urlscan.io logo urlscan.io
SecurityTrails logo

www.proxysite.com Open in urlscan Pro
3.213.74.218  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://us14.proxysite.com/
Effective URL: https://www.proxysite.com/
Submission Tags: falconsandbox
Submission: On September 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 5 countries across 21 domains to perform 83 HTTP transactions. The main IP is 3.213.74.218, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.proxysite.com.
TLS certificate: Issued by Amazon on April 27th 2021. Valid for: a year.
This is the only time www.proxysite.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 167.114.175.21 16276 (OVH)
17 3.213.74.218 14618 (AMAZON-AES)
9 142.250.186.162 15169 (GOOGLE)
4 93.184.220.66 15133 (EDGECAST)
2 157.240.236.1 32934 (FACEBOOK)
2 142.250.74.206 15169 (GOOGLE)
1 157.240.236.35 32934 (FACEBOOK)
9 142.250.74.194 15169 (GOOGLE)
2 104.244.42.200 13414 (TWITTER)
1 142.250.181.226 15169 (GOOGLE)
1 142.250.185.162 15169 (GOOGLE)
2 142.250.186.98 15169 (GOOGLE)
1 34.95.89.54 15169 (GOOGLE)
12 104.21.192.4 13335 (CLOUDFLAR...)
4 142.250.181.225 15169 (GOOGLE)
2 142.250.184.228 15169 (GOOGLE)
1 91.228.74.226 16509 (AMAZON-02)
2 2 35.244.174.68 15169 (GOOGLE)
5 142.250.184.226 15169 (GOOGLE)
1 34.98.67.61 15169 (GOOGLE)
2 2 35.227.252.103 15169 (GOOGLE)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
1 1 69.173.144.165 26667 (RUBICONPR...)
1 104.26.7.27 13335 (CLOUDFLAR...)
2 104.21.192.5 13335 (CLOUDFLAR...)
1 3 104.111.239.217 16625 (AKAMAI-AS)
2 2 216.58.212.166 15169 (GOOGLE)
1 148.251.139.77 24940 (HETZNER-AS)
83 23
2    167.114.175.21 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: bhs4.nux.net
us14.proxysite.com
17    3.213.74.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-74-218.compute-1.amazonaws.com
www.proxysite.com
9    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
pagead2.googlesyndication.com
www.googletagservices.com
4    93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    157.240.236.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frx5.fbcdn.net
connect.facebook.net
2    142.250.74.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net
www.google-analytics.com
1    157.240.236.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frx5.facebook.com
www.facebook.com
9    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
googleads.g.doubleclick.net
adservice.google.de
2    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
adservice.google.de
2    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
adservice.google.com
1    34.95.89.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.89.95.34.bc.googleusercontent.com
prod-rtb.ad4mat.net
12    104.21.192.4 (None, )

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
4    142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net
tpc.googlesyndication.com
2    142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net
www.google.com
1    91.228.74.226 (United Kingdom)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
5    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    104.26.7.27 (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    104.21.192.5 (None, )

ASN13335 (CLOUDFLARENET, US)
ad4m.at
3    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
2    216.58.212.166 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f6.1e100.net
ad.doubleclick.net
1    148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de
banner.congstar.de
Domain Requested by
17 www.proxysite.com www.proxysite.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.proxysite.com
7 pagead2.googlesyndication.com www.proxysite.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
6 assets.ad4m.at as.ad4m.at
5 cm.g.doubleclick.net googleads.g.doubleclick.net
4 ad4m.at as.ad4m.at
ad4m.at
4 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
4 platform.twitter.com www.proxysite.com
platform.twitter.com
3 www.awin1.com 1 redirects as.ad4m.at
2 ad.doubleclick.net 2 redirects
2 image6.pubmatic.com 2 redirects
2 rtb.openx.net 2 redirects
2 id.rlcdn.com 2 redirects
2 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
2 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 syndication.twitter.com platform.twitter.com
www.proxysite.com
2 www.google-analytics.com www.proxysite.com
www.google-analytics.com
2 connect.facebook.net www.proxysite.com
connect.facebook.net
2 us14.proxysite.com 2 redirects
1 banner.congstar.de as.ad4m.at
1 static-de.ad4mat.net as.ad4m.at
1 pixel.rubiconproject.com 1 redirects
1 odr.mookie1.com googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 prod-rtb.ad4mat.net www.proxysite.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.facebook.com connect.facebook.net
83 30

This site contains links to these domains. Also see Links.

Domain
us14.proxysite.com
pryvacy.com
Subject Issuer Validity Valid
proxysite.com
Amazon		 2021-04-27 -
2022-05-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-06-29 -
2021-09-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2021-08-24 -
2021-11-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-08 -
2022-07-07		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
*.congstar.de
TeleSec ServerPass Class 2 CA		 2021-05-18 -
2022-05-23		 a year crt.sh

This page contains 18 frames:

Primary Page: https://www.proxysite.com/
Frame ID: 37613675102075147317A0AFBB41DE23
Requests: 35 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.proxysite.com
Frame ID: BF499FCB715B9BF0EA5CAB3EE2458615
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1dc83c60803df%26domain%3Dwww.proxysite.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.proxysite.com%252Ff36b14d305e6b7c%26relation%3Dparent.parent&container_width=105&href=https%3A%2F%2Fwww.proxysite.com%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&width=80
Frame ID: 0517E31D5BCCEC12D3B1E3B45DEA04A4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/zrt_lookup.html
Frame ID: 8C03B1D2B4ECA9B8829F8EF45E7C13B1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960137&bpp=3&bdt=382&idt=129&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&correlator=1815683785345&frm=20&pv=2&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=YMgRktWvjE&p=https%3A//www.proxysite.com&dtd=146
Frame ID: 72B8C8AAC4EE6A8A0373BF3A2A6ED09E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=1005968846&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=1&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960140&bpp=1&bdt=385&idt=152&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=305&ady=702&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=O2EyKRHIQI&p=https%3A//www.proxysite.com&dtd=155
Frame ID: 6D5819A7B6D117A0B55BB45934767E7D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&slotname=6803856480&adk=197138127&adf=1497320946&pi=t.ma~as.6803856480&w=728&lmt=1632024960&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960141&bpp=1&bdt=386&idt=157&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280%2C990x280&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=436&ady=2948&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=tGGNs31MNe&p=https%3A//www.proxysite.com&dtd=159
Frame ID: 2002A78D6C6FC40E32275EF17E8DEA6B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&adk=1812271804&adf=3025194257&lmt=1632024960&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.proxysite.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960150&bpp=1&bdt=395&idt=152&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280%2C990x280%2C728x90&nras=1&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=156
Frame ID: 12118093AABFC14B17E042CC60529557
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
Frame ID: 1C97113FD52B5A1B08FB9E23656A2582
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960487&bpp=1&bdt=732&idt=-M&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79c1726e715221dd-223590a137c900c4%3AT%3D1632024960%3ART%3D1632024960%3AS%3DALNI_MYV35HhRzJtt1_xx8HiwntDXQzCcg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ovTZEFq9L0&p=https%3A//www.proxysite.com&dtd=12
Frame ID: E97692146F9EB465FB832B8DD5DDF03A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960487&bpp=1&bdt=732&idt=0&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79c1726e715221dd-223590a137c900c4%3AT%3D1632024960%3ART%3D1632024960%3AS%3DALNI_MYV35HhRzJtt1_xx8HiwntDXQzCcg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8zgx2sr8yI&p=https%3A//www.proxysite.com&dtd=16
Frame ID: 3C891E744BD8F54444513E769EB808FF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CGaD5gLlGYZ6vIMHz3wO0jYGYCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQIYQynVuKuzPqgDAaoEpgFP0Cp2k-q4qvb1qQ6e83V2rTF5SzB8Gt7WOb7DWjJUCASbbiMlOV2GicWcBKWXm1vWJLQBVUdBYbtxZ0mnV3FqxzHVXgoGJ9xD9iI-fEQSd7pMKGSOf1AEA00yxVa5aggbzYuojs2NS7PwpEtHM2kTpoB1iXjI4J5-aQVKN4UH7ZwqVxm5LlUlZRpKHKJOl2dJ_LLJNbkievqesktpZAbhxXRV7bk8gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTI3MTA1MjAzMzc3NjgxMRgA&sigh=ElWc9xwzKYQ
Frame ID: E089A08D1DB40EBB23034CAAC4D3DC76
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kgsmmaqp08cqr12a0vhp1zym9465hepk78ga8ps22wdvs9aqxxab515mwevrnf8zfe352wc765ye24e66caz6cm4g8ee1k4a8mm02xbsh5da73ba4f5ggstzmj5tx4s31e0rqbmm8c8vqrfwnd1r9db5a0f0v5nxt8y0b7p2jp3b19xsjyxtbqwjemtpamhns0vtxrdedxtm5rpb59d1cqxkhbvpdheb2p2ezyb16heyc9twbgpjvf2f029sx18dwxt0ygneerqrcb2ngsjwv5epajjahqn8112sb2n4pkjbb64h4daj6ybpqy0tncy5qqfbs5tymkee19e4fh6ared55d0bvc40nw1a3n2zaamcxqgc46pwcr8383xv61heya2xn190nsv1bkaa569c80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChlNjgLlGYZ6vIMHz3wO0jYGYCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQIYQynVuKuzPqgDAaoEqQFP0Cp2k-q4qvb1qQ6e83V2rTF5SzB8Gt7WOb7DWjJUCASbbiMlOV2GicWcBKWXm1vWJLQBVUdBYbtxZ0mnV3FqxzHVXgoGJ9xD9iI-fEQSd7pMKGSOf1AEA00yxVa5aggbzYuojs2NS7PwpEtHM2kTpoB1iXjI4J5-aQVKN4UH7ZwqVxm5LlUlZRpKHKJOl2dJ_LLJd7sv6C1LNQuh4053Hz3HH4Ao61CcgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_35p2QZPIiy2dyE57kdr2hPVMyuvA%26client%3Dca-pub-5271052033776811%26adurl%3D
Frame ID: A058F5F0D94593AEC47F69EB91C13ED8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 524167A03D15338DCB92B1D0930E61BC
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: A0C4362246A01CA8778C8449607AC7F5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: AA57EBFB7248603DC7E97875013A500A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F0D3DD794310F594FEDA2A9AA9939D5A
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=VJIPbSx3Pi1yJG0aTt1m8bhKK-wYnhsg&g=763c1703c9843e511bd0da8f97a809b0%2F18376122078504561464&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632024961196&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0jzv52hp29k3vwv5z4xe2nnbqvcj9xs1crg8trym5hhbpk4sem4snkkfg4nxz28j0r00chb5pcw55ftzpt0xcp4re8jw9114nag91jcx8y510qvxqnd6rzccc6ecwrrf1ah7ttyk14xtq8jahdrmqk9q0pnrdvj1w4tawbvvfcv42b62z0z2rdj6gbj5c2m8rx315702wmxeddd0fxsm7dadez2dh9qt1q8h7vm151p4zf40mmw2x1syc8atm6rnadw8ttkes3w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChlNjgLlGYZ6vIMHz3wO0jYGYCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQIYQynVuKuzPqgDAaoEqQFP0Cp2k-q4qvb1qQ6e83V2rTF5SzB8Gt7WOb7DWjJUCASbbiMlOV2GicWcBKWXm1vWJLQBVUdBYbtxZ0mnV3FqxzHVXgoGJ9xD9iI-fEQSd7pMKGSOf1AEA00yxVa5aggbzYuojs2NS7PwpEtHM2kTpoB1iXjI4J5-aQVKN4UH7ZwqVxm5LlUlZRpKHKJOl2dJ_LLJd7sv6C1LNQuh4053Hz3HH4Ao61CcgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_35p2QZPIiy2dyE57kdr2hPVMyuvA%252526client%25253Dca-pub-5271052033776811%252526adurl%25253D&y=1&z=0
Frame ID: EAA2835F3EFC552D484162C7EB740120
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ProxySite.com - Free Web Proxy Site

Page URL History Show full URLs

  1. http://us14.proxysite.com/ HTTP 301
    https://us14.proxysite.com/ HTTP 301
    https://www.proxysite.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

