuZR7~pPSCPpoB3j39WrLpGuaXgRBK2WFB0AF7JGicSMdRgMvW7jrIlFxqh4-UcMdE0fWyGc7vBlYqS4-122AAYSJhfCKba~kYHJ3mrTz-YjW9KTYb~Z2bw5c4ECwsmMqdloc-kv4fStCUrpgBRlUSN7JXkPhQLnnlH-ezT2imN8LyMVwwwdmoQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j311zzjhtdgtgwfbzec9gktas25yjffe90mh02k6fmfpshfdg8232zjrahs15qnvx89fj16bfv2ggzr6s9fw6ew7a18gc0hz770pgwae8k747xrqy6375f3evnbj89he78qn2fnr7wqvw8t7fgdejcesr8vcx4yjhy7bbb7w0rr7zh3sdt73w3s0c7b4sbya9v44fqyfbp2khwaq4q7m5v7ff5g5236mm2enrbhthynd274c1ftewst3wzrsnqscn28e%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kywn7502ds0r2s1phjpa7dbyjyrg05n2qv9ez8ejvv41t6zjvq3grhge22xpd9vdfbvp6qnv0np2wb35e557hy1dnd698nghcqbvjb4adg8s2pmbccj4nhah6qtyyavb814s8d3yfa0n7ca29rvh8pgszr51s1y812qt223nr1bzvm0be656bmzarpp16dx0xh9fcfd2ye3s7p0ptpws5jgzqrgcxb7hydyft1fgjt3sbw2a14xayd45geq0nkwsgg3xwgs9jtzqfnrkr3mcshnt4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidDXdT3fwf2Rdqa3HmH9twCegVphxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfZ34BcjHZHet1tM7qpawSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-53.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afc207386e69748f65e917a95513ca8ef20068a3dc11c87b393733030d80f3d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 00:54:47 GMT
x-amz-version-id
null
via
1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
last-modified
Thu, 04 Aug 2022 13:56:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
65094
etag
"66da632e2658ba90a2b4863be372b9cf"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
content-length
2298
x-amz-cf-id
SIgMctMqW_tJ83L7JZo4mW94y1UzO_4KD9vyX6k0rm_DCm3Q8kt4zQ==
link.html
track.webgains.com/ Frame 6B09 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=2194035
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g4cnm4xb1whxd0cgpgy8zwmxk1ytc8ymgft7qznxw6wf8dyy5dxbk0a77kej7cmaxhs7r5a6kfbymv259jsqkkf05nprph5b7wet8phmydz9mxwqq2zvtyd6mqpkp1e2b9q3e0e7svke1gakk05nkk1w46etaemgf6sj4mczc3k1k627qca59mzcy292g6hg1ecdzpcsj2xq4p6bagk0khzq2nr6q9emgtecktzsrqravjqvnesjahepyqwjag6fb176%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hkn691d4n5ghf53eyh1mtqjvsceeeggq6a5520vr02604k5zahvn1qw3rqee440vh88etz6sc9ch2fkpbbm96agn7mwyq50ht3xsqazv4fe42mz5v2sv1rw0j6yncw4dy7nftzw85tmkxpp604g7t8na978wwy4pvaqaekbsqpfjh6f6v96j48phxdnxqnweh7fh7p95yntsfncgmg55vyj268z0kh3v639fgq19xb3h4hz56aw3f1fez7p5ymyser60j1k8nvpndyf2tzhfkv89m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCh169m0CrY4_aA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgStAk_QMM9nJpbZ0bLXM-K-BnKFzIctFvvtM8bJOB7GXjNH-FE6RgKBnBFJEw9mAT9AiTX33bbFSoMUGUiIcboB8qwXTap6SCPsnECwgUPSGfTjjtTRG6lbYVAsNcl6ZRgG_2KJek1KkUKkEwFRPt0TS5XxoREIlZOF3MQzukr1QwqJW_eVABDR3KDtYCnpqLgQ-SOHw3uRhRtnNmhm7XOtjcXugbeWnmINJJBDQF3E9xiZpUrjgxbVVm0ym6jINQG39Eg1jd9EY4c6u12SqXwpg8nEMmGnJJ93p-Qa7Cli4lpIOGCZbDLP3i3kcitobbeE1yQkb9h7dO9oTMBPexRvQYFjTHItMXUJIVMrR9SrdRoMGRI-xSxS-o5XyiHLf3mR7IPwrOkgL6TolTTsM9DgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1iij-sa7CWdXyaToZeMPRH2gMy1Q%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.53.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
last-modified
Tue, 27 Dec 2022 18:59:41 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 27 Dec 2022 19:00:41 GMT
link.html
track.webgains.com/ Frame 3C93 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=2194035
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1grrbjqw9drnppskv7yz452admvpjtjej4rbm6n2t33250zw0va2sh4na9fhm2nrwtaa6d6hn4yb4rpatyhwbfttm2kaaksm91n53tkaqme2ht059sehc80ph86tds9nhfpdr86xapmwgr0ab4q85e8bg5ycjs6xtrnc2dh0pms9xf3cj56wty83czmvz7kcehjhnrepajxa68sfmtkasp2kz2m7y58w6j8sb7m71s2gcq2p4a4efvq8xm3qmapybrtg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kywn7502ds0r2s1phjpa7dbyjyrg05n2qv9ez8ejvv41t6zjvq3grhge22xpd9vdfbvp6qnv0np2wb35e557hy1dnd698nghcqbvjb4adg8s2pmbccj4nhah6qtyyavb814s8d3yfa0n7ca29rvh8pgszr51s1y812qt223nr1bzvm0be656bmzarpp16dx0xh9fcfd2ye3s7p0ptpws5jgzqrgcxb7hydyft1fgjt3sbw2a14xayd45geq0nkwsgg3xwgs9jtzqfnrkr3mcshnt4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZsLGm0CrY4naA8bYgAeLh7KID5DhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTUzOTg5ODk2ODA4NDEyMjHIAQmpAmNNThsE1LE-4AIAqAMBqgSkAk_Q2qhYooDZEm6i2vvUnoD0foJuXpeCVv3H9SHrucR-x2XKVIZgyuIuYs4cPuoCcqIfilp9bUHBU7zVtmz_stBbWf328Ud0QL6iAUQJfrTFMD7Y0-Er4MixbJx4Bx8jMZnort9BQq6a6QbdsU8VNYW9OO2_hv6usey4j-VKtPI2NC-CU5BqtBMTvyDfl0TJ_OId3fVajFAGpDFe3gRjtGpeNWtKjotMngprgaVvZ_oJrkYz3GLMVIIX_I4xC5zLNYKTCvIzzOQt1W3aP1dPlpA8HfQ8zOLm6N1lPbg79586t6fSRdUy_r-u8TdLBNmYJUA4SJKIqaoH7lEEOLFcgi0f0eKN9yzIBMGf6R6SRaoa-uA-cces76jnvwc0dthFrahCYhXgBAGABuDk8OGjlt6zvAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0SFvKRGAjtOb-8kfVLaiOQDcUVTA%252526client%25253Dca-pub-5398989680841221%252526adurl%25253D&clickref=oneidP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.53.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-53-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
last-modified
Tue, 27 Dec 2022 18:59:41 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 27 Dec 2022 19:00:41 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 47BF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstC3ub8B4X5cA4eWMKHOnsvDplZWmBPTmwBKmFuFNafqGoVhkP6jKLNE4Jbb8CRPfueEUI6n3f9uGCbcq3fuEqClolOz-huCM8zhj9bs342gO1Fl6ZrUWuVjUzpDTjJRjTtN5f7vw&sai=AMfl-YQRPv3f6ldMiQ6PZwMCbQtbqvqBKtWTmwp2c9V5wYwjkOXF8UTuxlynQLeH6rGFTNgBs0YSz1ElmYNO2j2EwOFml5GHlM-tShrXFMRew-nTR-Nkc6ykpdajQkRh9Fc&sig=Cg0ArKJSzETBbbXPBJYWEAE&cid=CAQSPADq26N9xxhJwomczkILe_G5dfY_X_LvkjgQRMOxBK3bEm7BKTpLQik2MI5E-jK7UuosrsIjXYJs10EAwBgBIBM&id=ampim&o=1074,386&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=724&tls=1724&g=100&h=100&tt=1725&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: jalantikus.com
URL: https://jalantikus.com/tips/download-youtube-premium-apk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3376685942337626&plah=jalantikus.com&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cec2bc8cade36cfe3b7b0357bfb2deee9cce431715d576c942d82887033543bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11297
x-xss-protection
0
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=3E1A3682F7264EA2B4ECD0647F32D104&RedC=c.clarity.ms&MXFR=376B49C0297964D605BF5B472D796AEE
  • https://c.clarity.ms/c.gif?CtsSyncId=3E1A3682F7264EA2B4ECD0647F32D104&MUID=1C6C463BF7786E670CD954BCF6F36F5F
42 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=3E1A3682F7264EA2B4ECD0647F32D104&MUID=1C6C463BF7786E670CD954BCF6F36F5F
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:41 GMT
last-modified
Mon, 12 Dec 2022 18:28:34 GMT
server
Microsoft-IIS/10.0
etag
"ea79178b57ed91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 18:59:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D502E34E730743EC97BF67A12874EE06 Ref B: FRA31EDGE0507 Ref C: 2022-12-27T18:59:41Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=3E1A3682F7264EA2B4ECD0647F32D104&MUID=1C6C463BF7786E670CD954BCF6F36F5F
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3376685942337626&plah=jalantikus.com&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Dec 2022 18:59:41 GMT
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame 8A7A 		693 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
179198
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 17:13:03 GMT
expires
Mon, 25 Dec 2023 17:13:03 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		43 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=9d09ddc0-8618-11ed-b075-2f2775135070&ea=ad.request&aui=102439&aup=dormknight_content_mcm_8&auo=4&aut=google&pp=300%2C168.75%2C1300%2C899.25&bp=1600%2C1200&wp=1600%2C11233%2C0%2C0&pgu=https%253A%252F%252Fjalantikus.com%252Ftips%252Fdownload-youtube-premium-apk%252F&pgt=YouTube%20Premium%20MOD%20APK%2017.45.34%20Premium%20Unlocked%202022%20%7C%20JalanTikus&sid=glia-id_jalantikus_desktop_simple&sk=id_jalantikus_desktop&si=id_jalantikus_desktop_simple&sa=id_jalantikus&pt=SimplePlayer&pv=0.3.97&ab=0&ta=0&cb=4569354407641151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2C77 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2387
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:19:54 GMT
expires
Wed, 27 Dec 2023 18:19:54 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1935 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