83
Requests

99 %
HTTPS

0 %
IPv6

21
Domains

30
Subdomains

23
IPs

5
Countries

942 kB
Transfer

2147 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://us14.proxysite.com/ HTTP 301
    https://us14.proxysite.com/ HTTP 301
    https://www.proxysite.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKWCb07tzYRdguOr0z13F5zBQSlvTAU-jX8UDBR924XdIPySoKKj6ftipRtVEshfU_OhuEOBNdGLo2qMgmuqP1rfkNG7nk_&google_gid=CAESEFAlIwsMtT32vC9KrauG3hw&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCIDzmooGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBLV0NiMDd0ellSZGd1T3IwejEzRjV6QlFTbHZUQVUtalg4VURCUjkyNFhkSVB5U29LS2o2ZnRpcFJ0VkVzaGZVX09odUVPQk5kR0xvMnFNZ211cVAxcmZrTkc3bmtf HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwVVJvVFlEQXVRV1JRdFV3Z2FRcno4SmpoZmdEVUhsemtabEhET2tlNk9RZw==&google_push
Request Chain 54
  • https://rtb.openx.net/sync/dds?google_gid=CAESEIMmucu3YAAAAMLcwF9bN_E&google_cver=1&google_push=AYg5qPKpxpApHih6GFyxQEUySLlvcgY2nCensJK201Bkw274DCaU1aq1EYL6R-GJ9XxynX4QMed1IcT0aEGMtgmSdlfIM5oJgK1O HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEIMmucu3YAAAAMLcwF9bN_E&google_cver=1&google_push=AYg5qPKpxpApHih6GFyxQEUySLlvcgY2nCensJK201Bkw274DCaU1aq1EYL6R-GJ9XxynX4QMed1IcT0aEGMtgmSdlfIM5oJgK1O&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKpxpApHih6GFyxQEUySLlvcgY2nCensJK201Bkw274DCaU1aq1EYL6R-GJ9XxynX4QMed1IcT0aEGMtgmSdlfIM5oJgK1O&google_hm=YA_xbxFDxtgLZbpPSVSnQQ==
Request Chain 55
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJdQH4qDC351418l5JFRLUE&google_cver=1&google_push=AYg5qPLsmDVsoOt5QwYP3s3KYXyB0LFpm8u27JnKFBC70m2haqVafvsRE-aU2yUwtPYLwpkoGLrd9fA8ZFTh6GBgTdSYW_dATQHX HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJdQH4qDC351418l5JFRLUE&google_cver=1&google_push=AYg5qPLsmDVsoOt5QwYP3s3KYXyB0LFpm8u27JnKFBC70m2haqVafvsRE-aU2yUwtPYLwpkoGLrd9fA8ZFTh6GBgTdSYW_dATQHX&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3IQqxuZERiCoLZCpCJ20Uw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLsmDVsoOt5QwYP3s3KYXyB0LFpm8u27JnKFBC70m2haqVafvsRE-aU2yUwtPYLwpkoGLrd9fA8ZFTh6GBgTdSYW_dATQHX
Request Chain 56
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKYqXdDVcQ18xBmtmBwx028&google_cver=1&google_push=AYg5qPJJe5el3Y-D5h9eQnqjK2isS5Dz-fxBVd_l5NRcJBAn_bfcz5AciuMW6kQgUtVJSJ5xBJr6577o8-xg1v-DiSNbxOnEX1yN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RRUElWMzItMjMtQjBQQg==&google_push=AYg5qPJJe5el3Y-D5h9eQnqjK2isS5Dz-fxBVd_l5NRcJBAn_bfcz5AciuMW6kQgUtVJSJ5xBJr6577o8-xg1v-DiSNbxOnEX1yN
Request Chain 57
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_cver=1&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKiO7NQL_A6lqDeDHd_iJ1NZIoGBhJ7tuIfSUHACkW8UPrX69mUtSa9HpRaanrVj-L HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKiO7NQL_A6lqDeDHd_iJ1NZIoGBhJ7tuIfSUHACkW8UPrX69mUtSa9HpRaanrVj-L&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKiO7NQL_A6lqDeDHd_iJ1NZIoGBhJ7tuIfSUHACkW8UPrX69mUtSa9HpRaanrVj-L HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKiO7NQL_A6lqDeDHd_iJ1NZIoGBhJ7tuIfSUHACkW8UPrX69mUtSa9HpRaanrVj-L HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKiO7NQL_A6lqDeDHd_iJ1NZIoGBhJ7tuIfSUHACkW8UPrX69mUtSa9HpRaanrVj-L HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKiO7NQL_A6lqDeDHd_iJ1NZIoGBhJ7tuIfSUHACkW8UPrX69mUtSa9HpRaanrVj-L HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKiO7NQL_A6lqDeDHd_iJ1NZIoGBhJ7tuIfSUHACkW8UPrX69mUtSa9HpRaanrVj-L HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKiO7NQL_A6lqDeDHd_iJ1NZIoGBhJ7tuIfSUHACkW8UPrX69mUtSa9HpRaanrVj-L HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKiO7NQL_A6lqDeDHd_iJ1NZIoGBhJ7tuIfSUHACkW8UPrX69mUtSa9HpRaanrVj-L HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKiO7NQL_A6lqDeDHd_iJ1NZIoGBhJ7tuIfSUHACkW8UPrX69mUtSa9HpRaanrVj-L HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKiO7NQL_A6lqDeDHd_iJ1NZIoGBhJ7tuIfSUHACkW8UPrX69mUtSa9HpRaanrVj-L HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKiO7NQL_A6lqDeDHd_iJ1NZIoGBhJ7tuIfSUHACkW8UPrX69mUtSa9HpRaanrVj-L HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKiO7NQL_A6lqDeDHd_iJ1NZIoGBhJ7tuIfSUHACkW8UPrX69mUtSa9HpRaanrVj-L HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKiO7NQL_A6lqDeDHd_iJ1NZIoGBhJ7tuIfSUHACkW8UPrX69mUtSa9HpRaanrVj-L HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKiO7NQL_A6lqDeDHd_iJ1NZIoGBhJ7tuIfSUHACkW8UPrX69mUtSa9HpRaanrVj-L HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKiO7NQL_A6lqDeDHd_iJ1NZIoGBhJ7tuIfSUHACkW8UPrX69mUtSa9HpRaanrVj-L HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKiO7NQL_A6lqDeDHd_iJ1NZIoGBhJ7tuIfSUHACkW8UPrX69mUtSa9HpRaanrVj-L HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKiO7NQL_A6lqDeDHd_iJ1NZIoGBhJ7tuIfSUHACkW8UPrX69mUtSa9HpRaanrVj-L HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKiO7NQL_A6lqDeDHd_iJ1NZIoGBhJ7tuIfSUHACkW8UPrX69mUtSa9HpRaanrVj-L HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKiO7NQL_A6lqDeDHd_iJ1NZIoGBhJ7tuIfSUHACkW8UPrX69mUtSa9HpRaanrVj-L HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKiO7NQL_A6lqDeDHd_iJ1NZIoGBhJ7tuIfSUHACkW8UPrX69mUtSa9HpRaanrVj-L
Request Chain 81
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidVJIPbSx3Pi1yJG0aTt1m8bhKK-wYnhsgasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CPmF4OCWivMCFbuK_QcdeBcCug;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidVJIPbSx3Pi1yJG0aTt1m8bhKK-wYnhsgasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidVJIPbSx3Pi1yJG0aTt1m8bhKK-wYnhsgasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1632024961_4c8bd690-1900-11ec-a5f3-692d0d349c1f

83 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.proxysite.com/
Redirect Chain
  • http://us14.proxysite.com/
  • https://us14.proxysite.com/
  • https://www.proxysite.com/
14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.proxysite.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.74.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-74-218.compute-1.amazonaws.com
Software
Apache /
Resource Hash
654d9c2368858ab2e93f25f594857d26d282c86520a8901c93f8155b3dc7674b

Request headers

:method
GET
:authority
www.proxysite.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 19 Sep 2021 04:15:59 GMT
content-type
text/html; charset=UTF-8
content-length
4216
set-cookie
AWSALB=SlulNIHwMPZlyK+Fvg/bAygnE/5MYyLJmTBe+FpJ9suix/W9ZUwc5LsQcDMDi3PKmVV6Sm4aLmv+HEr+5M6efZJDChPyMl2d4+vcMP3mJZArP61sNKzlJtvnoM58; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/ AWSALBCORS=SlulNIHwMPZlyK+Fvg/bAygnE/5MYyLJmTBe+FpJ9suix/W9ZUwc5LsQcDMDi3PKmVV6Sm4aLmv+HEr+5M6efZJDChPyMl2d4+vcMP3mJZArP61sNKzlJtvnoM58; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/; SameSite=None; Secure PHPSESSID=mk549aiis29r95rv1ll4ou1aj7; path=/; HttpOnly hl=en; expires=Mon, 19-Sep-2022 04:15:59 GMT; Max-Age=31536000; path=/
server
Apache
cache-control
no-cache, max-age=0
vary
Accept-Encoding
content-encoding
gzip
expires
Sun, 19 Sep 2021 04:15:59 GMT

Redirect headers

Server
nginx
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-cache
Date
Sun, 19 Sep 2021 04:15:59 GMT
Location
https://www.proxysite.com
96f631f.css
www.proxysite.com/css/ 		38 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.proxysite.com/css/96f631f.css?v=17030501
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.74.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-74-218.compute-1.amazonaws.com
Software
Apache /
Resource Hash
35d4a453929aeb9cb4ca18e20087e72d2b251d050a6a7ec20931c152049d341f

Request headers

:path
/css/96f631f.css?v=17030501
pragma
no-cache
cookie
AWSALB=SlulNIHwMPZlyK+Fvg/bAygnE/5MYyLJmTBe+FpJ9suix/W9ZUwc5LsQcDMDi3PKmVV6Sm4aLmv+HEr+5M6efZJDChPyMl2d4+vcMP3mJZArP61sNKzlJtvnoM58; AWSALBCORS=SlulNIHwMPZlyK+Fvg/bAygnE/5MYyLJmTBe+FpJ9suix/W9ZUwc5LsQcDMDi3PKmVV6Sm4aLmv+HEr+5M6efZJDChPyMl2d4+vcMP3mJZArP61sNKzlJtvnoM58; PHPSESSID=mk549aiis29r95rv1ll4ou1aj7; hl=en
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.proxysite.com
referer
https://www.proxysite.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:15:59 GMT
content-encoding
gzip
last-modified
Mon, 18 Mar 2019 22:05:12 GMT
server
Apache
etag
"97e6-58465952eb312-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
set-cookie
AWSALB=YZtexqMfwK7gVJRS3i50Q8nKYAuqH8b4b8Gy11FN241Fmi9AHMYoRuHmjyJoBbHf7w9CRUAabuGsMAF2tXvakvK1InFrk4aVraCQiLAElYijOticjDuXsZr1qcM2; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/ AWSALBCORS=YZtexqMfwK7gVJRS3i50Q8nKYAuqH8b4b8Gy11FN241Fmi9AHMYoRuHmjyJoBbHf7w9CRUAabuGsMAF2tXvakvK1InFrk4aVraCQiLAElYijOticjDuXsZr1qcM2; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
7817
expires
Tue, 19 Oct 2021 04:15:59 GMT
logo.png
www.proxysite.com/assets/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.proxysite.com/assets/images/logo.png
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.74.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-74-218.compute-1.amazonaws.com
Software
Apache /
Resource Hash
2f1513a46b73f5ada51bafe9acd73abc1489f912de163236e4b6480a8311fb18

Request headers

:path
/assets/images/logo.png
pragma
no-cache
cookie
AWSALB=SlulNIHwMPZlyK+Fvg/bAygnE/5MYyLJmTBe+FpJ9suix/W9ZUwc5LsQcDMDi3PKmVV6Sm4aLmv+HEr+5M6efZJDChPyMl2d4+vcMP3mJZArP61sNKzlJtvnoM58; AWSALBCORS=SlulNIHwMPZlyK+Fvg/bAygnE/5MYyLJmTBe+FpJ9suix/W9ZUwc5LsQcDMDi3PKmVV6Sm4aLmv+HEr+5M6efZJDChPyMl2d4+vcMP3mJZArP61sNKzlJtvnoM58; PHPSESSID=mk549aiis29r95rv1ll4ou1aj7; hl=en
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.proxysite.com
referer
https://www.proxysite.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:15:59 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"cd8-5846594186131"
content-type
image/png
cache-control
max-age=2592000
set-cookie
AWSALB=HI7BlavTesegjSc3dt85HZdHKLY1fEKlJ4GktOHbItJ0naDqXihCom1AIdqkNo/JCvXW+ekoV5+LMmT3ItXov2M4DXtiomkpUJR5el57IZgNds1TAxWBD6Q9qpPi; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/ AWSALBCORS=HI7BlavTesegjSc3dt85HZdHKLY1fEKlJ4GktOHbItJ0naDqXihCom1AIdqkNo/JCvXW+ekoV5+LMmT3ItXov2M4DXtiomkpUJR5el57IZgNds1TAxWBD6Q9qpPi; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
3288
expires
Tue, 19 Oct 2021 04:15:59 GMT
privacy.png
www.proxysite.com/assets/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.proxysite.com/assets/images/privacy.png
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.74.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-74-218.compute-1.amazonaws.com
Software
Apache /
Resource Hash
eaee2371582b8c319e9f7b6432b570d1c7cc5bda80a6d7819521c6df355c3f9b

Request headers

:path
/assets/images/privacy.png
pragma
no-cache
cookie
AWSALB=SlulNIHwMPZlyK+Fvg/bAygnE/5MYyLJmTBe+FpJ9suix/W9ZUwc5LsQcDMDi3PKmVV6Sm4aLmv+HEr+5M6efZJDChPyMl2d4+vcMP3mJZArP61sNKzlJtvnoM58; AWSALBCORS=SlulNIHwMPZlyK+Fvg/bAygnE/5MYyLJmTBe+FpJ9suix/W9ZUwc5LsQcDMDi3PKmVV6Sm4aLmv+HEr+5M6efZJDChPyMl2d4+vcMP3mJZArP61sNKzlJtvnoM58; PHPSESSID=mk549aiis29r95rv1ll4ou1aj7; hl=en
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.proxysite.com
referer
https://www.proxysite.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:15:59 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"1dbc-5846594186131"
content-type
image/png
cache-control
max-age=2592000
set-cookie
AWSALB=5ixYL18R++1jSOqmwDtfNFLWGiuvxGsEVbLWJm9xHxzhPz8pYINV73hDJfpW+QySC3sSJAsTalgbqyFDA3X/gV+XXPOZcPT0EppOpLZTbD2MHJyOPIPiJC33LOu7; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/ AWSALBCORS=5ixYL18R++1jSOqmwDtfNFLWGiuvxGsEVbLWJm9xHxzhPz8pYINV73hDJfpW+QySC3sSJAsTalgbqyFDA3X/gV+XXPOZcPT0EppOpLZTbD2MHJyOPIPiJC33LOu7; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
7612
expires
Tue, 19 Oct 2021 04:15:59 GMT
speed.png
www.proxysite.com/assets/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.proxysite.com/assets/images/speed.png
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.74.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-74-218.compute-1.amazonaws.com
Software
Apache /
Resource Hash
036a97f58ae41233cce615d76fb5511d15d9db41201bae08f0099eeb07faec28