db258da583c46683a0b557bb1c1af6b86bcc64dd38044fd103cefbf72dabd512
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pDfvH9jUPpTo0uv5W3EWTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-pDfvH9jUPpTo0uv5W3EWTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 18:59:41 GMT
expires
Tue, 27 Dec 2022 18:59:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 1935 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=3074899679744946&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ads
pubads.g.doubleclick.net/gampad/ Frame 8A7A 		4 KB
946 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22825748039%2C21702367101%2Fstudio_admin%2Fdormknight_content_mcm_8_id_jalantikus_desktop_1672042089.861308&description_url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&unviewed_position_start=1&env=vp&correlator=3199643144598877&output=xml_vmap1&ad_rule=1&vpa=auto&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=3659685959&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&nel=0&eid=44748969%2C44765701&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&dt=1672167581801&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg&scor=3711400822790393&ged=ve4_td5_tt2_pd5_la5000_er899.1300.1053.1600_vi0.0.1200.1600_vp100_ts1_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c07bed7494e79606c718c766ae2392075ff011c7a3c62ac9df0d4c2b0d964e8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
919
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 2C77 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 09:30:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34130
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Dec 2023 09:30:51 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 8A7A 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22825748039%2Fstudio_admin%2Fdormknight_content_mcm_8_id_jalantikus_desktop_1672042089.861308&sz=640x480&ciu_szs&cust_params&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&min_ad_duration=0&max_ad_duration=120000&vrid=1334781&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&adk=3659685959&correlator=3199643144598877&ctv=0&dt=1672167581914&ged=ve4_td5_tt2_pd5_la5000_er899.1300.1068.1600_vi0.0.1200.1600_vp100_ts0_eb24171&is_amp=0&npa=false&omid_p=Google1%2Fh.3.549.0&osd=2&ptt=20&scor=3711400822790393&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44748969%2C44765701&hl=en&frm=0&sdki=445&sdkv=h.3.549.0&sdr=1&vpa=auto&nel=0&cnc=21702367101&kfa=0&tfcd=0&top=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&loc=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
i.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.7.1/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://jalantikus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://jalantikus.com
date
Tue, 27 Dec 2022 18:59:42 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
generate_204
tpc.googlesyndication.com/ Frame 2C77 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?IuxWsQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		43 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=9d09ddc0-8618-11ed-b075-2f2775135070&ea=video.viewable&vk=gs-396708-jalantikus.com%7CSimplePlayer-sub0&pp=300%2C168.75%2C1300%2C899.25&bp=1600%2C1200&wp=1600%2C11233%2C0%2C0&pgu=https%253A%252F%252Fjalantikus.com%252Ftips%252Fdownload-youtube-premium-apk%252F&pgt=YouTube%20Premium%20MOD%20APK%2017.45.34%20Premium%20Unlocked%202022%20%7C%20JalanTikus&sid=glia-id_jalantikus_desktop_simple&sk=id_jalantikus_desktop&si=id_jalantikus_desktop_simple&sa=id_jalantikus&pt=SimplePlayer&pv=0.3.97&ab=0&ta=0&cb=7377825099076638
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:43 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		43 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=9d09ddc0-8618-11ed-b075-2f2775135070&ea=video.viewableDuration&ev=3&vk=gs-396708-jalantikus.com%7CSimplePlayer-sub0&pp=300%2C168.75%2C1300%2C899.25&bp=1600%2C1200&wp=1600%2C11233%2C0%2C0&pgu=https%253A%252F%252Fjalantikus.com%252Ftips%252Fdownload-youtube-premium-apk%252F&pgt=YouTube%20Premium%20MOD%20APK%2017.45.34%20Premium%20Unlocked%202022%20%7C%20JalanTikus&sid=glia-id_jalantikus_desktop_simple&sk=id_jalantikus_desktop&si=id_jalantikus_desktop_simple&sa=id_jalantikus&pt=SimplePlayer&pv=0.3.97&ab=0&ta=0&cb=8147571767483526
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:43 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
tracking-event
api.webgains.io/ Frame 3A51 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Dec 2022 18:59:44 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 27 Dec 2022 18:59:43 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 3A51 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Dec 2022 18:59:44 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 27 Dec 2022 18:59:43 GMT
server
nginx
ads
pubads.g.doubleclick.net/gampad/ Frame 8A7A 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22825748039%2Fstudio_admin%2Fdormknight_content_mcm_8_id_jalantikus_desktop_1672042089.861308&sz=640x480&ciu_szs&cust_params&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=2&min_ad_duration=0&max_ad_duration=120000&vrid=1334781&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&adk=3659685959&correlator=3199643144598877&ctv=0&dt=1672167583865&ged=timeout&is_amp=0&npa=false&omid_p=Google1%2Fh.3.549.0&osd=2&ptt=20&scor=3711400822790393&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44748969%2C44765701&hl=en&frm=0&sdki=445&sdkv=h.3.549.0&sdr=1&vpa=auto&nel=0&cnc=21702367101&kfa=0&tfcd=0&top=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&loc=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame B363 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Dec 2022 18:59:44 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 27 Dec 2022 18:59:43 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 6B09 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Dec 2022 18:59:44 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 27 Dec 2022 18:59:43 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 6B09 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Dec 2022 18:59:44 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 27 Dec 2022 18:59:43 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 6B09 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Dec 2022 18:59:44 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 27 Dec 2022 18:59:43 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 3C93 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Dec 2022 18:59:44 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 27 Dec 2022 18:59:43 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 3C93 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Dec 2022 18:59:44 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 27 Dec 2022 18:59:43 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 3A51 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Dec 2022 18:59:44 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 27 Dec 2022 18:59:44 GMT
server
nginx
tracking-event
api.webgains.io/ Frame B363 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Dec 2022 18:59:44 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 27 Dec 2022 18:59:44 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 3C93 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Dec 2022 18:59:44 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame B363 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Dec 2022 18:59:44 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 27 Dec 2022 18:59:44 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 27 Dec 2022 18:59:44 GMT
server
nginx
ads