Request headers

:path
/assets/images/speed.png
pragma
no-cache
cookie
AWSALB=SlulNIHwMPZlyK+Fvg/bAygnE/5MYyLJmTBe+FpJ9suix/W9ZUwc5LsQcDMDi3PKmVV6Sm4aLmv+HEr+5M6efZJDChPyMl2d4+vcMP3mJZArP61sNKzlJtvnoM58; AWSALBCORS=SlulNIHwMPZlyK+Fvg/bAygnE/5MYyLJmTBe+FpJ9suix/W9ZUwc5LsQcDMDi3PKmVV6Sm4aLmv+HEr+5M6efZJDChPyMl2d4+vcMP3mJZArP61sNKzlJtvnoM58; PHPSESSID=mk549aiis29r95rv1ll4ou1aj7; hl=en
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.proxysite.com
referer
https://www.proxysite.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:15:59 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"158b-5846594186131"
content-type
image/png
cache-control
max-age=2592000
set-cookie
AWSALB=VH0DJsRfc1OtrNJXmktdaf9hpb7H4waE7q6okiB4/e1XToWqwgaS6fRrA5g2RGLX0XgSeHNHd6T+fYe9NGZTmwVmEsavoqDqSx5jhom19GpNqbFrmwXr8rkcyrGW; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/ AWSALBCORS=VH0DJsRfc1OtrNJXmktdaf9hpb7H4waE7q6okiB4/e1XToWqwgaS6fRrA5g2RGLX0XgSeHNHd6T+fYe9NGZTmwVmEsavoqDqSx5jhom19GpNqbFrmwXr8rkcyrGW; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
5515
expires
Tue, 19 Oct 2021 04:15:59 GMT
magnifying.png
www.proxysite.com/assets/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.proxysite.com/assets/images/magnifying.png
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.74.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-74-218.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ecb0a51c8bccd33964654ecedc1115640eec2c15b217d843df9ed2c36d358060

Request headers

:path
/assets/images/magnifying.png
pragma
no-cache
cookie
AWSALB=SlulNIHwMPZlyK+Fvg/bAygnE/5MYyLJmTBe+FpJ9suix/W9ZUwc5LsQcDMDi3PKmVV6Sm4aLmv+HEr+5M6efZJDChPyMl2d4+vcMP3mJZArP61sNKzlJtvnoM58; AWSALBCORS=SlulNIHwMPZlyK+Fvg/bAygnE/5MYyLJmTBe+FpJ9suix/W9ZUwc5LsQcDMDi3PKmVV6Sm4aLmv+HEr+5M6efZJDChPyMl2d4+vcMP3mJZArP61sNKzlJtvnoM58; PHPSESSID=mk549aiis29r95rv1ll4ou1aj7; hl=en
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.proxysite.com
referer
https://www.proxysite.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:15:59 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"2690-5846594186131"
content-type
image/png
cache-control
max-age=2592000
set-cookie
AWSALB=N6j4MylThCctgWOFZ+CCQFC8T/G6LRKPZIXJgloOZfNXLK6gelj0iRL7nkayszQMjOMKFXu4Qu12VwfFtKaYVlOLZMS7Je3slP9WRVbgINOIiEwPwglKFQILSkff; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/ AWSALBCORS=N6j4MylThCctgWOFZ+CCQFC8T/G6LRKPZIXJgloOZfNXLK6gelj0iRL7nkayszQMjOMKFXu4Qu12VwfFtKaYVlOLZMS7Je3slP9WRVbgINOIiEwPwglKFQILSkff; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
9872
expires
Tue, 19 Oct 2021 04:15:59 GMT
computer.png
www.proxysite.com/assets/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.proxysite.com/assets/images/computer.png
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.74.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-74-218.compute-1.amazonaws.com
Software
Apache /
Resource Hash
60738e0c21e145c63411dab779e72942f078ede817a5cdf57466ef0e61ff8d49

Request headers

:path
/assets/images/computer.png
pragma
no-cache
cookie
AWSALB=SlulNIHwMPZlyK+Fvg/bAygnE/5MYyLJmTBe+FpJ9suix/W9ZUwc5LsQcDMDi3PKmVV6Sm4aLmv+HEr+5M6efZJDChPyMl2d4+vcMP3mJZArP61sNKzlJtvnoM58; AWSALBCORS=SlulNIHwMPZlyK+Fvg/bAygnE/5MYyLJmTBe+FpJ9suix/W9ZUwc5LsQcDMDi3PKmVV6Sm4aLmv+HEr+5M6efZJDChPyMl2d4+vcMP3mJZArP61sNKzlJtvnoM58; PHPSESSID=mk549aiis29r95rv1ll4ou1aj7; hl=en
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.proxysite.com
referer
https://www.proxysite.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:15:59 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"1b25-5846594186131"
content-type
image/png
cache-control
max-age=2592000
set-cookie
AWSALB=2qSFC37vbp5mbTpNl+EnhFZy+7OrkqJJJLYNNg4fSx3xyqF3zNJKnRjTJr6lkX4dUGRYydv6+Gjg0z7s2Y/9JTnMKEKq+LeHNwNaw5aRGOk8dY7WdaQQZYigs5CZ; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/ AWSALBCORS=2qSFC37vbp5mbTpNl+EnhFZy+7OrkqJJJLYNNg4fSx3xyqF3zNJKnRjTJr6lkX4dUGRYydv6+Gjg0z7s2Y/9JTnMKEKq+LeHNwNaw5aRGOk8dY7WdaQQZYigs5CZ; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
6949
expires
Tue, 19 Oct 2021 04:15:59 GMT
magnifying2.png
www.proxysite.com/assets/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.proxysite.com/assets/images/magnifying2.png
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.74.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-74-218.compute-1.amazonaws.com
Software
Apache /
Resource Hash
0ac9094e17f405afb1a4cb915170e1051a048db8597a64460222f03fab4dcc76

Request headers

:path
/assets/images/magnifying2.png
pragma
no-cache
cookie
AWSALB=SlulNIHwMPZlyK+Fvg/bAygnE/5MYyLJmTBe+FpJ9suix/W9ZUwc5LsQcDMDi3PKmVV6Sm4aLmv+HEr+5M6efZJDChPyMl2d4+vcMP3mJZArP61sNKzlJtvnoM58; AWSALBCORS=SlulNIHwMPZlyK+Fvg/bAygnE/5MYyLJmTBe+FpJ9suix/W9ZUwc5LsQcDMDi3PKmVV6Sm4aLmv+HEr+5M6efZJDChPyMl2d4+vcMP3mJZArP61sNKzlJtvnoM58; PHPSESSID=mk549aiis29r95rv1ll4ou1aj7; hl=en
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.proxysite.com
referer
https://www.proxysite.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:15:59 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"1b58-5846594186131"
content-type
image/png
cache-control
max-age=2592000
set-cookie
AWSALB=aUYp5pVvfPnYYCcjFrEP2HptIIAlSX8IKQXOA3YqnF8jIug8qnKpPkMQBhG06RmYdursgu5QFBBVejrCrv6Pjz0eCGBKo27uTV9On9IAxRgbZpGRRMJijUBoeV9J; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/ AWSALBCORS=aUYp5pVvfPnYYCcjFrEP2HptIIAlSX8IKQXOA3YqnF8jIug8qnKpPkMQBhG06RmYdursgu5QFBBVejrCrv6Pjz0eCGBKo27uTV9On9IAxRgbZpGRRMJijUBoeV9J; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
7000
expires
Tue, 19 Oct 2021 04:15:59 GMT
logo-footer.png
www.proxysite.com/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.proxysite.com/assets/images/logo-footer.png
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.74.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-74-218.compute-1.amazonaws.com
Software
Apache /
Resource Hash
938bb7a4fe2818088711d433b38bb086516f778d8614faaf479ac89cf62968ec

Request headers

:path
/assets/images/logo-footer.png
pragma
no-cache
cookie
AWSALB=SlulNIHwMPZlyK+Fvg/bAygnE/5MYyLJmTBe+FpJ9suix/W9ZUwc5LsQcDMDi3PKmVV6Sm4aLmv+HEr+5M6efZJDChPyMl2d4+vcMP3mJZArP61sNKzlJtvnoM58; AWSALBCORS=SlulNIHwMPZlyK+Fvg/bAygnE/5MYyLJmTBe+FpJ9suix/W9ZUwc5LsQcDMDi3PKmVV6Sm4aLmv+HEr+5M6efZJDChPyMl2d4+vcMP3mJZArP61sNKzlJtvnoM58; PHPSESSID=mk549aiis29r95rv1ll4ou1aj7; hl=en
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.proxysite.com
referer
https://www.proxysite.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:15:59 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"7b4-5846594186131"
content-type
image/png
cache-control
max-age=2592000
set-cookie
AWSALB=0l9Q9QOrpCQcZ69BApH6FNggztG2nqwg3XqF5RkUEbGxVqd61of25+76jh9iWCvozakSVgAx4kWLTGl3aPul/ua38oWdXCzwTrs3Mdapg6PxTN4glpcdJRdj2N8N; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/ AWSALBCORS=0l9Q9QOrpCQcZ69BApH6FNggztG2nqwg3XqF5RkUEbGxVqd61of25+76jh9iWCvozakSVgAx4kWLTGl3aPul/ua38oWdXCzwTrs3Mdapg6PxTN4glpcdJRdj2N8N; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
1972
expires
Tue, 19 Oct 2021 04:15:59 GMT
jquery.js
www.proxysite.com/assets/js/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.proxysite.com/assets/js/jquery.js?v=17030501
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.74.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-74-218.compute-1.amazonaws.com
Software
Apache /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

:path
/assets/js/jquery.js?v=17030501
pragma
no-cache
cookie
AWSALB=SlulNIHwMPZlyK+Fvg/bAygnE/5MYyLJmTBe+FpJ9suix/W9ZUwc5LsQcDMDi3PKmVV6Sm4aLmv+HEr+5M6efZJDChPyMl2d4+vcMP3mJZArP61sNKzlJtvnoM58; AWSALBCORS=SlulNIHwMPZlyK+Fvg/bAygnE/5MYyLJmTBe+FpJ9suix/W9ZUwc5LsQcDMDi3PKmVV6Sm4aLmv+HEr+5M6efZJDChPyMl2d4+vcMP3mJZArP61sNKzlJtvnoM58; PHPSESSID=mk549aiis29r95rv1ll4ou1aj7; hl=en
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.proxysite.com
referer
https://www.proxysite.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:15:59 GMT
content-encoding
gzip
last-modified
Mon, 18 Mar 2019 22:05:12 GMT
server
Apache
etag
"17b8b-58465952b0993-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
set-cookie
AWSALB=cPNluIztHCaQ2aYjc9YrndUWGPuBxkLAlcmaiCvDkAvgFL7Hu7gwbLKC3ZARaRlr3rNPogpPFFGxMQxia5As9Yx4VflpvzDIKlpRpAxal4zW4Be/38A9PxhkrDGO; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/ AWSALBCORS=cPNluIztHCaQ2aYjc9YrndUWGPuBxkLAlcmaiCvDkAvgFL7Hu7gwbLKC3ZARaRlr3rNPogpPFFGxMQxia5As9Yx4VflpvzDIKlpRpAxal4zW4Be/38A9PxhkrDGO; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
33760
expires
Tue, 19 Oct 2021 04:15:59 GMT
65f94d5.js
www.proxysite.com/js/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.proxysite.com/js/65f94d5.js?v=17030501
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.74.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-74-218.compute-1.amazonaws.com
Software
Apache /
Resource Hash
dc2261fa7fc402f3869461ab510796c6a45c58b4910d7eaaf674bfefd5274e6c

Request headers

:path
/js/65f94d5.js?v=17030501
pragma
no-cache
cookie
AWSALB=SlulNIHwMPZlyK+Fvg/bAygnE/5MYyLJmTBe+FpJ9suix/W9ZUwc5LsQcDMDi3PKmVV6Sm4aLmv+HEr+5M6efZJDChPyMl2d4+vcMP3mJZArP61sNKzlJtvnoM58; AWSALBCORS=SlulNIHwMPZlyK+Fvg/bAygnE/5MYyLJmTBe+FpJ9suix/W9ZUwc5LsQcDMDi3PKmVV6Sm4aLmv+HEr+5M6efZJDChPyMl2d4+vcMP3mJZArP61sNKzlJtvnoM58; PHPSESSID=mk549aiis29r95rv1ll4ou1aj7; hl=en
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.proxysite.com
referer
https://www.proxysite.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:15:59 GMT
content-encoding
gzip
last-modified
Mon, 18 Mar 2019 22:05:13 GMT
server
Apache
etag
"9a33-5846595353af1-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
set-cookie
AWSALB=CCEvBhpIepcHahsYMcK67jMwSVcnoT/xS5kox/0+PKCvi6N76IHaU83wBA/1rwHjbQCrEwQNyDqdvLrf9N7RarPkr2P9olf5ID7j22YyOanqyiCIOH9a70uS7ZBY; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/ AWSALBCORS=CCEvBhpIepcHahsYMcK67jMwSVcnoT/xS5kox/0+PKCvi6N76IHaU83wBA/1rwHjbQCrEwQNyDqdvLrf9N7RarPkr2P9olf5ID7j22YyOanqyiCIOH9a70uS7ZBY; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
9611
expires
Tue, 19 Oct 2021 04:15:59 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		138 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
426493ba600ec8c39b1a3e8853bc2863c3588c97e59f72f520104f2a42d2dc23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:15:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49025
x-xss-protection
0
server
cafe
etag
3981023971068473182
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 19 Sep 2021 04:15:59 GMT
bg.png
www.proxysite.com/assets/images/ 		236 B
763 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.proxysite.com/assets/images/bg.png
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.74.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-74-218.compute-1.amazonaws.com
Software
Apache /
Resource Hash
9428518d1b1c9e441b6dcf1effddc210ce3ab2d1e0913be29695e907b4c82c43

Request headers

:path
/assets/images/bg.png
pragma
no-cache
cookie
PHPSESSID=mk549aiis29r95rv1ll4ou1aj7; hl=en; AWSALB=YZtexqMfwK7gVJRS3i50Q8nKYAuqH8b4b8Gy11FN241Fmi9AHMYoRuHmjyJoBbHf7w9CRUAabuGsMAF2tXvakvK1InFrk4aVraCQiLAElYijOticjDuXsZr1qcM2; AWSALBCORS=YZtexqMfwK7gVJRS3i50Q8nKYAuqH8b4b8Gy11FN241Fmi9AHMYoRuHmjyJoBbHf7w9CRUAabuGsMAF2tXvakvK1InFrk4aVraCQiLAElYijOticjDuXsZr1qcM2
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.proxysite.com
referer
https://www.proxysite.com/css/96f631f.css?v=17030501
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/css/96f631f.css?v=17030501
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:15:59 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"ec-5846594186131"
content-type
image/png
cache-control
max-age=2592000
set-cookie
AWSALB=rfEabsxCk3FlqdmtRzVIVa6WULQ/XY5CDHiyVPs/Dhbbrcrwt7Oh1Et7vqUEvSiryeIG8TX1BJ6o126a2COzn5BJzIYFWmvSiqJJDXylLpQsBy+gwlQ61Ex1klJ2; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/ AWSALBCORS=rfEabsxCk3FlqdmtRzVIVa6WULQ/XY5CDHiyVPs/Dhbbrcrwt7Oh1Et7vqUEvSiryeIG8TX1BJ6o126a2COzn5BJzIYFWmvSiqJJDXylLpQsBy+gwlQ61Ex1klJ2; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
236
expires
Tue, 19 Oct 2021 04:15:59 GMT
raleway.woff2
www.proxysite.com/assets/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.proxysite.com/assets/fonts/raleway.woff2
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.74.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-74-218.compute-1.amazonaws.com
Software
Apache /
Resource Hash
770da7643a54e06b63d0c10b9386c21eebe7fe791bbd43e760a9f763aa95d26f

Request headers

sec-fetch-mode
cors
origin
https://www.proxysite.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
PHPSESSID=mk549aiis29r95rv1ll4ou1aj7; hl=en; AWSALB=YZtexqMfwK7gVJRS3i50Q8nKYAuqH8b4b8Gy11FN241Fmi9AHMYoRuHmjyJoBbHf7w9CRUAabuGsMAF2tXvakvK1InFrk4aVraCQiLAElYijOticjDuXsZr1qcM2; AWSALBCORS=YZtexqMfwK7gVJRS3i50Q8nKYAuqH8b4b8Gy11FN241Fmi9AHMYoRuHmjyJoBbHf7w9CRUAabuGsMAF2tXvakvK1InFrk4aVraCQiLAElYijOticjDuXsZr1qcM2
:path
/assets/fonts/raleway.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.proxysite.com
referer
https://www.proxysite.com/css/96f631f.css?v=17030501
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.proxysite.com/css/96f631f.css?v=17030501
Origin
https://www.proxysite.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:15:59 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"3ab8-5846594186131"
cache-control
max-age=2592000
set-cookie
AWSALB=db+4oWCGNngKN5nK5IzojtVSPYOrlUWeskguM3klEJLnPiSN9nCNA7i9uaxED/bRbRtPbJ0IyMtCeS6UswbUll3VsfCcds9VN/SU5GaSb8KX5rTV5cTiMxe7sVdQ; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/ AWSALBCORS=db+4oWCGNngKN5nK5IzojtVSPYOrlUWeskguM3klEJLnPiSN9nCNA7i9uaxED/bRbRtPbJ0IyMtCeS6UswbUll3VsfCcds9VN/SU5GaSb8KX5rTV5cTiMxe7sVdQ; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
15032
expires
Tue, 19 Oct 2021 04:15:59 GMT
raleway-semibold.woff2
www.proxysite.com/assets/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.proxysite.com/assets/fonts/raleway-semibold.woff2
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.74.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-74-218.compute-1.amazonaws.com
Software
Apache /
Resource Hash
3cee69d07c93d87ecbb03f206ddb86c9d4ba12638a18ed177de725be2eb8333a

Request headers

sec-fetch-mode
cors
origin
https://www.proxysite.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
PHPSESSID=mk549aiis29r95rv1ll4ou1aj7; hl=en; AWSALB=YZtexqMfwK7gVJRS3i50Q8nKYAuqH8b4b8Gy11FN241Fmi9AHMYoRuHmjyJoBbHf7w9CRUAabuGsMAF2tXvakvK1InFrk4aVraCQiLAElYijOticjDuXsZr1qcM2; AWSALBCORS=YZtexqMfwK7gVJRS3i50Q8nKYAuqH8b4b8Gy11FN241Fmi9AHMYoRuHmjyJoBbHf7w9CRUAabuGsMAF2tXvakvK1InFrk4aVraCQiLAElYijOticjDuXsZr1qcM2
:path
/assets/fonts/raleway-semibold.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.proxysite.com
referer
https://www.proxysite.com/css/96f631f.css?v=17030501
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.proxysite.com/css/96f631f.css?v=17030501
Origin
https://www.proxysite.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:15:59 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"3b18-5846594186131"
cache-control
max-age=2592000
set-cookie
AWSALB=vc3KLQ3+r9uHpYyao3wmH3GF/MxZu8sJycrw5Z5077Ip2zLRpvzQ9A07aon1RHsZ1OYd0uZL2eRuBaJZmdQmn55F/3Semcr5Q6wgvX8CRo1DNYJwx0m00jTpqcg6; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/ AWSALBCORS=vc3KLQ3+r9uHpYyao3wmH3GF/MxZu8sJycrw5Z5077Ip2zLRpvzQ9A07aon1RHsZ1OYd0uZL2eRuBaJZmdQmn55F/3Semcr5Q6wgvX8CRo1DNYJwx0m00jTpqcg6; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
15128
expires
Tue, 19 Oct 2021 04:15:59 GMT
icomoon.ttf
www.proxysite.com/assets/fonts/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.proxysite.com/assets/fonts/icomoon.ttf?-p3bna1
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.74.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-74-218.compute-1.amazonaws.com
Software
Apache /
Resource Hash
7ffcb15458cc6d82ade6166ddb0788afe839679e06d01368d615e8f2c0c6a5f1

Request headers

sec-fetch-mode
cors
origin
https://www.proxysite.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
PHPSESSID=mk549aiis29r95rv1ll4ou1aj7; hl=en; AWSALB=YZtexqMfwK7gVJRS3i50Q8nKYAuqH8b4b8Gy11FN241Fmi9AHMYoRuHmjyJoBbHf7w9CRUAabuGsMAF2tXvakvK1InFrk4aVraCQiLAElYijOticjDuXsZr1qcM2; AWSALBCORS=YZtexqMfwK7gVJRS3i50Q8nKYAuqH8b4b8Gy11FN241Fmi9AHMYoRuHmjyJoBbHf7w9CRUAabuGsMAF2tXvakvK1InFrk4aVraCQiLAElYijOticjDuXsZr1qcM2
:path
/assets/fonts/icomoon.ttf?-p3bna1
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.proxysite.com
referer
https://www.proxysite.com/css/96f631f.css?v=17030501
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.proxysite.com/css/96f631f.css?v=17030501
Origin
https://www.proxysite.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:15:59 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"a7c-5846594185191"
content-type
application/font-sfnt
cache-control
max-age=2592000
set-cookie
AWSALB=RfMR/yfYOSeXFx1ZCCMKeWEMpxFORmPdknIKKBZgwOs40a2sQOvaba66tUQHpMLP673QuMuZhMfGi6ulmOGFYzEH/mFai8Pdz2i8kvNgtcBb5vOvENitCXOa/zeG; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/ AWSALBCORS=RfMR/yfYOSeXFx1ZCCMKeWEMpxFORmPdknIKKBZgwOs40a2sQOvaba66tUQHpMLP673QuMuZhMfGi6ulmOGFYzEH/mFai8Pdz2i8kvNgtcBb5vOvENitCXOa/zeG; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
2684
expires
Tue, 19 Oct 2021 04:15:59 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6731) /
Resource Hash
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 04:15:59 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Aug 2021 20:34:57 GMT
Server
ECS (frb/6731)
Age
1341
Etag
"d405b816322f9770c70cbd10cfa87be4+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28872
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
631c9285a9a3324342d1f843598cd6a5fbd7992b5b833266769bd5470c368265
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
wx2+HpY3FDCsjplo1hi5XA==
cross-origin-resource-policy
cross-origin
expires
Sun, 19 Sep 2021 04:35:56 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1685
x-fb-rlafr
0
x-fb-debug
sGt64crTiRMwqHjkaSaNpaahYqyu3KNsy5dEZlHGfDuaGdEWVG0FHWtmvBsBU3eP2XT7ZXlUsgEgm/Pu1dlK5A==
x-fb-trip-id
917726464
x-fb-content-md5
a7f8f4c6878a3a3944cf77c664012438
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 19 Sep 2021 04:15:59 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"4524fa74a534bed5628eb9c863f4e885"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
raleway-bold.woff2
www.proxysite.com/assets/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.proxysite.com/assets/fonts/raleway-bold.woff2
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.74.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-74-218.compute-1.amazonaws.com
Software
Apache /
Resource Hash
724acb468e6daf873120d385f6717f09d84ffb51b33c81cb135597dad94ab4d7

Request headers

sec-fetch-mode
cors
origin
https://www.proxysite.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
PHPSESSID=mk549aiis29r95rv1ll4ou1aj7; hl=en; AWSALB=YZtexqMfwK7gVJRS3i50Q8nKYAuqH8b4b8Gy11FN241Fmi9AHMYoRuHmjyJoBbHf7w9CRUAabuGsMAF2tXvakvK1InFrk4aVraCQiLAElYijOticjDuXsZr1qcM2; AWSALBCORS=YZtexqMfwK7gVJRS3i50Q8nKYAuqH8b4b8Gy11FN241Fmi9AHMYoRuHmjyJoBbHf7w9CRUAabuGsMAF2tXvakvK1InFrk4aVraCQiLAElYijOticjDuXsZr1qcM2
:path
/assets/fonts/raleway-bold.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.proxysite.com
referer
https://www.proxysite.com/css/96f631f.css?v=17030501
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.proxysite.com/css/96f631f.css?v=17030501
Origin
https://www.proxysite.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:15:59 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"3aa0-5846594186131"
cache-control
max-age=2592000
set-cookie
AWSALB=HPxlBvyHBrdKSL6+Kr3yfXWheEgBi/dJSrvQhAnlJjwp/0IZRxdy9uCPOJfvRnRlKCj3xFv3EqxEHAxH269H+vHWZ5zYIzVpfa+qRJV3FiQnVkaehoUPzfjawlmV; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/ AWSALBCORS=HPxlBvyHBrdKSL6+Kr3yfXWheEgBi/dJSrvQhAnlJjwp/0IZRxdy9uCPOJfvRnRlKCj3xFv3EqxEHAxH269H+vHWZ5zYIzVpfa+qRJV3FiQnVkaehoUPzfjawlmV; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
15008
expires
Tue, 19 Oct 2021 04:15:59 GMT
raleway-light.woff2
www.proxysite.com/assets/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.proxysite.com/assets/fonts/raleway-light.woff2
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.74.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-74-218.compute-1.amazonaws.com
Software
Apache /
Resource Hash
d3f154bd52d039a8d725c3a790c0887142a2963f09b28c6280e4629ca8521e93