pubads.g.doubleclick.net/gampad/ Frame 8A7A 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22825748039%2Fstudio_admin%2Fdormknight_content_mcm_8_id_jalantikus_desktop_1672042089.861308&sz=640x480&ciu_szs&cust_params&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=3&lip=true&min_ad_duration=0&max_ad_duration=120000&vrid=1334781&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&adk=3659685959&correlator=3199643144598877&ctv=0&dt=1672167584148&ged=ve4_td7_tt4_pd7_la7000_er899.1300.1068.1600_vi0.0.1200.1600_vp100_ts0_eb24171&is_amp=0&npa=false&omid_p=Google1%2Fh.3.549.0&osd=2&ptt=20&scor=3711400822790393&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44748969%2C44765701&hl=en&frm=0&sdki=445&sdkv=h.3.549.0&sdr=1&vpa=auto&nel=0&cnc=21702367101&kfa=0&tfcd=0&top=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&loc=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=3074899679744946&bg=!Dg2lDUnNAAYgquz3AKo7ACkAdvg8WjukqBwKciL4nB49dEaoB7PcXTm5C65CFwaeBf6rLOMVg3H_DAIAAAaQUgAAAAJoAQeZAvR_OuMXtg_iGmx6QgrcGnPR3p0lo53mnOrr5rA10zH5M6cmaM8GuGuxIMEcJM7O5em8bLJIVTu-edGz2-A0EtXHEVlBhDL0p_DnAqbhfjlkjFCpCox-mhq2tnBYTp1IsACPZMT5nCHFGZnCqYWD535gHY9JxoMU8q4Ox2f0mxPIxeVvg3HHINnkhrkO3Iry5CNts-iINYy-KlcrGtYQV54nbhQIZ3_Jf8XisTGQYQf3L5sEFVjIA1f25Mc_9-eH_NM_ypMY7DvtSg3N5hw0a-Gryhc_k24daCM7tM0voaiOEjB7kyYEdQ6HSfNBaFy-zZxfx-tjKVFpLbUD6HkbzgC8gbJar7Hw0CX8tsFikZCjPUwXekJsqqXbjBvLBmSNPpxizCvWyaO45t7KnSqiO7ZgblT5SRpk-bMYYtErvrLtFU9B11S_lZ7GgGZSwMRrz7HRVcJbApFMZYc82XwdOpsUv6XaCCu6nWscW_94YxKY_CcSz2eyOuLAEQzMxFg0aRw7Ur-7Sq3dJElJlEuW95oC001L1NLqt40tYPFqV4M8BqqA0N0uoT7xvvCmwt65a-6wQfMnz0MhICG4Vubxw3gnciOW26G-IBDtS_yaRnNuuqVGxcxLf8DkHO8CFiAgHVD_e30nrQzFRBfs_29CUXyVT0TF6GqX0DmXHOqV-WgkautmEqqh2LsOwQgVRJT2iCASQGTcfR9gHPx-mk0NUmrH97C0RkY23Wio6uEFAqSuRNLfDmk973Kf-Wlu-4EIZpreQRUB05aw2K8pnjJUTT2-VAnS69HsIsh_pFyCUpW1MlM0J37Rjjt0clu84092rzda3g2g6X2muj9mLpTmwrlm5_ZLKR9VjD3MTiwcSvY9qc4qU8yUcBoL4kqZSbuaInDEOUFFvtHZ2nYsp7sjtcYsqsd3idTJBvkNqjRjvfabRYUha9AEQ02K--KwJFG-dO8apaDNLftkFApPkp_MMPMJgKPaRk31d3t5dx2_XkQAgoliJn0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame 7339 		693 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
179201
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 17:13:03 GMT
expires
Mon, 25 Dec 2023 17:13:03 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		43 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=9d09ddc0-8618-11ed-b075-2f2775135070&ea=ad.request&aui=102438&aup=dormknight_content_mcm_8&auo=5&aut=google&pp=300%2C168.75%2C1300%2C899.25&bp=1600%2C1200&wp=1600%2C11233%2C0%2C0&pgu=https%253A%252F%252Fjalantikus.com%252Ftips%252Fdownload-youtube-premium-apk%252F&pgt=YouTube%20Premium%20MOD%20APK%2017.45.34%20Premium%20Unlocked%202022%20%7C%20JalanTikus&sid=glia-id_jalantikus_desktop_simple&sk=id_jalantikus_desktop&si=id_jalantikus_desktop_simple&sa=id_jalantikus&pt=SimplePlayer&pv=0.3.97&ab=0&ta=0&cb=5306765809352687
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:44 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 7339 		4 KB
945 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22825748039%2C21702367101%2Fstudio_admin%2Fdormknight_content_mcm_8_id_jalantikus_desktop_1672042041.134568&description_url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&unviewed_position_start=1&env=vp&correlator=3048380218287057&output=xml_vmap1&ad_rule=1&vpa=auto&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=3659685959&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&nel=0&eid=44748969%2C44765701&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&dt=1672167584544&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg&scor=2885306104149082&ged=ve4_td8_tt5_pd8_la8000_er899.1300.1053.1600_vi0.0.1200.1600_vp100_ts1_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87233df6840e8c3d47cb2448998fd8ab886e0b59c767c9fa1aff12dd0dbf4974
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
918
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 7339 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22825748039%2Fstudio_admin%2Fdormknight_content_mcm_8_id_jalantikus_desktop_1672042041.134568&sz=640x480&ciu_szs&cust_params&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&min_ad_duration=0&max_ad_duration=120000&vrid=1334781&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&adk=3659685959&correlator=3048380218287057&ctv=0&dt=1672167584652&ged=ve4_td8_tt5_pd8_la8000_er899.1300.1068.1600_vi0.0.1200.1600_vp100_ts0_eb24171&is_amp=0&npa=false&omid_p=Google1%2Fh.3.549.0&osd=2&ptt=20&scor=2885306104149082&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44748969%2C44765701&hl=en&frm=0&sdki=445&sdkv=h.3.549.0&sdr=1&vpa=auto&nel=0&cnc=21702367101&kfa=0&tfcd=0&top=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&loc=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 7339 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22825748039%2Fstudio_admin%2Fdormknight_content_mcm_8_id_jalantikus_desktop_1672042041.134568&sz=640x480&ciu_szs&cust_params&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=2&min_ad_duration=0&max_ad_duration=120000&vrid=1334781&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&adk=3659685959&correlator=3048380218287057&ctv=0&dt=1672167584848&ged=ve4_td8_tt5_pd8_la8000_er899.1300.1068.1600_vi0.0.1200.1600_vp100_ts0_eb24171&is_amp=0&npa=false&omid_p=Google1%2Fh.3.549.0&osd=2&ptt=20&scor=2885306104149082&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44748969%2C44765701&hl=en&frm=0&sdki=445&sdkv=h.3.549.0&sdr=1&vpa=auto&nel=0&cnc=21702367101&kfa=0&tfcd=0&top=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&loc=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 7339 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22825748039%2Fstudio_admin%2Fdormknight_content_mcm_8_id_jalantikus_desktop_1672042041.134568&sz=640x480&ciu_szs&cust_params&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=3&lip=true&min_ad_duration=0&max_ad_duration=120000&vrid=1334781&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&adk=3659685959&correlator=3048380218287057&ctv=0&dt=1672167585046&ged=ve4_td8_tt5_pd8_la8000_er899.1300.1068.1600_vi0.0.1200.1600_vp100_ts0_eb24171&is_amp=0&npa=false&omid_p=Google1%2Fh.3.549.0&osd=2&ptt=20&scor=2885306104149082&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44748969%2C44765701&hl=en&frm=0&sdki=445&sdkv=h.3.549.0&sdr=1&vpa=auto&nel=0&cnc=21702367101&kfa=0&tfcd=0&top=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&loc=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame 125A 		693 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
179202
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 17:13:03 GMT
expires
Mon, 25 Dec 2023 17:13:03 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		43 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=9d09ddc0-8618-11ed-b075-2f2775135070&ea=ad.request&aui=95907&aup=glia_adx_7&auo=6&aut=google&pp=300%2C168.75%2C1300%2C899.25&bp=1600%2C1200&wp=1600%2C11233%2C0%2C0&pgu=https%253A%252F%252Fjalantikus.com%252Ftips%252Fdownload-youtube-premium-apk%252F&pgt=YouTube%20Premium%20MOD%20APK%2017.45.34%20Premium%20Unlocked%202022%20%7C%20JalanTikus&sid=glia-id_jalantikus_desktop_simple&sk=id_jalantikus_desktop&si=id_jalantikus_desktop_simple&sa=id_jalantikus&pt=SimplePlayer&pv=0.3.97&ab=0&ta=0&cb=7067459955605275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:45 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 125A 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21818843116%2Fglia_adx_7_id_jalantikus_desktop_1670488260.959362&description_url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&unviewed_position_start=1&env=vp&correlator=4204772419073879&output=xml_vast4&ad_rule=0&vpa=auto&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=3659685959&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&nel=0&eid=44748969%2C44765701&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&dt=1672167585365&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg&scor=1444130920697320&ged=ve4_td8_tt5_pd8_la8000_er899.1300.1053.1600_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame 9F2D 		693 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
179202
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 17:13:03 GMT
expires
Mon, 25 Dec 2023 17:13:03 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		43 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=9d09ddc0-8618-11ed-b075-2f2775135070&ea=ad.request&aui=96201&aup=dormknight_content_mcm_7&auo=7&aut=google&pp=300%2C168.75%2C1300%2C899.25&bp=1600%2C1200&wp=1600%2C11233%2C0%2C0&pgu=https%253A%252F%252Fjalantikus.com%252Ftips%252Fdownload-youtube-premium-apk%252F&pgt=YouTube%20Premium%20MOD%20APK%2017.45.34%20Premium%20Unlocked%202022%20%7C%20JalanTikus&sid=glia-id_jalantikus_desktop_simple&sk=id_jalantikus_desktop&si=id_jalantikus_desktop_simple&sa=id_jalantikus&pt=SimplePlayer&pv=0.3.97&ab=0&ta=0&cb=9321223676071926