Request headers

sec-fetch-mode
cors
origin
https://www.proxysite.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
PHPSESSID=mk549aiis29r95rv1ll4ou1aj7; hl=en; AWSALB=YZtexqMfwK7gVJRS3i50Q8nKYAuqH8b4b8Gy11FN241Fmi9AHMYoRuHmjyJoBbHf7w9CRUAabuGsMAF2tXvakvK1InFrk4aVraCQiLAElYijOticjDuXsZr1qcM2; AWSALBCORS=YZtexqMfwK7gVJRS3i50Q8nKYAuqH8b4b8Gy11FN241Fmi9AHMYoRuHmjyJoBbHf7w9CRUAabuGsMAF2tXvakvK1InFrk4aVraCQiLAElYijOticjDuXsZr1qcM2
:path
/assets/fonts/raleway-light.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.proxysite.com
referer
https://www.proxysite.com/css/96f631f.css?v=17030501
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.proxysite.com/css/96f631f.css?v=17030501
Origin
https://www.proxysite.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:15:59 GMT
last-modified
Mon, 18 Mar 2019 22:04:54 GMT
server
Apache
etag
"3a6c-5846594186131"
cache-control
max-age=2592000
set-cookie
AWSALB=QAEUxAjrvAuI9tXgX9SNr+bNw5IwwuWFwcnwFSZ9zNvmKfVBB6dqa2KASGfMOA0gTQgDDTsb6lIxCcHQO9fU1XlEEzw0felVahNFMzFpLa8maCwflmnBS1eIglUL; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/ AWSALBCORS=QAEUxAjrvAuI9tXgX9SNr+bNw5IwwuWFwcnwFSZ9zNvmKfVBB6dqa2KASGfMOA0gTQgDDTsb6lIxCcHQO9fU1XlEEzw0felVahNFMzFpLa8maCwflmnBS1eIglUL; Expires=Sun, 26 Sep 2021 04:15:59 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
14956
expires
Tue, 19 Oct 2021 04:15:59 GMT
sdk.js
connect.facebook.net/en_US/ 		223 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=10f90013e075abed49a638c5e862cdc0
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
7e608d70ce8409e402ff5748238e29a46d9b2611ae57675776c07831a8a86f54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.proxysite.com/
Origin
https://www.proxysite.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
AW9cUy7/IioKPecFyhcLJA==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
66983
x-fb-rlafr
0
x-fb-debug
GY8FsAlgEM83b8BQRY3i9wqLh9h43+iAnL43slXgVgIVOM0FjmEmnXh3uTX2x5vbIxVKrWiHz8kV4+3XxaVO8g==
x-fb-content-md5
29c4a46f944e4b27d48af3fd1e26c4ff
x-frame-options
DENY
date
Sun, 19 Sep 2021 04:15:59 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"7ac3178e410a98877f0836a354aa7da6"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 19 Sep 2022 02:38:49 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5040
date
Sun, 19 Sep 2021 02:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 19 Sep 2021 04:52:00 GMT
widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html
platform.twitter.com/widgets/ Frame BF49 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.proxysite.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.proxysite.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
454585
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sun, 19 Sep 2021 04:16:00 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 02 Aug 2021 20:33:53 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6724)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
like.php
www.facebook.com/v2.5/plugins/ Frame 0517 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1dc83c60803df%26domain%3Dwww.proxysite.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.proxysite.com%252Ff36b14d305e6b7c%26relation%3Dparent.parent&container_width=105&href=https%3A%2F%2Fwww.proxysite.com%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&width=80
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=10f90013e075abed49a638c5e862cdc0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frx5.facebook.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1dc83c60803df%26domain%3Dwww.proxysite.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.proxysite.com%252Ff36b14d305e6b7c%26relation%3Dparent.parent&container_width=105&href=https%3A%2F%2Fwww.proxysite.com%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&width=80
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.proxysite.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
i6zlT2nK3arj7xUEskNdR6qQ9LgEomCJWOI0Rt7gg9EXZNNpyQY3fMy3wZGx58A7PlyReFp0Skr599Nofccbdw==
content-length
0
date
Sun, 19 Sep 2021 04:16:00 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/ 		253 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
0e932077700b08707120f8b3243472af89cb67c44f3cd2e9b073be8f3939dd69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95713
x-xss-protection
0
server
cafe
etag
14022606753207139456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 19 Sep 2021 04:16:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/ Frame 8C03 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210915/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.proxysite.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 18 Sep 2021 12:31:14 GMT
expires
Sat, 02 Oct 2021 12:31:14 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
56686
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
settings
syndication.twitter.com/ Frame BF49 		232 B
432 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=fbbcd917908e9716d7af429844c9502d27dfef7e
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.proxysite.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:16:00 GMT
content-encoding
gzip
last-modified
Sun, 19 Sep 2021 04:16:00 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
39c6d65d28b682470351f8883b6bb3d0a7fc9776bb03e7902a4cdf27ff90f0b2
content-length
166
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=117941280&t=pageview&_s=1&dl=https%3A%2F%2Fwww.proxysite.com%2F&ul=en-us&de=UTF-8&dt=ProxySite.com%20-%20Free%20Web%20Proxy%20Site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=590627935&gjid=368013412&cid=201018814.1632024960&tid=UA-45368124-2&_gid=51218623.1632024960&_r=1&_slc=1&z=1838806352
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.proxysite.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 04:16:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.proxysite.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		203 B
660 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.proxysite.com&callback=_gfp_s_&client=ca-pub-5271052033776811
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9fca5f1617ef949660239d615640d5d9a7a8b26a03c652dc1a9447c11d35370b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.proxysite.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Sep 2021 04:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.proxysite.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Sep 2021 04:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 72B8 		430 B
231 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960137&bpp=3&bdt=382&idt=129&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&correlator=1815683785345&frm=20&pv=2&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=YMgRktWvjE&p=https%3A//www.proxysite.com&dtd=146
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
0f2de05108a380f3e8bbdde4f58a74c5db21cb502bbfe12360621c7f46066fdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960137&bpp=3&bdt=382&idt=129&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&correlator=1815683785345&frm=20&pv=2&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=YMgRktWvjE&p=https%3A//www.proxysite.com&dtd=146
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.proxysite.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 19 Sep 2021 04:16:00 GMT
server
cafe
content-length
208
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 19-Sep-2021 04:31:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 19 Sep 2021 04:16:00 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
24d026371427b41d6d168c5d4c18de465b026afc3907c86c8f3b3bc31bd87467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27652
x-xss-protection
0
server
sffe
etag
"1631879122047051"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Sun, 19 Sep 2021 04:16:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 6D58 		430 B
231 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=1005968846&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=1&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960140&bpp=1&bdt=385&idt=152&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=305&ady=702&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=O2EyKRHIQI&p=https%3A//www.proxysite.com&dtd=155
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
1d7f622cafddd4829d847fa4c16c25c4d34e7c3dfc9c571a76d06d10c331a40b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=1005968846&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=1&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960140&bpp=1&bdt=385&idt=152&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=305&ady=702&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=O2EyKRHIQI&p=https%3A//www.proxysite.com&dtd=155
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.proxysite.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 19 Sep 2021 04:16:00 GMT
server
cafe
content-length
208
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 19-Sep-2021 04:31:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 19 Sep 2021 04:16:00 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 2002 		430 B
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&slotname=6803856480&adk=197138127&adf=1497320946&pi=t.ma~as.6803856480&w=728&lmt=1632024960&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960141&bpp=1&bdt=386&idt=157&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280%2C990x280&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=436&ady=2948&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=tGGNs31MNe&p=https%3A//www.proxysite.com&dtd=159
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
d7dfc0b20804c31c51e2129ef9c89022c1d7a23ede23d4e623ef9e921d148eb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&slotname=6803856480&adk=197138127&adf=1497320946&pi=t.ma~as.6803856480&w=728&lmt=1632024960&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960141&bpp=1&bdt=386&idt=157&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280%2C990x280&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=436&ady=2948&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=tGGNs31MNe&p=https%3A//www.proxysite.com&dtd=159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.proxysite.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 19 Sep 2021 04:16:00 GMT
server
cafe
content-length
207
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 19-Sep-2021 04:31:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 19 Sep 2021 04:16:00 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 1211 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&adk=1812271804&adf=3025194257&lmt=1632024960&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.proxysite.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960150&bpp=1&bdt=395&idt=152&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280%2C990x280%2C728x90&nras=1&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=156
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
d047e9c956c997c38ab9342ba3425857a3ade5e33caf784bb3a35a0066047fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5271052033776811&output=html&adk=1812271804&adf=3025194257&lmt=1632024960&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.proxysite.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960150&bpp=1&bdt=395&idt=152&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280%2C990x280%2C728x90&nras=1&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=156
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.proxysite.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 19 Sep 2021 04:16:00 GMT
server
cafe
content-length
4928
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 19-Sep-2021 04:31:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 19 Sep 2021 04:16:00 GMT
cache-control
private
button.5d16ecc02fbaf599a24dfb57ab239320.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.5d16ecc02fbaf599a24dfb57ab239320.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6731) /
Resource Hash
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 04:16:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Aug 2021 20:33:39 GMT
Server
ECS (frb/6731)
Age
454586
Etag
"6b95f5a9a2ff4b885e2eafdf446d70d0+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2296
tweet_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
platform.twitter.com/widgets/ Frame 1C97 		32 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6731) /
Resource Hash
06b34901b9ee1d57c9e0a37a7665c7aa77f6ab8b884cda5e8caad1c3f8b8c639