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:45 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 9F2D 		4 KB
947 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22825748039%2C21702367101%2Fstudio_admin%2Fdormknight_content_mcm_7_id_jalantikus_desktop_1670581888.824446&description_url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&unviewed_position_start=1&env=vp&correlator=3932231325041172&output=xml_vmap1&ad_rule=1&vpa=auto&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=3659685959&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&nel=0&eid=44748969%2C44765701&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&dt=1672167585707&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg&scor=53495398004880&ged=ve4_td9_tt6_pd9_la9000_er899.1300.1053.1600_vi0.0.1200.1600_vp100_ts1_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41a877e0f6bce3da8fc0f1bb7b28ae43ee18aecd1b7b9908eeda7386e84ecf4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
920
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 9F2D 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22825748039%2Fstudio_admin%2Fdormknight_content_mcm_7_id_jalantikus_desktop_1670581888.824446&sz=640x480&ciu_szs&cust_params&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&min_ad_duration=0&max_ad_duration=120000&vrid=1334781&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&adk=3659685959&correlator=3932231325041172&ctv=0&dt=1672167585838&ged=ve4_td9_tt6_pd9_la9000_er899.1300.1068.1600_vi0.0.1200.1600_vp100_ts0_eb24171&is_amp=0&npa=false&omid_p=Google1%2Fh.3.549.0&osd=2&ptt=20&scor=53495398004880&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44748969%2C44765701&hl=en&frm=0&sdki=445&sdkv=h.3.549.0&sdr=1&vpa=auto&nel=0&cnc=21702367101&kfa=0&tfcd=0&top=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&loc=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 9F2D 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22825748039%2Fstudio_admin%2Fdormknight_content_mcm_7_id_jalantikus_desktop_1670581888.824446&sz=640x480&ciu_szs&cust_params&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=2&min_ad_duration=0&max_ad_duration=120000&vrid=1334781&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&adk=3659685959&correlator=3932231325041172&ctv=0&dt=1672167586088&ged=ve4_td9_tt6_pd9_la9000_er899.1300.1068.1600_vi0.0.1200.1600_vp100_ts0_eb24171&is_amp=0&npa=false&omid_p=Google1%2Fh.3.549.0&osd=2&ptt=20&scor=53495398004880&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44748969%2C44765701&hl=en&frm=0&sdki=445&sdkv=h.3.549.0&sdr=1&vpa=auto&nel=0&cnc=21702367101&kfa=0&tfcd=0&top=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&loc=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 9F2D 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22825748039%2Fstudio_admin%2Fdormknight_content_mcm_7_id_jalantikus_desktop_1670581888.824446&sz=640x480&ciu_szs&cust_params&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=3&lip=true&min_ad_duration=0&max_ad_duration=120000&vrid=1334781&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&adk=3659685959&correlator=3932231325041172&ctv=0&dt=1672167586330&ged=ve4_td9_tt6_pd9_la9000_er899.1300.1068.1600_vi0.0.1200.1600_vp100_ts0_eb24171&is_amp=0&npa=false&omid_p=Google1%2Fh.3.549.0&osd=2&ptt=20&scor=53495398004880&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44748969%2C44765701&hl=en&frm=0&sdki=445&sdkv=h.3.549.0&sdr=1&vpa=auto&nel=0&cnc=21702367101&kfa=0&tfcd=0&top=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&loc=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame 6FB3 		693 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
179203
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 17:13:03 GMT
expires
Mon, 25 Dec 2023 17:13:03 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		43 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=9d09ddc0-8618-11ed-b075-2f2775135070&ea=ad.request&aui=95640&aup=glia_adx_6&auo=8&aut=google&pp=300%2C168.75%2C1300%2C899.25&bp=1600%2C1200&wp=1600%2C11233%2C0%2C0&pgu=https%253A%252F%252Fjalantikus.com%252Ftips%252Fdownload-youtube-premium-apk%252F&pgt=YouTube%20Premium%20MOD%20APK%2017.45.34%20Premium%20Unlocked%202022%20%7C%20JalanTikus&sid=glia-id_jalantikus_desktop_simple&sk=id_jalantikus_desktop&si=id_jalantikus_desktop_simple&sa=id_jalantikus&pt=SimplePlayer&pv=0.3.97&ab=0&ta=0&cb=3916037935687415.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:46 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
collect
i.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.7.1/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://jalantikus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://jalantikus.com
date
Tue, 27 Dec 2022 18:59:46 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
ads
pubads.g.doubleclick.net/gampad/ Frame 6FB3 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21818843116%2Fglia_adx_6_id_jalantikus_desktop_1670416325.359559&description_url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&unviewed_position_start=1&env=vp&correlator=1073487782973227&output=xml_vast4&ad_rule=0&vpa=auto&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=3659685959&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&nel=0&eid=44748969%2C44765701&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&dt=1672167586977&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg&scor=2759784464762252&ged=ve4_td10_tt7_pd10_la10000_er899.1300.1053.1600_vi0.0.1200.1600_vp100_ts1_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame B04A 		693 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
179204
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 17:13:03 GMT
expires
Mon, 25 Dec 2023 17:13:03 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		43 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=9d09ddc0-8618-11ed-b075-2f2775135070&ea=ad.request&aui=97126&aup=glia_adx_6-2&auo=9&aut=google&pp=300%2C168.75%2C1300%2C899.25&bp=1600%2C1200&wp=1600%2C11233%2C0%2C0&pgu=https%253A%252F%252Fjalantikus.com%252Ftips%252Fdownload-youtube-premium-apk%252F&pgt=YouTube%20Premium%20MOD%20APK%2017.45.34%20Premium%20Unlocked%202022%20%7C%20JalanTikus&sid=glia-id_jalantikus_desktop_simple&sk=id_jalantikus_desktop&si=id_jalantikus_desktop_simple&sa=id_jalantikus&pt=SimplePlayer&pv=0.3.97&ab=0&ta=0&cb=4136964714563800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:47 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame B04A 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21818843116%2Fglia_adx_6-2_id_jalantikus_desktop_1670997844.979293&description_url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&unviewed_position_start=1&env=vp&correlator=2618385549852385&output=xml_vast4&ad_rule=0&vpa=auto&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=3659685959&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&nel=0&eid=44748969%2C44765701&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&dt=1672167587355&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg&scor=1890641705583020&ged=ve4_td10_tt7_pd10_la10000_er899.1300.1053.1600_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame 2156 		693 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
179204
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 17:13:03 GMT
expires
Mon, 25 Dec 2023 17:13:03 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		43 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=9d09ddc0-8618-11ed-b075-2f2775135070&ea=ad.request&aui=95669&aup=dormknight_content_mcm_6&auo=10&aut=google&pp=300%2C168.75%2C1300%2C899.25&bp=1600%2C1200&wp=1600%2C11233%2C0%2C0&pgu=https%253A%252F%252Fjalantikus.com%252Ftips%252Fdownload-youtube-premium-apk%252F&pgt=YouTube%20Premium%20MOD%20APK%2017.45.34%20Premium%20Unlocked%202022%20%7C%20JalanTikus&sid=glia-id_jalantikus_desktop_simple&sk=id_jalantikus_desktop&si=id_jalantikus_desktop_simple&sa=id_jalantikus&pt=SimplePlayer&pv=0.3.97&ab=0&ta=0&cb=8604525700178025
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:47 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 2156 		4 KB