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.proxysite.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
454585
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sun, 19 Sep 2021 04:16:00 GMT
Etag
"909c8b457796b3e08dbae7ea22074354+gzip"
Last-Modified
Mon, 02 Aug 2021 20:33:46 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6731)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
12257
truncated
/ Frame 1C97 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.proxysite.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Sep 2021 04:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.proxysite.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Sep 2021 04:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E976 		430 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960487&bpp=1&bdt=732&idt=-M&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79c1726e715221dd-223590a137c900c4%3AT%3D1632024960%3ART%3D1632024960%3AS%3DALNI_MYV35HhRzJtt1_xx8HiwntDXQzCcg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ovTZEFq9L0&p=https%3A//www.proxysite.com&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
0c2b94244fd4297ce67caae8f1c17a4dbe515c5b49275b335b7d7af60e537fec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960487&bpp=1&bdt=732&idt=-M&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79c1726e715221dd-223590a137c900c4%3AT%3D1632024960%3ART%3D1632024960%3AS%3DALNI_MYV35HhRzJtt1_xx8HiwntDXQzCcg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ovTZEFq9L0&p=https%3A//www.proxysite.com&dtd=12
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.proxysite.com/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 19 Sep 2021 04:16:00 GMT
server
cafe
content-length
208
x-xss-protection
0
set-cookie
IDE=AHWqTUnvmi8Brtur9swEcM-r9H7V2ysDffINCgZelDLs5LlxntpL9komrv0IxAzG_XU; expires=Fri, 14-Oct-2022 04:16:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 19 Sep 2021 04:16:00 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 3C89 		26 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960487&bpp=1&bdt=732&idt=0&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79c1726e715221dd-223590a137c900c4%3AT%3D1632024960%3ART%3D1632024960%3AS%3DALNI_MYV35HhRzJtt1_xx8HiwntDXQzCcg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8zgx2sr8yI&p=https%3A//www.proxysite.com&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
5183c4270510a43d23df0772fb29617aa102dc91942f0a862aec3e81913ef2c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960487&bpp=1&bdt=732&idt=0&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79c1726e715221dd-223590a137c900c4%3AT%3D1632024960%3ART%3D1632024960%3AS%3DALNI_MYV35HhRzJtt1_xx8HiwntDXQzCcg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8zgx2sr8yI&p=https%3A//www.proxysite.com&dtd=16
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.proxysite.com/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 19 Sep 2021 04:16:00 GMT
server
cafe
content-length
10907
x-xss-protection
0
set-cookie
IDE=AHWqTUmjpxD6HIV886IrGiQf9UhXKfKOiMW5V5F6ClSMC9kNN9SxTjdcudRlv87PBIU; expires=Fri, 14-Oct-2022 04:16:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 19 Sep 2021 04:16:00 GMT
cache-control
private
jot
syndication.twitter.com/i/ 		43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.proxysite.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1632024960529%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221890d59c%3A1627936082797%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Sun, 19 Sep 2021 04:16:00 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
39c6d65d28b682470351f8883b6bb3d0a7fc9776bb03e7902a4cdf27ff90f0b2
x-transaction
2513e9c5aca7f8c3
expires
Tue, 31 Mar 1981 05:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E089 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CGaD5gLlGYZ6vIMHz3wO0jYGYCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQIYQynVuKuzPqgDAaoEpgFP0Cp2k-q4qvb1qQ6e83V2rTF5SzB8Gt7WOb7DWjJUCASbbiMlOV2GicWcBKWXm1vWJLQBVUdBYbtxZ0mnV3FqxzHVXgoGJ9xD9iI-fEQSd7pMKGSOf1AEA00yxVa5aggbzYuojs2NS7PwpEtHM2kTpoB1iXjI4J5-aQVKN4UH7ZwqVxm5LlUlZRpKHKJOl2dJ_LLJNbkievqesktpZAbhxXRV7bk8gAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTI3MTA1MjAzMzc3NjgxMRgA&sigh=ElWc9xwzKYQ
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960487&bpp=1&bdt=732&idt=0&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79c1726e715221dd-223590a137c900c4%3AT%3D1632024960%3ART%3D1632024960%3AS%3DALNI_MYV35HhRzJtt1_xx8HiwntDXQzCcg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8zgx2sr8yI&p=https%3A//www.proxysite.com&dtd=16
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 19 Sep 2021 04:16:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame E089 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kwj980vbkpe5tbexa4ag785sfj39gzyjsbq0dz5ty0hcdebvy8mhd767x9a2ec4ggjgp8rmq2b6mxen7tm50dz6ds3ebwpf6197ypeqxcj1nsf53p5m7zh6pzxweyg2kav08jtfcar6gg85azf7pg122catj665jdf7j4d4ectn31thva36hmfzm3sh4a7bf4h8t8s3t6dtrd6jkss9wn8xf131qfr8qx0ccwzda594f98hb7p1dkmeg1kmwvavy2em77rb939ednsem7a37yswxps31sm6jytkvkj2c5xg81kers5764d4weq9bjyt1rsrke2djvcefxgzr26jmteq3x6gdya4ms6a050r87k16gr9rwwfadcnsq6nqewz49mfxb8e4g&b=YUa5gAAIF54Kd_nBAABGtCH6AnFiZQt8Wv_4BQ
Requested by
Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.89.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
54.89.95.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 19 Sep 2021 04:16:00 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame A058 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kgsmmaqp08cqr12a0vhp1zym9465hepk78ga8ps22wdvs9aqxxab515mwevrnf8zfe352wc765ye24e66caz6cm4g8ee1k4a8mm02xbsh5da73ba4f5ggstzmj5tx4s31e0rqbmm8c8vqrfwnd1r9db5a0f0v5nxt8y0b7p2jp3b19xsjyxtbqwjemtpamhns0vtxrdedxtm5rpb59d1cqxkhbvpdheb2p2ezyb16heyc9twbgpjvf2f029sx18dwxt0ygneerqrcb2ngsjwv5epajjahqn8112sb2n4pkjbb64h4daj6ybpqy0tncy5qqfbs5tymkee19e4fh6ared55d0bvc40nw1a3n2zaamcxqgc46pwcr8383xv61heya2xn190nsv1bkaa569c80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChlNjgLlGYZ6vIMHz3wO0jYGYCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQIYQynVuKuzPqgDAaoEqQFP0Cp2k-q4qvb1qQ6e83V2rTF5SzB8Gt7WOb7DWjJUCASbbiMlOV2GicWcBKWXm1vWJLQBVUdBYbtxZ0mnV3FqxzHVXgoGJ9xD9iI-fEQSd7pMKGSOf1AEA00yxVa5aggbzYuojs2NS7PwpEtHM2kTpoB1iXjI4J5-aQVKN4UH7ZwqVxm5LlUlZRpKHKJOl2dJ_LLJd7sv6C1LNQuh4053Hz3HH4Ao61CcgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_35p2QZPIiy2dyE57kdr2hPVMyuvA%26client%3Dca-pub-5271052033776811%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960487&bpp=1&bdt=732&idt=0&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79c1726e715221dd-223590a137c900c4%3AT%3D1632024960%3ART%3D1632024960%3AS%3DALNI_MYV35HhRzJtt1_xx8HiwntDXQzCcg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8zgx2sr8yI&p=https%3A//www.proxysite.com&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.192.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0585e1d3112f593ea81391977086c5784be27c5ccef173cb80ccdbfbc50bd1c4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/dr?ed=1kgsmmaqp08cqr12a0vhp1zym9465hepk78ga8ps22wdvs9aqxxab515mwevrnf8zfe352wc765ye24e66caz6cm4g8ee1k4a8mm02xbsh5da73ba4f5ggstzmj5tx4s31e0rqbmm8c8vqrfwnd1r9db5a0f0v5nxt8y0b7p2jp3b19xsjyxtbqwjemtpamhns0vtxrdedxtm5rpb59d1cqxkhbvpdheb2p2ezyb16heyc9twbgpjvf2f029sx18dwxt0ygneerqrcb2ngsjwv5epajjahqn8112sb2n4pkjbb64h4daj6ybpqy0tncy5qqfbs5tymkee19e4fh6ared55d0bvc40nw1a3n2zaamcxqgc46pwcr8383xv61heya2xn190nsv1bkaa569c80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChlNjgLlGYZ6vIMHz3wO0jYGYCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQIYQynVuKuzPqgDAaoEqQFP0Cp2k-q4qvb1qQ6e83V2rTF5SzB8Gt7WOb7DWjJUCASbbiMlOV2GicWcBKWXm1vWJLQBVUdBYbtxZ0mnV3FqxzHVXgoGJ9xD9iI-fEQSd7pMKGSOf1AEA00yxVa5aggbzYuojs2NS7PwpEtHM2kTpoB1iXjI4J5-aQVKN4UH7ZwqVxm5LlUlZRpKHKJOl2dJ_LLJd7sv6C1LNQuh4053Hz3HH4Ao61CcgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_35p2QZPIiy2dyE57kdr2hPVMyuvA%26client%3Dca-pub-5271052033776811%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Sun, 19 Sep 2021 04:16:00 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
690fff0509c437c7-MAD
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame E089 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960487&bpp=1&bdt=732&idt=0&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79c1726e715221dd-223590a137c900c4%3AT%3D1632024960%3ART%3D1632024960%3AS%3DALNI_MYV35HhRzJtt1_xx8HiwntDXQzCcg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8zgx2sr8yI&p=https%3A//www.proxysite.com&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 03:58:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1029
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Oct 2021 03:58:51 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5241 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960487&bpp=1&bdt=732&idt=0&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79c1726e715221dd-223590a137c900c4%3AT%3D1632024960%3ART%3D1632024960%3AS%3DALNI_MYV35HhRzJtt1_xx8HiwntDXQzCcg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8zgx2sr8yI&p=https%3A//www.proxysite.com&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 18 Sep 2021 08:58:57 GMT
expires
Sun, 19 Sep 2021 08:58:57 GMT
content-type
text/html; charset=ISO-8859-1
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
69423
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E089 		128 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960487&bpp=1&bdt=732&idt=0&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79c1726e715221dd-223590a137c900c4%3AT%3D1632024960%3ART%3D1632024960%3AS%3DALNI_MYV35HhRzJtt1_xx8HiwntDXQzCcg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8zgx2sr8yI&p=https%3A//www.proxysite.com&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
daaaa4101e8414d3c9c0baab3c015599b7e1fa70035268b8ba23ea6790f00bf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39526
x-xss-protection
0
server
sffe
etag
"1631879102694099"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Sun, 19 Sep 2021 04:16:00 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame E089 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960487&bpp=1&bdt=732&idt=0&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79c1726e715221dd-223590a137c900c4%3AT%3D1632024960%3ART%3D1632024960%3AS%3DALNI_MYV35HhRzJtt1_xx8HiwntDXQzCcg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8zgx2sr8yI&p=https%3A//www.proxysite.com&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
943
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6211
x-xss-protection
0
server
cafe
etag
18326705275735229343
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Oct 2021 04:00:17 GMT
l
www.google.com/ads/measurement/ Frame E089 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOLOxED-HaM2OujxSjgMBBhvl4g55X73Db_eLlETguakb8ZmZpt-hMCevQ2MjH64qnjdskz0yUkRw0lBUErlyV09m1xg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960487&bpp=1&bdt=732&idt=0&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79c1726e715221dd-223590a137c900c4%3AT%3D1632024960%3ART%3D1632024960%3AS%3DALNI_MYV35HhRzJtt1_xx8HiwntDXQzCcg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8zgx2sr8yI&p=https%3A//www.proxysite.com&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
dpixel
cms.quantserve.com/ Frame 5241 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBpsEXwq4dpwkuqUFtLaf0M&google_cver=1&google_push=AYg5qPLU-vRszwpUaOG7nTm3mhLVPpePX_d-MHmvmZzFbz3byPErPzTNgd3U6trD1xqHnAn3q2qNv-bJQsPQEGGzfWzLdAuLC4y4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960487&bpp=1&bdt=732&idt=0&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79c1726e715221dd-223590a137c900c4%3AT%3D1632024960%3ART%3D1632024960%3AS%3DALNI_MYV35HhRzJtt1_xx8HiwntDXQzCcg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8zgx2sr8yI&p=https%3A//www.proxysite.com&dtd=16
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.226 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 04:16:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5241
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKWCb07tzYRdguOr0z13F5zBQSlvTAU-jX8UDBR924XdIPySoKKj6ftipRtVEshfU_OhuEOBNdGLo2qMgmuqP1rfkNG7nk_&google_gid=CAESEFAlIwsMtT32vC9KrauG3hw&goo...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCIDzmooGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBLV0NiMDd0ellSZGd1T3IwejEzRjV6QlFTbHZUQVUtalg4VURCUjkyNFhkSVB5U29LS2o2ZnRpcFJ0VkVzaGZVX09odUVPQk5kR0xvMnFNZ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwVVJvVFlEQXVRV1JRdFV3Z2FRcno4SmpoZmdEVUhsemtabEhET2tlNk9RZw==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwVVJvVFlEQXVRV1JRdFV3Z2FRcno4SmpoZmdEVUhsemtabEhET2tlNk9RZw==&google_push
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960487&bpp=1&bdt=732&idt=0&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79c1726e715221dd-223590a137c900c4%3AT%3D1632024960%3ART%3D1632024960%3AS%3DALNI_MYV35HhRzJtt1_xx8HiwntDXQzCcg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8zgx2sr8yI&p=https%3A//www.proxysite.com&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 04:16:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 19 Sep 2021 04:16:00 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwVVJvVFlEQXVRV1JRdFV3Z2FRcno4SmpoZmdEVUhsemtabEhET2tlNk9RZw==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
sync
odr.mookie1.com/t/v2/ Frame 5241 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEM6-F2CGAlTJg0Jcpzl3WIM&google_push=AYg5qPKRBh_WH2KHRQem5iMLB_qk2xLsslZNmEAadxNX2OcTNk58Gb55TVmm6eUMp2Hk5mHnF-xcae5gtkgXiziLyJ8rOIt9WIpd&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960487&bpp=1&bdt=732&idt=0&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79c1726e715221dd-223590a137c900c4%3AT%3D1632024960%3ART%3D1632024960%3AS%3DALNI_MYV35HhRzJtt1_xx8HiwntDXQzCcg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8zgx2sr8yI&p=https%3A//www.proxysite.com&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 04:16:00 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5241
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEIMmucu3YAAAAMLcwF9bN_E&google_cver=1&google_push=AYg5qPKpxpApHih6GFyxQEUySLlvcgY2nCensJK201Bkw274DCaU1aq1EYL6R-GJ9XxynX4QMed1IcT0aEGMtgmSdlfIM5oJgK1O
  • https://rtb.openx.net/sync/dds?google_gid=CAESEIMmucu3YAAAAMLcwF9bN_E&google_cver=1&google_push=AYg5qPKpxpApHih6GFyxQEUySLlvcgY2nCensJK201Bkw274DCaU1aq1EYL6R-GJ9XxynX4QMed1IcT0aEGMtgmSdlfIM5oJgK1O&...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKpxpApHih6GFyxQEUySLlvcgY2nCensJK201Bkw274DCaU1aq1EYL6R-GJ9XxynX4QMed1IcT0aEGMtgmSdlfIM5oJgK1O&google_hm=YA_xbxFDxtgLZbpPSVSnQQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKpxpApHih6GFyxQEUySLlvcgY2nCensJK201Bkw274DCaU1aq1EYL6R-GJ9XxynX4QMed1IcT0aEGMtgmSdlfIM5oJgK1O&google_hm=YA_xbxFDxtgLZbpPSVSnQQ==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960487&bpp=1&bdt=732&idt=0&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79c1726e715221dd-223590a137c900c4%3AT%3D1632024960%3ART%3D1632024960%3AS%3DALNI_MYV35HhRzJtt1_xx8HiwntDXQzCcg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8zgx2sr8yI&p=https%3A//www.proxysite.com&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 04:16:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 04:16:00 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKpxpApHih6GFyxQEUySLlvcgY2nCensJK201Bkw274DCaU1aq1EYL6R-GJ9XxynX4QMed1IcT0aEGMtgmSdlfIM5oJgK1O&google_hm=YA_xbxFDxtgLZbpPSVSnQQ==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
hmlopr7s7rgt89lfqa1korfpeasb0v11
pixel
cm.g.doubleclick.net/ Frame 5241
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3IQqxuZERiCoLZCpCJ20Uw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3IQqxuZERiCoLZCpCJ20Uw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLsmDVsoOt5QwYP3s3KYXyB0LFpm8u27JnKFBC70m2haqVafvsRE-aU2yUwtPYLwpkoGLrd9fA8ZFTh6GBgTdSYW_dATQHX
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960487&bpp=1&bdt=732&idt=0&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79c1726e715221dd-223590a137c900c4%3AT%3D1632024960%3ART%3D1632024960%3AS%3DALNI_MYV35HhRzJtt1_xx8HiwntDXQzCcg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8zgx2sr8yI&p=https%3A//www.proxysite.com&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 04:16:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3IQqxuZERiCoLZCpCJ20Uw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLsmDVsoOt5QwYP3s3KYXyB0LFpm8u27JnKFBC70m2haqVafvsRE-aU2yUwtPYLwpkoGLrd9fA8ZFTh6GBgTdSYW_dATQHX
date
Sun, 19 Sep 2021 04:15:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 5241
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKYqXdDVcQ18xBmtmBwx028&google_cver=1&google_push=AYg5qPJJe5el3Y-D5h9eQnqjK2isS5Dz-fxBVd_l5NRcJBAn_bfcz5AciuMW6kQgUtVJSJ5xBJr...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RRUElWMzItMjMtQjBQQg==&google_push=AYg5qPJJe5el3Y-D5h9eQnqjK2isS5Dz-fxBVd_l5NRcJBAn_bfcz5AciuMW6kQgUtVJSJ5xBJr6577o8-xg1v-DiSNbxOnEX1yN
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RRUElWMzItMjMtQjBQQg==&google_push=AYg5qPJJe5el3Y-D5h9eQnqjK2isS5Dz-fxBVd_l5NRcJBAn_bfcz5AciuMW6kQgUtVJSJ5xBJr6577o8-xg1v-DiSNbxOnEX1yN
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960487&bpp=1&bdt=732&idt=0&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79c1726e715221dd-223590a137c900c4%3AT%3D1632024960%3ART%3D1632024960%3AS%3DALNI_MYV35HhRzJtt1_xx8HiwntDXQzCcg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8zgx2sr8yI&p=https%3A//www.proxysite.com&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 04:16:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RRUElWMzItMjMtQjBQQg==&google_push=AYg5qPJJe5el3Y-D5h9eQnqjK2isS5Dz-fxBVd_l5NRcJBAn_bfcz5AciuMW6kQgUtVJSJ5xBJr6577o8-xg1v-DiSNbxOnEX1yN
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame 5241
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKi...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 5241 		0
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JzKZ4FOUBW1ZmeFWTxvDWXyAqI6YRgcKzfc_rv46twtAbMQwjbmO8VDNdoPPm7-JZqdrcU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1632024960&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632024960487&bpp=1&bdt=732&idt=0&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D79c1726e715221dd-223590a137c900c4%3AT%3D1632024960%3ART%3D1632024960%3AS%3DALNI_MYV35HhRzJtt1_xx8HiwntDXQzCcg&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=1815683785345&frm=20&pv=1&ga_vid=201018814.1632024960&ga_sid=1632024960&ga_hid=117941280&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3866630722841695&pem=33&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=8zgx2sr8yI&p=https%3A//www.proxysite.com&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:16:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame E089 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1c897d722820c6529c2ad94ad187d9416598a61dafac99088e9fb723761fb10