947 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22825748039%2C21702367101%2Fstudio_admin%2Fdormknight_content_mcm_6_id_jalantikus_desktop_1670417168.774261&description_url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&unviewed_position_start=1&env=vp&correlator=1345123510023661&output=xml_vmap1&ad_rule=1&vpa=auto&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=3659685959&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&nel=0&eid=44748969%2C44765701&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&dt=1672167587803&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg&scor=3200928670766570&ged=ve4_td11_tt8_pd11_la11000_er899.1300.1053.1600_vi0.0.1200.1600_vp100_ts1_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a40673a3065722a24ca7478d8bfc91bc016c17495b315f4896d27bbd3059b56d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
920
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 2156 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22825748039%2Fstudio_admin%2Fdormknight_content_mcm_6_id_jalantikus_desktop_1670417168.774261&sz=640x480&ciu_szs&cust_params&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&min_ad_duration=0&max_ad_duration=120000&vrid=1334781&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&adk=3659685959&correlator=1345123510023661&ctv=0&dt=1672167587897&ged=ve4_td11_tt8_pd11_la11000_er899.1300.1068.1600_vi0.0.1200.1600_vp100_ts0_eb24171&is_amp=0&npa=false&omid_p=Google1%2Fh.3.549.0&osd=2&ptt=20&scor=3200928670766570&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44748969%2C44765701&hl=en&frm=0&sdki=445&sdkv=h.3.549.0&sdr=1&vpa=auto&nel=0&cnc=21702367101&kfa=0&tfcd=0&top=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&loc=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 2156 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22825748039%2Fstudio_admin%2Fdormknight_content_mcm_6_id_jalantikus_desktop_1670417168.774261&sz=640x480&ciu_szs&cust_params&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=2&min_ad_duration=0&max_ad_duration=120000&vrid=1334781&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&adk=3659685959&correlator=1345123510023661&ctv=0&dt=1672167588086&ged=ve4_td11_tt8_pd11_la11000_er899.1300.1068.1600_vi0.0.1200.1600_vp100_ts0_eb24171&is_amp=0&npa=false&omid_p=Google1%2Fh.3.549.0&osd=2&ptt=20&scor=3200928670766570&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44748969%2C44765701&hl=en&frm=0&sdki=445&sdkv=h.3.549.0&sdr=1&vpa=auto&nel=0&cnc=21702367101&kfa=0&tfcd=0&top=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&loc=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 2156 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22825748039%2Fstudio_admin%2Fdormknight_content_mcm_6_id_jalantikus_desktop_1670417168.774261&sz=640x480&ciu_szs&cust_params&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=3&lip=true&min_ad_duration=0&max_ad_duration=120000&vrid=1334781&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&adk=3659685959&correlator=1345123510023661&ctv=0&dt=1672167588281&ged=ve4_td11_tt8_pd11_la11000_er899.1300.1068.1600_vi0.0.1200.1600_vp100_ts0_eb24171&is_amp=0&npa=false&omid_p=Google1%2Fh.3.549.0&osd=2&ptt=20&scor=3200928670766570&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44748969%2C44765701&hl=en&frm=0&sdki=445&sdkv=h.3.549.0&sdr=1&vpa=auto&nel=0&cnc=21702367101&kfa=0&tfcd=0&top=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&loc=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame 20D0 		693 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
179205
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 17:13:03 GMT
expires
Mon, 25 Dec 2023 17:13:03 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		43 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=9d09ddc0-8618-11ed-b075-2f2775135070&ea=ad.request&aui=63308&aup=glia_adx_5-2&auo=11&aut=google&pp=300%2C168.75%2C1300%2C899.25&bp=1600%2C1200&wp=1600%2C11233%2C0%2C0&pgu=https%253A%252F%252Fjalantikus.com%252Ftips%252Fdownload-youtube-premium-apk%252F&pgt=YouTube%20Premium%20MOD%20APK%2017.45.34%20Premium%20Unlocked%202022%20%7C%20JalanTikus&sid=glia-id_jalantikus_desktop_simple&sk=id_jalantikus_desktop&si=id_jalantikus_desktop_simple&sa=id_jalantikus&pt=SimplePlayer&pv=0.3.97&ab=0&ta=0&cb=3150043626396870
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:48 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 20D0 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21818843116%2Fglia_adx_5-2_id_jalantikus_desktop_1662445951.520132&description_url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3259609283861763&vpa=auto&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=3659685959&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&nel=0&eid=44748969%2C44765701&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&dt=1672167588616&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg&scor=1821185217262681&ged=ve4_td12_tt9_pd12_la12000_er899.1300.1053.1600_vi0.0.1200.1600_vp100_ts1_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame BAD8 		693 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
179205
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 17:13:03 GMT
expires
Mon, 25 Dec 2023 17:13:03 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		43 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=9d09ddc0-8618-11ed-b075-2f2775135070&ea=ad.request&aui=63298&aup=glia_adx_5&auo=12&aut=google&pp=300%2C168.75%2C1300%2C899.25&bp=1600%2C1200&wp=1600%2C11233%2C0%2C0&pgu=https%253A%252F%252Fjalantikus.com%252Ftips%252Fdownload-youtube-premium-apk%252F&pgt=YouTube%20Premium%20MOD%20APK%2017.45.34%20Premium%20Unlocked%202022%20%7C%20JalanTikus&sid=glia-id_jalantikus_desktop_simple&sk=id_jalantikus_desktop&si=id_jalantikus_desktop_simple&sa=id_jalantikus&pt=SimplePlayer&pv=0.3.97&ab=0&ta=0&cb=9016610450066810
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:48 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame BAD8 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21818843116%2Fglia_adx_5_id_jalantikus_desktop_1662445906.31117&description_url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1401467885637518&vpa=auto&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=3659685959&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&nel=0&eid=44748969%2C44765701&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&dt=1672167588927&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg&scor=2910614488350124&ged=ve4_td12_tt9_pd12_la12000_er899.1300.1053.1600_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame 2712 		693 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jalantikus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
179206
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 17:13:03 GMT
expires
Mon, 25 Dec 2023 17:13:03 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		0
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=jalantikus.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jalantikus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 2712 		4 KB
947 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22825748039%2C21702367101%2Fstudio_admin%2Fdormknight_content_mcm_5_id_jalantikus_desktop_1669887892.830303&description_url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&unviewed_position_start=1&env=vp&correlator=2733886121958137&output=xml_vmap1&ad_rule=1&vpa=auto&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=3659685959&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&nel=0&eid=44748969%2C44765701&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&dt=1672167589263&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg&scor=3518425460572174&ged=ve4_td12_tt9_pd12_la12000_er899.1300.1053.1600_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
688ca99288dee3a7485f47c3c08ff63b2fcd8acc852f1a9f6c09dd8a5f6e63b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:59:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
920
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 2712 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pixel.gliacloud.com
URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?ul=en-US&ssid=9d09ddc0-8618-11ed-b075-2f2775135070&ea=ad.request&aui=93104&aup=dormknight_content_mcm_5&auo=13&aut=google&pp=300%2C168.75%2C1300%2C899.25&bp=1600%2C1200&wp=1600%2C11233%2C0%2C0&pgu=https%253A%252F%252Fjalantikus.com%252Ftips%252Fdownload-youtube-premium-apk%252F&pgt=YouTube%20Premium%20MOD%20APK%2017.45.34%20Premium%20Unlocked%202022%20%7C%20JalanTikus&sid=glia-id_jalantikus_desktop_simple&sk=id_jalantikus_desktop&si=id_jalantikus_desktop_simple&sa=id_jalantikus&pt=SimplePlayer&pv=0.3.97&ab=0&ta=0&cb=9382440442095468
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22825748039%2Fstudio_admin%2Fdormknight_content_mcm_5_id_jalantikus_desktop_1669887892.830303&sz=640x480&ciu_szs&cust_params&url=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&min_ad_duration=0&max_ad_duration=120000&vrid=1334781&sid=266E5403-43BC-4B3F-A97A-C80FFB8A5501&adk=3659685959&correlator=2733886121958137&ctv=0&dt=1672167589361&ged=ve4_td12_tt9_pd12_la12000_er899.1300.1068.1600_vi0.0.1200.1600_vp100_ts0_eb24171&is_amp=0&npa=false&omid_p=Google1%2Fh.3.549.0&osd=2&ptt=20&scor=3518425460572174&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44748969%2C44765701&hl=en&frm=0&sdki=445&sdkv=h.3.549.0&sdr=1&vpa=auto&nel=0&cnc=21702367101&kfa=0&tfcd=0&top=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&loc=https%3A%2F%2Fjalantikus.com%2Ftips%2Fdownload-youtube-premium-apk%2F&cookie=ID%3Dd3685fb3b42fd463-2287143c6dda0053%3AT%3D1672167577%3AS%3DALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg&gpic=UID%3D00000b993216cefc%3AT%3D1672167577%3ART%3D1672167577%3AS%3DALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| oncontentvisibilityautostatechange function| fbq function| _fbq function| hj object| _hjSettings object| AviviD object| dataLayer object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_image_requests boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| article_content object| jt_content object| apps_content object| webpackJsonpnew-jt object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_manager object| $jscomp function| $jscomp$lookupPolyfilledValue function| UAParser undefined| LikrEventReader undefined| LikrEventReaderPurchase undefined| LikrEventaddToCart undefined| LikrEventPusherPageView undefined| LikrEventLeave function| AwsTrackingFunction object| AviviD_category_id_test object| AviviD_category_id_event boolean| isOpera string| type function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| $ function| jQuery function| jQuery311 string| data_stream_name string| sdk_src string| region_ string| identity_pool_id function| setImmediate function| clearImmediate object| lazySizes object| regeneratorRuntime function| avivid_trigger_purchase undefined| name_for_get_event_value undefined| behavior_type undefined| avivid_gtm_code function| LikrEventSetting function| LikrPreload function| _xamzrequire object| AviviD_AWS string| GoogleAnalyticsObject function| ga function| clarity function| onYouTubeIframeAPIReady object| firebase object| webVitals object| gaplugins object| gaData object| google_llp function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator number| google_lpabyc object| gliaDataLayer object| GliaPlayerManager object| AviviD_tracking_data_aws_put string| ai string| sa object| sessionToken object| data_prepared function| postscribe object| google_tag_manager_external boolean| __VUE__ string| landing_time object| _google_rum_ns_ function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager boolean| ISUBP_BLOCKED function| checkBlocked object| mybotBlockedClientsName object| mybotDomainUrl string| mybotBlockedClientName object| closure_lm_778820 object| closure_lm_430234 function| Plyr object| GoogleGcLKhOms

61 Cookies

Domain/Path Name / Value
.jalantikus.com/ Name: _fbp
Value: fb.1.1672167577672.2060342545
.jalantikus.com/ Name: __gpi
Value: UID=00000b993216cefc:T=1672167577:RT=1672167577:S=ALNI_MbaOBv9bMkF8-uUNdQeBPptZhnHEg
.likr.com.tw/ Name: uuid
Value: 5b7912c4-7f6e-4c54-8280-5ada5b62636a
.likr.com.tw/ Name: AviviD_uuid
Value: 5b7912c4-7f6e-4c54-8280-5ada5b62636a
.jalantikus.com/ Name: AviviD_uuid
Value: 5b7912c4-7f6e-4c54-8280-5ada5b62636a
.jalantikus.com/ Name: AviviD_refresh_uuid_status
Value: 1
.jalantikus.com/ Name: webuserid
Value: 71a2409d-6a83-f61c-dedc-61c95cecd1d2
.jalantikus.com/ Name: AviviD_sw_version
Value: 1.0.868.210701
.jalantikus.com/ Name: _hjSessionUser_1771071
Value: eyJpZCI6ImQwYWFhYTEwLThhZGEtNTA0NS1hNTMzLWYzNjk3NGM0M2NkMyIsImNyZWF0ZWQiOjE2NzIxNjc1Nzc3MTQsImV4aXN0aW5nIjpmYWxzZX0=
.jalantikus.com/ Name: _hjFirstSeen
Value: 1
jalantikus.com/ Name: _hjIncludedInSessionSample
Value: 0
.jalantikus.com/ Name: _hjSession_1771071
Value: eyJpZCI6IjQ0Yzc4ZDg3LTQ2ZjQtNDQ4Yi05Njg4LThiNDI2ZDBmZDBlZCIsImNyZWF0ZWQiOjE2NzIxNjc1NzgzMTYsImluU2FtcGxlIjpmYWxzZX0=
.jalantikus.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.jalantikus.com/ Name: AviviD_already_exist
Value: 1
.jalantikus.com/ Name: AviviD_show_sub
Value: 1
.jalantikus.com/ Name: _ga_TLEJ5CZFT5
Value: GS1.1.1672167578.1.0.1672167578.0.0.0
.jalantikus.com/ Name: _ga
Value: GA1.2.1292710703.1672167578
.jalantikus.com/ Name: _gid
Value: GA1.2.782432545.1672167578
.jalantikus.com/ Name: _gat_UA-56475281-2
Value: 1
www.clarity.ms/ Name: CLID
Value: 225ff990d99b4c2aa6462244973010ef.20221227.20231227
.jalantikus.com/ Name: _clck
Value: 1igetdr|1|f7r|0
.jalantikus.com/ Name: _gat
Value: 1
jalantikus.com/ Name: gliaplayer_ssid
Value: 9d09ddc0-8618-11ed-b075-2f2775135070
.advividnetwork.com/ Name: AviviD_uuid
Value: 5b7912c4-7f6e-4c54-8280-5ada5b62636a
.jalantikus.com/ Name: _clsk
Value: g7wwe7|1672167579176|1|1|i.clarity.ms/collect
.spotxchange.com/ Name: audience
Value: 9d22b0fe-8618-11ed-8c31-1ab0ad8d0406
.jalantikus.com/ Name: __gads
Value: ID=d3685fb3b42fd463-2287143c6dda0053:T=1672167577:S=ALNI_MbAVZNUf7Q7smdu8rngKchGkiasYg
.doubleclick.net/ Name: IDE
Value: AHWqTUkAIZQFL8HsK2ysE3dqdr3xLrH97fGwoi8T_UxDt6jJ08R8UsDy8V_pU3jUY5g
.doubleclick.net/ Name: DSID
Value: NO_DATA
.3lift.com/ Name: tluid
Value: 70515373049409743922
.quantserve.com/ Name: d
Value: EEsBCQH0J4EA
.quantserve.com/ Name: mc
Value: 63ab409b-f2a1d-4876b-a36a1
.lijit.com/ Name: ljt_reader
Value: F4zTqGZHc22BnojfQUeyfFNL
.adfarm1.adition.com/ Name: UserID1
Value: 7181905069532510349
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.bidswitch.net/ Name: c
Value: 1672167580
.bidswitch.net/ Name: tuuid_lu
Value: 1672167580
.bidswitch.net/ Name: tuuid
Value: 5fdb6385-4b6e-4d17-ad85-5fc411517c81
.adnxs.com/ Name: uuid2
Value: 9092587807328731229
.ctnsnet.com/ Name: gid_CAESEBx8M3CVHjFLXu1atBbM9kM
Value: 1
.ctnsnet.com/ Name: cid_18d90bdb11264012a4c18a4adf6fc5bd
Value: 1
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22DF516AF9-D2C6-4FFC-8EF6-FAE0C9957BEF%22%7D
.simpli.fi/ Name: suid
Value: F32F64588B514D2B99F9F86E870BD35C
.casalemedia.com/ Name: CMID
Value: Y6tAnFi-IC2HzCwwKq4qmwAA
.casalemedia.com/ Name: CMPS
Value: 1214
.casalemedia.com/ Name: CMPRO
Value: 1214
.w55c.net/ Name: wfivefivec
Value: eXqJli4l1PafaQ5
.turn.com/ Name: uid
Value: 3149419984508034012
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y6tAnAAHQbIUywAp
.bidswitch.net/ Name: google_push
Value: AavPq0OfbKVHiWfceRY3N4xVwY4IWvPb-8HILO7bPzNnf0a0jrSdThtgPkE8Y9jt7BH5FvB2YVAs1IO4W_AZFDb44vvYJlf6Zc-C
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C00A1A87-D599-4299-A40E-7702242B56E8
.jalantikus.com/ Name: AviviD_token_retake
Value: 0
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1f2a300c-f65a-4844-a55c-ab52b268c37c-003%22%7D
.w55c.net/ Name: matchgoogle
Value: 5
.casalemedia.com/ Name: CMTS
Value: 3356
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1f2a300c-f65a-4844-a55c-ab52b268c37c-003%22%7D
.tribalfusion.com/ Name: ANON_ID
Value: aYnseFyKalGobWm8ZbRiF71Zd5JnCShZcExAQDtJX0cYZaDxIWukhqrUxZdutV6ZdYiOKydJ4FgdYsAMNJJwjoq2ee
.c.bing.com/ Name: SRM_B
Value: 1C6C463BF7786E670CD954BCF6F36F5F
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 1C6C463BF7786E670CD954BCF6F36F5F
.c.clarity.ms/ Name: ANONCHK
Value: 0

6 Console Messages

Source Level URL
Text
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/12406491265686199930/index.html".
security error URL: https://ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/12406491265686199930/index.html".