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.8/one-ad/ Frame A058 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kgsmmaqp08cqr12a0vhp1zym9465hepk78ga8ps22wdvs9aqxxab515mwevrnf8zfe352wc765ye24e66caz6cm4g8ee1k4a8mm02xbsh5da73ba4f5ggstzmj5tx4s31e0rqbmm8c8vqrfwnd1r9db5a0f0v5nxt8y0b7p2jp3b19xsjyxtbqwjemtpamhns0vtxrdedxtm5rpb59d1cqxkhbvpdheb2p2ezyb16heyc9twbgpjvf2f029sx18dwxt0ygneerqrcb2ngsjwv5epajjahqn8112sb2n4pkjbb64h4daj6ybpqy0tncy5qqfbs5tymkee19e4fh6ared55d0bvc40nw1a3n2zaamcxqgc46pwcr8383xv61heya2xn190nsv1bkaa569c80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChlNjgLlGYZ6vIMHz3wO0jYGYCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQIYQynVuKuzPqgDAaoEqQFP0Cp2k-q4qvb1qQ6e83V2rTF5SzB8Gt7WOb7DWjJUCASbbiMlOV2GicWcBKWXm1vWJLQBVUdBYbtxZ0mnV3FqxzHVXgoGJ9xD9iI-fEQSd7pMKGSOf1AEA00yxVa5aggbzYuojs2NS7PwpEtHM2kTpoB1iXjI4J5-aQVKN4UH7ZwqVxm5LlUlZRpKHKJOl2dJ_LLJd7sv6C1LNQuh4053Hz3HH4Ao61CcgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_35p2QZPIiy2dyE57kdr2hPVMyuvA%26client%3Dca-pub-5271052033776811%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.192.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kgsmmaqp08cqr12a0vhp1zym9465hepk78ga8ps22wdvs9aqxxab515mwevrnf8zfe352wc765ye24e66caz6cm4g8ee1k4a8mm02xbsh5da73ba4f5ggstzmj5tx4s31e0rqbmm8c8vqrfwnd1r9db5a0f0v5nxt8y0b7p2jp3b19xsjyxtbqwjemtpamhns0vtxrdedxtm5rpb59d1cqxkhbvpdheb2p2ezyb16heyc9twbgpjvf2f029sx18dwxt0ygneerqrcb2ngsjwv5epajjahqn8112sb2n4pkjbb64h4daj6ybpqy0tncy5qqfbs5tymkee19e4fh6ared55d0bvc40nw1a3n2zaamcxqgc46pwcr8383xv61heya2xn190nsv1bkaa569c80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChlNjgLlGYZ6vIMHz3wO0jYGYCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQIYQynVuKuzPqgDAaoEqQFP0Cp2k-q4qvb1qQ6e83V2rTF5SzB8Gt7WOb7DWjJUCASbbiMlOV2GicWcBKWXm1vWJLQBVUdBYbtxZ0mnV3FqxzHVXgoGJ9xD9iI-fEQSd7pMKGSOf1AEA00yxVa5aggbzYuojs2NS7PwpEtHM2kTpoB1iXjI4J5-aQVKN4UH7ZwqVxm5LlUlZRpKHKJOl2dJ_LLJd7sv6C1LNQuh4053Hz3HH4Ao61CcgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_35p2QZPIiy2dyE57kdr2hPVMyuvA%26client%3Dca-pub-5271052033776811%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:16:00 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
241046
cf-polished
origSize=65497
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 16 Sep 2021 09:18:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
690fff05dd793682-MAD
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame A058 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kgsmmaqp08cqr12a0vhp1zym9465hepk78ga8ps22wdvs9aqxxab515mwevrnf8zfe352wc765ye24e66caz6cm4g8ee1k4a8mm02xbsh5da73ba4f5ggstzmj5tx4s31e0rqbmm8c8vqrfwnd1r9db5a0f0v5nxt8y0b7p2jp3b19xsjyxtbqwjemtpamhns0vtxrdedxtm5rpb59d1cqxkhbvpdheb2p2ezyb16heyc9twbgpjvf2f029sx18dwxt0ygneerqrcb2ngsjwv5epajjahqn8112sb2n4pkjbb64h4daj6ybpqy0tncy5qqfbs5tymkee19e4fh6ared55d0bvc40nw1a3n2zaamcxqgc46pwcr8383xv61heya2xn190nsv1bkaa569c80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChlNjgLlGYZ6vIMHz3wO0jYGYCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQIYQynVuKuzPqgDAaoEqQFP0Cp2k-q4qvb1qQ6e83V2rTF5SzB8Gt7WOb7DWjJUCASbbiMlOV2GicWcBKWXm1vWJLQBVUdBYbtxZ0mnV3FqxzHVXgoGJ9xD9iI-fEQSd7pMKGSOf1AEA00yxVa5aggbzYuojs2NS7PwpEtHM2kTpoB1iXjI4J5-aQVKN4UH7ZwqVxm5LlUlZRpKHKJOl2dJ_LLJd7sv6C1LNQuh4053Hz3HH4Ao61CcgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_35p2QZPIiy2dyE57kdr2hPVMyuvA%26client%3Dca-pub-5271052033776811%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.192.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash
crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date
Sun, 19 Sep 2021 04:16:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44124
x-guploader-uploadid
ADPycdv4G-JGhb4GMWeB3P-9llmDn0sOwrt6TqlMp14rjhCBHiNXZ832UElVSVGhk9NPwZ0cgGa3vQiZvHqDERA5qQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 08 Sep 2021 05:18:43 GMT
server
cloudflare
etag
W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFteMxPS33yaubcuClanrFJxIY%2B4xZlujDmC1358IZo0GmLSA1kBHtVfH6TsjNLwKBfrlGqCRLFRwFl7iH0g6jC1ccO0g0KopXFAk2umzx3cA8lyIMLDMy4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1630387096547004
content-type
application/javascript; charset=utf-8
expires
Sat, 18 Sep 2021 16:00:36 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
690fff05ca0d37c7-MAD
cf-bgj
minify
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A058 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Sun, 19 Sep 2021 04:16:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8782579
x-guploader-uploadid
ABg5-UxmNygtG4eLBLdChKemjYzM246w-Wnf4rddTmUKKtis62i0l3iUADbPUUVxSuBx3DY2PYPQaCxpA_umJeWESN83dN-SaQ
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrgl7vjUheWppZQofEcK2mj8oPXpWWxQ6karfvLwxYdgJtbWhDfQzrI8cD7P2zkJt0AufGYSxb%2BoGV%2BqA2Y1ANOJEg1Kag%2BVthKZFhpvBWWzwP6vI%2Fw3rgA%2FR5s4MZABQbl3ppKx"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
690fff068b7665da-LHR
expires
Thu, 09 Jun 2022 12:39:42 GMT
frame.html
ad4m.at/ Frame A0C4 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.192.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 19 Sep 2021 04:16:01 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdtYAGbXSXvkV6Gk2Fe8ww6AaU_pcxq3z5j_E7sWpE3ktUzb_jdzcxUK1P-UtUSHZeULOm7UPiVtP-jUjlJsjDk
expires
Sun, 19 Sep 2021 05:16:01 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
cache-control
public, max-age=3600
age
1456463
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMbGkZyOlR8kPG1K7Tzvp9o%2BuIdxHY%2Bi1NwKkpmBzRDjoOzg7ZsKTC0b3p4Fub8oxZ01L5ylqpWsVjPSD3LkZnZdghwbwV35ssqD7JBYyxUgwuW%2FQsm8MKM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
690fff063d903682-MAD
content-encoding
br
rs
ad4m.at/ Frame A058 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.192.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7aa362f899dd8f6e58bce9d234625a3996615cb8f5a6d14c9765ab08481a49c

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
690fff0758a465fb-MAD
date
Sun, 19 Sep 2021 04:16:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEBVMynE3dqAPwPSmTRgxbV0rnAnemGnpLrN5x64r%2FRrROfCHtj9gKwkTvHHJHlNcClMz1OtiduMW2Dk1SS%2BYuBmiZ4V5WgSW05MH1M64nH13vtceaA8dtE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-ms1b
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Server
104.21.192.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 19 Sep 2021 04:16:01 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-ms1b
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QRztxe9aKHmb3b3zYPI6KFzDyEcDnvqSNn5Pgg%2FInt0%2B4Mn6N2ceEPAhfo5LphcGr%2FqpMltP%2Bh42cE1BHwPijZ9NoQ7Mlq0g4Mu%2FXT4wsXRvYTA7m7tDxcc%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
690fff06e87965fb-MAD
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210915&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
f6bcb1dac262644b6204d61d42b98c6e61966b7172f5751b843d44df4a31f321
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Sep 2021 04:16:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8509
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:16:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sun, 19 Sep 2021 04:16:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame AA57 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.proxysite.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sat, 18 Sep 2021 15:26:10 GMT
expires
Sun, 18 Sep 2022 15:26:10 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
46191
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame F0D3 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
GSE /
Resource Hash
494b155c1cc054adc12d9a58a862d7f3ce0dd8d39c7f3335464719412e32392c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wz4cf3Kz3Yu0CT7prwga3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.proxysite.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 19 Sep 2021 04:16:01 GMT
date
Sun, 19 Sep 2021 04:16:01 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-wz4cf3Kz3Yu0CT7prwga3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rar
as.ad4m.at/ad/ Frame EAA2 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=VJIPbSx3Pi1yJG0aTt1m8bhKK-wYnhsg&g=763c1703c9843e511bd0da8f97a809b0%2F18376122078504561464&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632024961196&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0jzv52hp29k3vwv5z4xe2nnbqvcj9xs1crg8trym5hhbpk4sem4snkkfg4nxz28j0r00chb5pcw55ftzpt0xcp4re8jw9114nag91jcx8y510qvxqnd6rzccc6ecwrrf1ah7ttyk14xtq8jahdrmqk9q0pnrdvj1w4tawbvvfcv42b62z0z2rdj6gbj5c2m8rx315702wmxeddd0fxsm7dadez2dh9qt1q8h7vm151p4zf40mmw2x1syc8atm6rnadw8ttkes3w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChlNjgLlGYZ6vIMHz3wO0jYGYCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQIYQynVuKuzPqgDAaoEqQFP0Cp2k-q4qvb1qQ6e83V2rTF5SzB8Gt7WOb7DWjJUCASbbiMlOV2GicWcBKWXm1vWJLQBVUdBYbtxZ0mnV3FqxzHVXgoGJ9xD9iI-fEQSd7pMKGSOf1AEA00yxVa5aggbzYuojs2NS7PwpEtHM2kTpoB1iXjI4J5-aQVKN4UH7ZwqVxm5LlUlZRpKHKJOl2dJ_LLJd7sv6C1LNQuh4053Hz3HH4Ao61CcgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_35p2QZPIiy2dyE57kdr2hPVMyuvA%252526client%25253Dca-pub-5271052033776811%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.192.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1645a503912de50279ee56b6fe6dd948bb0dac27a5705e9f855b37f567eec46
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=VJIPbSx3Pi1yJG0aTt1m8bhKK-wYnhsg&g=763c1703c9843e511bd0da8f97a809b0%2F18376122078504561464&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632024961196&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0jzv52hp29k3vwv5z4xe2nnbqvcj9xs1crg8trym5hhbpk4sem4snkkfg4nxz28j0r00chb5pcw55ftzpt0xcp4re8jw9114nag91jcx8y510qvxqnd6rzccc6ecwrrf1ah7ttyk14xtq8jahdrmqk9q0pnrdvj1w4tawbvvfcv42b62z0z2rdj6gbj5c2m8rx315702wmxeddd0fxsm7dadez2dh9qt1q8h7vm151p4zf40mmw2x1syc8atm6rnadw8ttkes3w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChlNjgLlGYZ6vIMHz3wO0jYGYCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQIYQynVuKuzPqgDAaoEqQFP0Cp2k-q4qvb1qQ6e83V2rTF5SzB8Gt7WOb7DWjJUCASbbiMlOV2GicWcBKWXm1vWJLQBVUdBYbtxZ0mnV3FqxzHVXgoGJ9xD9iI-fEQSd7pMKGSOf1AEA00yxVa5aggbzYuojs2NS7PwpEtHM2kTpoB1iXjI4J5-aQVKN4UH7ZwqVxm5LlUlZRpKHKJOl2dJ_LLJd7sv6C1LNQuh4053Hz3HH4Ao61CcgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_35p2QZPIiy2dyE57kdr2hPVMyuvA%252526client%25253Dca-pub-5271052033776811%252526adurl%25253D&y=1&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://as.ad4m.at/ad/dr?ed=1kgsmmaqp08cqr12a0vhp1zym9465hepk78ga8ps22wdvs9aqxxab515mwevrnf8zfe352wc765ye24e66caz6cm4g8ee1k4a8mm02xbsh5da73ba4f5ggstzmj5tx4s31e0rqbmm8c8vqrfwnd1r9db5a0f0v5nxt8y0b7p2jp3b19xsjyxtbqwjemtpamhns0vtxrdedxtm5rpb59d1cqxkhbvpdheb2p2ezyb16heyc9twbgpjvf2f029sx18dwxt0ygneerqrcb2ngsjwv5epajjahqn8112sb2n4pkjbb64h4daj6ybpqy0tncy5qqfbs5tymkee19e4fh6ared55d0bvc40nw1a3n2zaamcxqgc46pwcr8383xv61heya2xn190nsv1bkaa569c80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChlNjgLlGYZ6vIMHz3wO0jYGYCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQIYQynVuKuzPqgDAaoEqQFP0Cp2k-q4qvb1qQ6e83V2rTF5SzB8Gt7WOb7DWjJUCASbbiMlOV2GicWcBKWXm1vWJLQBVUdBYbtxZ0mnV3FqxzHVXgoGJ9xD9iI-fEQSd7pMKGSOf1AEA00yxVa5aggbzYuojs2NS7PwpEtHM2kTpoB1iXjI4J5-aQVKN4UH7ZwqVxm5LlUlZRpKHKJOl2dJ_LLJd7sv6C1LNQuh4053Hz3HH4Ao61CcgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_35p2QZPIiy2dyE57kdr2hPVMyuvA%26client%3Dca-pub-5271052033776811%26adurl%3D
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kgsmmaqp08cqr12a0vhp1zym9465hepk78ga8ps22wdvs9aqxxab515mwevrnf8zfe352wc765ye24e66caz6cm4g8ee1k4a8mm02xbsh5da73ba4f5ggstzmj5tx4s31e0rqbmm8c8vqrfwnd1r9db5a0f0v5nxt8y0b7p2jp3b19xsjyxtbqwjemtpamhns0vtxrdedxtm5rpb59d1cqxkhbvpdheb2p2ezyb16heyc9twbgpjvf2f029sx18dwxt0ygneerqrcb2ngsjwv5epajjahqn8112sb2n4pkjbb64h4daj6ybpqy0tncy5qqfbs5tymkee19e4fh6ared55d0bvc40nw1a3n2zaamcxqgc46pwcr8383xv61heya2xn190nsv1bkaa569c80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChlNjgLlGYZ6vIMHz3wO0jYGYCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQIYQynVuKuzPqgDAaoEqQFP0Cp2k-q4qvb1qQ6e83V2rTF5SzB8Gt7WOb7DWjJUCASbbiMlOV2GicWcBKWXm1vWJLQBVUdBYbtxZ0mnV3FqxzHVXgoGJ9xD9iI-fEQSd7pMKGSOf1AEA00yxVa5aggbzYuojs2NS7PwpEtHM2kTpoB1iXjI4J5-aQVKN4UH7ZwqVxm5LlUlZRpKHKJOl2dJ_LLJd7sv6C1LNQuh4053Hz3HH4Ao61CcgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_35p2QZPIiy2dyE57kdr2hPVMyuvA%26client%3Dca-pub-5271052033776811%26adurl%3D