network error URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/undefinedz9njpo
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/undefinedz9njpo
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.rfp.fout.jp
ad.turn.com
ad24651865248f72c283bd0c018fd711.safeframe.googlesyndication.com
ad4m.at
ads.travelaudience.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.webgains.io
ap.lijit.com
api.dailymotion.com
api.jalantikus.com
api.unibots.in
api.webgains.io
as.ad4m.at
assets.ad4m.at
assets.jalantikus.com
auto-load-balancer.likr.com.tw
avivid.likr.tw
avividone.likr.tw
c.bing.com
c.clarity.ms
cdn-gliacloud.urekamedia.co
cdn.ampproject.org
cdn.jsdelivr.net
cdn.plyr.io
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
dclk-match.dotomi.com
dsp.adfarm1.adition.com
eb2.3lift.com
firehose.ap-southeast-1.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
i.clarity.ms
i.ibb.co
image6.pubmatic.com
imasdk.googleapis.com
jalantikus.com
kinesis.ap-southeast-1.amazonaws.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.gliacloud.com
pixel.rubiconproject.com
player.gliacloud.com
pm.w55c.net
prod-rtb.ad4mat.net
pubads.g.doubleclick.net
r.turn.com
region1.google-analytics.com
s.tribalfusion.com
s0.2mdn.net
script.hotjar.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.hotjar.com
stats.g.doubleclick.net
sun.advividnetwork.com
sync-tm.everesttech.net
sync.1rx.io
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
tag.targeting.unrulymedia.com
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
unpkg.com
vars.hotjar.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
pixel.gliacloud.com
pubads.g.doubleclick.net
124.155.223.195
124.155.223.225
124.155.223.238
13.248.245.213
13.251.113.77
13.251.113.78
13.32.27.7
143.204.215.118
151.101.66.49
162.19.58.161
172.217.16.130
172.64.154.237
18.130.53.249
18.158.138.18
185.64.190.78
185.86.139.103
185.94.180.126
188.65.124.90
20.234.93.27
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.19.147.43
213.19.147.45
2600:1901:0:76b9::
2606:4700:10::6816:2b5e
2606:4700:10::6816:3af9
2606:4700:20::681a:ad1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700:21::681b:c358
2606:4700:3038::6815:eb59
2606:4700::6810:5814
2606:4700::6810:7eaf
2606:4700::6812:18ad
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:49::44
2620:1ec:c11::200
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:806::200a
2a00:1450:4001:808::2004
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2006
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2001
2a00:1450:400d:806::2002
2a00:1450:400d:807::200e
2a00:1450:400d:808::2001
2a00:1450:4025:401::9d
2a02:6ea0:c700::17
2a02:fa8:8806:12::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.11.171.0
3.123.245.15
34.96.95.4
35.186.193.173
35.190.0.66
35.190.12.84
35.204.158.49
35.227.207.122
37.252.172.123
45.79.126.27
51.89.9.252
52.167.85.21
65.9.66.42
69.173.144.138
72.251.249.13
85.114.159.93
98.98.134.243
99.86.4.53
99.86.4.91
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
0153561a98be140aa706cb0bf97e7f54960d75f831082ed23062cce02f46f02c
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
043b2f9a6caebcf2c98b2f88da519a75b5bd019b1bc07a3be10a5d313bb54e1a
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
094d2f1526522b71fa09f3dac8558ba5cdca77ec99ca9316f7a30caa3454b336
09591867279cfa308e6366b2d6be5033904ef3de3c86b6f89cbe47e3022b7d99
09bb28c664a6d52895a3cecb1f2c61cb7220efb250037e5b35f9667cdcb0d5f6
0a7c7b3284bb11fa85851360bfddd57ea13afcb6ea4fe6707b884849e051596a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb7d041ebd9fd009fc12482885c6dca63ebe0ca1b9ce960bbd047a0e5391cb5
0c9f7cf605fe9b7997cd43da48328bdfc7166b1d3cc48a69fdc120ca09440ccb
0f7ca24ad2be837dd50de8d312d38180f495a0908d4f8fcba86c09b4d8f2e8a3
0f9c91f10d7675f172aa8385a04f8a740bf2e54e0ee412f30c3bfa786280f9b0
11a22ef63e97af08a179e6271a11135126f2a16f22bd9cfc27989fded3585335
1247c5908b57ebe0df7f19df07e1ac94d2d7e0732e656589d812c78e227a2dc6
125f36147085c8cb10932ca3480430d305bf29e6256ca61ec1f72112ef6bccbe
134d673ded76a611417320dcaa78730b81a7d8a8ea0d277a50403c4dc11942f5
13a25e2a43cfd675df7e97b50ee7feab72bf3598ad14ded80436e7da2a86772d
14538419c15807c9a5e7d913afbb17223f76134b8da12b51574a7d13ee4046c9
166f329e308e0648e1552bf8e13caadb6aef44fef6baa2120df91216d18727dc
16ffa918ef329affc889ef18cd80755d53562fe4eb946b16090e9298accc4963
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1977ae2b50845838a0f0848012e1d2bb312a7a760bc7427c601305531de0d2d4
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1d9b1f9c4fbd23c7f9122ea15bd14ae8bb7174503cf0dd7619728fdea75246ad
1dd73524c37e1d795d6ca082cd31dfcc8898e547bd3a51433495ff05cb4385c0
1e09fbe47395274b7b2ac7c6c0d2470611f1a7b149bda29b8c1f6f4b2482f999
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1ebe74f3fad6fc1903d89a316f03b643164998b4849c5b3f594425e901b81f64
1f3c2bbda173f575a37a3f5c8bc32afb1932d019a9a2f97f775a0d7503dec73c
1f660758ed7f18341b6c06ae27b38009a5dfbe555ffc2372355adaf2ca2a6cec
21102c92668311558f3f0f4b1a5da26243e06653b6854e55d462202e2e3a2895
232264fa7b268de0f8ebb623fb8cfccbe93a08e936fd2b8cdac31b7cfa9dcae4
25b1ff2361738bb90c50b3a7a1de7696085e6f0e5fab32dd3b8a464e2f4cf339
2725d337e8ed14d10b23407140abf3881d22818a639df5401386c70d4a055757
274b7ab92cdb9b4c2057404901dbb48508ec074a7e5b357a35e920bdc73b9001
294b0c2e3ec3edc89ec51dcef5ef2e099b3111a0634b2e7121cd249744d39b3a
296752c66aef7e7dd53ce2d26717a83ce5875b82e25b5834cc6688f95bbefec8
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
2e888b759a8896b2e478ad901b6be58004795de4c956381f93a177cfbbd9c07a
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f6503fbf807cd8decde3fa77ec65362dd4281fb5d3bccae396deb2275de942b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36129173d01745d6649f1a2cc5b176b5403030851332b0266d088cea4536696c
36defc7ade3dc6eacba20085f18d473f1fccba2fa7e1ab50e2612da30899ec8a
39152d095fe3f21555c453e149879c95992167d01f6adc0159f69a39504d12b5
3d140f037014b739d058f10282b2d7677a548a50c008cb83533081349ea71c1b
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b
41a877e0f6bce3da8fc0f1bb7b28ae43ee18aecd1b7b9908eeda7386e84ecf4c
421104c1dd389a68ec3fd63fa5fd26b66dc6e79e49e0a858f68588cce59d4e6e
4311d6664835687d057eaf5d4ddeb54883c6efe59c55a3aa3f91b928627e49b5
432a0e678fd554e5e225965e0baf8ce42c2f047720d52600885f6e672b241674
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45687a8d24c8c06f1a248a45a547e94621879ed1fb13ed7a6a13e5c77a980cb5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c97b0cfa2e71392fa58921505b2b8aad8f7496cd049ba4331fca8e8db8c485
49f8cc251ecf57d509f5f5dd1391015763918b9c76a9be4de6c5035ab3bec679
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fc902e4a6e84f38917b57847633ea8e827a42a4af437fce1d54fede5d7cf7ea
5131e5822d5f1d2780e14cd209c7c895b715e909b74993f5849d9809ca8276ff
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53f1688c6a87fc8f39ac6ad1c92589ba3afcc2cc275001cc2e50d832142a6339
544d0ea0aa3455ee9a8502e41dc0fb27f23862cc52e9af5d5c90288280933810
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
5747997d80825cbafcdbe5ab97d7b5502c06b1aae85fed9610845348b3da4d98
5817ba1ecac9f6b1ce3024466edab982434e83c62a9f1df2ff19a339b4bf2e24
58817074a3e78734f7cb117d61013b3c233b2ebdb12a3a2bf5b523467790c0f1
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5fa74fec1b6ce99200d910b4f60f4ab9d11107a96ea10688cdb2e541b305945d
5fdffe46c571b0b392a68f61772f38210b2172738fc1dac3be70794daefebf6b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626ae6995fca86a97ecdf2d2d7ab51e7c8fe06a5cc1b03667ec9efc010cf7ba8
63e55165cb26efa3df20628f8c2dfc0b13e7d7e7629761fe9f43b34d5498ea46
642a70e35bd0e4380bedb157efcd408c3476c761aee819f9de88e534f49c2caf
64ee900286c520753f34371eafdc56c97188e32638a97eaaf5e5b60afdb4064f
6847a453292f6db177d022b32b68ec91da611dd1bc18c6e33d26ed726339bc60
688ca99288dee3a7485f47c3c08ff63b2fcd8acc852f1a9f6c09dd8a5f6e63b8
6ac8332784aebd30dc5f7647ad40868522cd389b5b1ba79adc00cb2ab8b1f958
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2
6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7
6d5b2484855a69e76d59cf2e5e518df99515b786e57ee5fa929b0e5cb478e57c
7079c4a270a27cec5738869ff1c650bcb431e7427aa282e507005fbdd4102b4e
70d4e25092885a425be01ae9cce8c5cb7abde6dfcf41816b44c06390cd08e0ca
71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101
739388d5ca07a9c13da9c8aa176cb05bf7b2dead384c4c1fa732646de122a046
751d553428d5a12f48713eded93b897b76a86182d7636ab668da62efaa55b100
7718a7c9a88ace65d95a797e8748dd111b6f0abfcdf7fa0b15a306012d5322a2
78631aa2658006d43b70adcf42bfef831d29315d91bfe9e67bb4acd5f9b349e3
7959f2e6aeae5293a97b9f672aa17871fede4394ed3bc78e6cb9cbfc791ac608
799b36a35464430406c3528b178c757ac87ca7b2c366665eeb822e3dadc3483c
7a4c3bfb638ca9df11118af719117162af4b771659a078b21ef0f325b5417e84
7cbb8f6436fcf857aac5d0ca8355360135627a5919407a458c432ab3e39a4f51
7ea8900707398d5d88f5f59e779f62b66ec1b7e41f5ccc25a8dc4aa0f9b94af7
7faf471db12972c906602b9ce190a8c30fe64f4630929f54bd1e5070a1db7d83
8174e8f7f727a631317bc021ce09e0e4eaef6d1195bffe7c156350bee5ebb06a
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
838682ea23c2c9a03e0cf8f8294aac18990715b4c2868d62012f8cd6c9fec51f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8511b3608ee3391e3f6a006ea476f62ddce8cfff29115277d56bf1c555341821
854e57129b1144586cd2ea3bc9fab7162b3865b6e413892c351306658a2b7a8f
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
87233df6840e8c3d47cb2448998fd8ab886e0b59c767c9fa1aff12dd0dbf4974
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8bea8d5114c2eff73d049f85324784a15c8f085deecda60ed19b8705a0772e35
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8ce3eadd8a5743fff9522192e03cc365a2412a6a6efce4e849b4f868b47c67ce
8d1c0431c216e6bc20750cba7eaff0399e7f1885a883f51ebb755358dedbeb15
8d2758ba4669ac0d5a493c730e88553cdd0af821b1959f94601a1239fd3f2fad
8e5a5c160b608e80a2508a2c37d6a01018fcc4e2c3a81879bc019c011024202e
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ebec479903094986e83f00a08ae6d28f6a2412e0b737a87118c37d5e4063fc8
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a40673a3065722a24ca7478d8bfc91bc016c17495b315f4896d27bbd3059b56d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a842670e0c9a10d0c42dc6de87889c6b9de065232e6bf125d5ca43a163f6d9fd
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a89824b3eb9a6a2365361b688be5ba4dc14998e3565ae5b4fbaeff55469d2f12
aa2b2edb946d58fcbd9176e1676367576a457771cafe3c727b5c38d888346f32
ab380fe996b0c3c85b3d08e38d8de3ff0955edea8a4f64cfaa6e8674345b74ac
abf06691088fd3e48eeca737b56e448a96b06b1d7abb1495b634efcc2795aa89
ac1b4fbf485f8551e6a1a423e3f6a86e3f7701f6bcc6c320b7069049b2ace4b5
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af4176ddff787bdb503edc004ef70da7b876cc83a71cb279cd08f652ab14f01b
afc207386e69748f65e917a95513ca8ef20068a3dc11c87b393733030d80f3d3
b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ae4b56806374a5cf5913e6ce8a81674e5a77df173e141d52fe0178d4f7e576
b2286ec341537b6ac60edddc2db84438c2cce9c6629f3cd633ae139d6cd741de
b2a14aba85d94354bdf2c6cc7b6761c1cce6973ef7977a49098aaa1619965583
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b69d30338173b90102ccf279c4b7f367d32d0e8a1da98f02018f05e5f62ae291
bb976d0b8ca08c001cc086c40222991bf15f0038e30f8f8862d975d05610eb3a
bc3c27a6ef58d2693e02aadf43525ff220983dd3f3c4f77d278d73856dcc72a3
bf47d82f4af3c72868edbf26d93fbf991e7b2c3cb384752e69a010749f336e43
bfd9ff9e71dbb70c669609d774ee1ec11590ba3b59e167a48b7b6a18f29881e4
c047b8a1f14176ac6f52af36253608698637225d5959fed595883c1139216136
c07bed7494e79606c718c766ae2392075ff011c7a3c62ac9df0d4c2b0d964e8a
c0dade5e40511841f841814ed717788248c50490400ef63f4620391825f7444e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2e75b3d4b71a84cdfbcd86ca983b189504a06fa00f2eca87e200e54843903bf
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c4380b25f49ffac057ef983eb49b1cc5175607c2eecbf44f03a606c275f18c6f
c66aeeca7e1a93a66b2345b6578f20cd30b3f68c5994c61b943f1d8a0453b916
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
cc3b3b02fc8f8feba02382016f1982a7bb5f7ea5172b8a93db71a152b58ecc24
ccb9f5257f90e16ce5a3a9ceadc67e65d8825346beb4d8ff6768784c4fdf9d58
cec2bc8cade36cfe3b7b0357bfb2deee9cce431715d576c942d82887033543bc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d194d46aa7b431731725e21b6fe70ec0813da5afbdecaacf0b3b5aaeb9ccf4e3
d4870a562d850d026830aa1ed4ecefd5cde7b8d7535ac4260b6a17dffe4f2ebd
d80f6ec3a78924d5f5276bd680cbfb9dd37879691c648dc14755cb3d9c5bf3b3
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293
da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf
db258da583c46683a0b557bb1c1af6b86bcc64dd38044fd103cefbf72dabd512
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dea6e18bba96efa9b2b536fffe06d66228ad3eb2508ad462505f0c46829cb3f2
dfc4a5f9c8e29203683d05aac53a56c9fc2599393f93d50f4afef7a14f29aafd
e14465e19b604889e4f80bc599843baaf19139e16bd5066fd0a423d7792369ae
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
e2d0844327b6f645d4e75a297ff751164b5e9d31eede858bd72e83bb84066e3d
e2d92e12f58630ab7f9b6690efac30381bf9815b06f590fe315c90c5df9942b0
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e407b89d65ac453787833b177246e3a4da09958982e08e0d96f37446bb1aee7f
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5f946892a28316e9c292db663651ed6b7b6c091befcbca5a93cfbe200d7cccb
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e638079fbfc8bb79906848c8f433a3c2af9d27c56e546bd6606527ebfce8e335
e668ad13862fe4f4d8631454881c1cabd4f5e9446192ca40c1ecc5892d7617cf
e748d47e0930e87a515df7e2a11e9d797dd670598254900fdbd654593f001a9a
ea890c2d03f464e79d9d8a4a56bbe6d06ad5e440bd29bd3ae03c97f962522245
eb8e1062945ac3513efb304595b6b7ffa5a3b7aeb06b810cc8fc369707451eed
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b
ece6f49936ec7d9e5f1b361f0ccb8b3a228f8034c9becd30c041175fe62b726a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f217daeb2d96c1459a631bcf0fb129a09ff39bd7901dd0dad9477a4f3225bdaa
f24adcb89bfbabbd20652bb61c6dc3de54bde4b77c096d5436c03f2963dd16a1
f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46
f4cfd1276ee2c4dbee6b153f9dc4521383a6e7d2d14ba0b959c2206eca7114d0
f6bc92316cf9b94564838ba2a15737f8da7279aaae366c47944d51e41f03bbf3
f7b085fd5522691004b76008420efaf41f9119c11cf85a1d93f442d2da219270
f8775e0405e98ed044eb120e8a7409d2b81ed57caa8f49e14f523b7f41b1368e
f9ed515d0f1c1077d8eef63c4c178146a482f61ece1487f89e25d379e7be8a2f
fec67c157a3599eaea4f7cb4e876c263212aae276a41ce1cc3ff6e1f0e6ecf16
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48