Response headers

date
Sun, 19 Sep 2021 04:16:01 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
690fff086e3e3682-MAD
content-encoding
br
0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js
pagead2.googlesyndication.com/bg/ Frame AA57 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
d2568c052b452231835fe2dba24a62b753e2c153735dcced63aab0005ec06a60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 15:42:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
45212
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13319
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 14:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 18 Sep 2022 15:42:29 GMT
default.css
as.ad4m.at/ad/style/0.1.8/one-ad/ Frame EAA2 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=VJIPbSx3Pi1yJG0aTt1m8bhKK-wYnhsg&g=763c1703c9843e511bd0da8f97a809b0%2F18376122078504561464&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632024961196&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0jzv52hp29k3vwv5z4xe2nnbqvcj9xs1crg8trym5hhbpk4sem4snkkfg4nxz28j0r00chb5pcw55ftzpt0xcp4re8jw9114nag91jcx8y510qvxqnd6rzccc6ecwrrf1ah7ttyk14xtq8jahdrmqk9q0pnrdvj1w4tawbvvfcv42b62z0z2rdj6gbj5c2m8rx315702wmxeddd0fxsm7dadez2dh9qt1q8h7vm151p4zf40mmw2x1syc8atm6rnadw8ttkes3w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChlNjgLlGYZ6vIMHz3wO0jYGYCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQIYQynVuKuzPqgDAaoEqQFP0Cp2k-q4qvb1qQ6e83V2rTF5SzB8Gt7WOb7DWjJUCASbbiMlOV2GicWcBKWXm1vWJLQBVUdBYbtxZ0mnV3FqxzHVXgoGJ9xD9iI-fEQSd7pMKGSOf1AEA00yxVa5aggbzYuojs2NS7PwpEtHM2kTpoB1iXjI4J5-aQVKN4UH7ZwqVxm5LlUlZRpKHKJOl2dJ_LLJd7sv6C1LNQuh4053Hz3HH4Ao61CcgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_35p2QZPIiy2dyE57kdr2hPVMyuvA%252526client%25253Dca-pub-5271052033776811%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.192.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=VJIPbSx3Pi1yJG0aTt1m8bhKK-wYnhsg&g=763c1703c9843e511bd0da8f97a809b0%2F18376122078504561464&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632024961196&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0jzv52hp29k3vwv5z4xe2nnbqvcj9xs1crg8trym5hhbpk4sem4snkkfg4nxz28j0r00chb5pcw55ftzpt0xcp4re8jw9114nag91jcx8y510qvxqnd6rzccc6ecwrrf1ah7ttyk14xtq8jahdrmqk9q0pnrdvj1w4tawbvvfcv42b62z0z2rdj6gbj5c2m8rx315702wmxeddd0fxsm7dadez2dh9qt1q8h7vm151p4zf40mmw2x1syc8atm6rnadw8ttkes3w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChlNjgLlGYZ6vIMHz3wO0jYGYCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQIYQynVuKuzPqgDAaoEqQFP0Cp2k-q4qvb1qQ6e83V2rTF5SzB8Gt7WOb7DWjJUCASbbiMlOV2GicWcBKWXm1vWJLQBVUdBYbtxZ0mnV3FqxzHVXgoGJ9xD9iI-fEQSd7pMKGSOf1AEA00yxVa5aggbzYuojs2NS7PwpEtHM2kTpoB1iXjI4J5-aQVKN4UH7ZwqVxm5LlUlZRpKHKJOl2dJ_LLJd7sv6C1LNQuh4053Hz3HH4Ao61CcgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_35p2QZPIiy2dyE57kdr2hPVMyuvA%252526client%25253Dca-pub-5271052033776811%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:16:01 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
241047
cf-polished
origSize=65497
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 16 Sep 2021 09:18:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
690fff091e723682-MAD
cf-bgj
minify
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame EAA2 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=VJIPbSx3Pi1yJG0aTt1m8bhKK-wYnhsg&g=763c1703c9843e511bd0da8f97a809b0%2F18376122078504561464&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632024961196&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0jzv52hp29k3vwv5z4xe2nnbqvcj9xs1crg8trym5hhbpk4sem4snkkfg4nxz28j0r00chb5pcw55ftzpt0xcp4re8jw9114nag91jcx8y510qvxqnd6rzccc6ecwrrf1ah7ttyk14xtq8jahdrmqk9q0pnrdvj1w4tawbvvfcv42b62z0z2rdj6gbj5c2m8rx315702wmxeddd0fxsm7dadez2dh9qt1q8h7vm151p4zf40mmw2x1syc8atm6rnadw8ttkes3w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChlNjgLlGYZ6vIMHz3wO0jYGYCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQIYQynVuKuzPqgDAaoEqQFP0Cp2k-q4qvb1qQ6e83V2rTF5SzB8Gt7WOb7DWjJUCASbbiMlOV2GicWcBKWXm1vWJLQBVUdBYbtxZ0mnV3FqxzHVXgoGJ9xD9iI-fEQSd7pMKGSOf1AEA00yxVa5aggbzYuojs2NS7PwpEtHM2kTpoB1iXjI4J5-aQVKN4UH7ZwqVxm5LlUlZRpKHKJOl2dJ_LLJd7sv6C1LNQuh4053Hz3HH4Ao61CcgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_35p2QZPIiy2dyE57kdr2hPVMyuvA%252526client%25253Dca-pub-5271052033776811%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.192.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash
crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date
Sun, 19 Sep 2021 04:16:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
562015
cf-polished
origFmt=png, origSize=35453
x-guploader-uploadid
ADPycdu_4CVRKL-H2U_uJc2AM8JaAC7hVQ00MQw71FTE1qq0gp4u82W_U3K5mm4xGcgGP0_o8srr2-dPMx70Qt0YNwbNSw_8ZA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18872
expires
Mon, 20 Sep 2021 04:16:01 GMT
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FeqzmoBZ4teeSXH3EAwW6fK1OntNEVxft13R%2F8b%2B6KSQRDNPHQ156xiW1%2FeKhZCgG9VY%2Foe1tcZEmy67WdP3AjbuHpM9VNzQcAgC1eTygsBEZ7uH6gU4846pwuUz2sFn"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589805029334103
access-control-allow-origin
*
content-type
image/webp
access-control-expose-headers
Content-Type, Content-Length
cache-control
public, max-age=86400
x-goog-stored-content-length
35453
accept-ranges
bytes
cf-ray
690fff094b6137c7-MAD
cf-bgj
imgq:85,h2pri
A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame EAA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=VJIPbSx3Pi1yJG0aTt1m8bhKK-wYnhsg&g=763c1703c9843e511bd0da8f97a809b0%2F18376122078504561464&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632024961196&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0jzv52hp29k3vwv5z4xe2nnbqvcj9xs1crg8trym5hhbpk4sem4snkkfg4nxz28j0r00chb5pcw55ftzpt0xcp4re8jw9114nag91jcx8y510qvxqnd6rzccc6ecwrrf1ah7ttyk14xtq8jahdrmqk9q0pnrdvj1w4tawbvvfcv42b62z0z2rdj6gbj5c2m8rx315702wmxeddd0fxsm7dadez2dh9qt1q8h7vm151p4zf40mmw2x1syc8atm6rnadw8ttkes3w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChlNjgLlGYZ6vIMHz3wO0jYGYCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQIYQynVuKuzPqgDAaoEqQFP0Cp2k-q4qvb1qQ6e83V2rTF5SzB8Gt7WOb7DWjJUCASbbiMlOV2GicWcBKWXm1vWJLQBVUdBYbtxZ0mnV3FqxzHVXgoGJ9xD9iI-fEQSd7pMKGSOf1AEA00yxVa5aggbzYuojs2NS7PwpEtHM2kTpoB1iXjI4J5-aQVKN4UH7ZwqVxm5LlUlZRpKHKJOl2dJ_LLJd7sv6C1LNQuh4053Hz3HH4Ao61CcgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_35p2QZPIiy2dyE57kdr2hPVMyuvA%252526client%25253Dca-pub-5271052033776811%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.192.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash
crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date
Sun, 19 Sep 2021 04:16:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1452135
cf-polished
origFmt=png, origSize=4031
x-guploader-uploadid
ADPycdvsQVOCIftycbRnQj0qtbMApkQGigK3vtwVsyxm4SYgML0MbWtEwImOXi8b2vC14B4DSSE1UIympQcAXgQFZrezyPutnw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1598
last-modified
Wed, 20 Jan 2021 17:03:56 GMT
server
cloudflare
etag
"7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p65%2FZvvWxUjhN7%2BcYxnnsaLzqzlri1M1%2FjMoBN0bUBf%2BK4Di6%2BN2plxONxOZ%2BkRF%2FDRKfjZfrZkHxt%2FwrADFhTOvBtV3Syj7qFChWEospEaLxjFDW%2BhEaHMRXvYH8Qdc"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1611162235947637
content-type
image/webp
expires
Mon, 20 Sep 2021 04:16:01 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
4031
accept-ranges
bytes
cf-ray
690fff094b6037c7-MAD
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame EAA2 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneide7RC3fVfxBVcjHZHet1teW3sjTQTx8Joneid__asuidVJIPbSx3Pi1yJG0aTt1m8bhKK-wYnhsgasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=VJIPbSx3Pi1yJG0aTt1m8bhKK-wYnhsg&g=763c1703c9843e511bd0da8f97a809b0%2F18376122078504561464&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632024961196&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0jzv52hp29k3vwv5z4xe2nnbqvcj9xs1crg8trym5hhbpk4sem4snkkfg4nxz28j0r00chb5pcw55ftzpt0xcp4re8jw9114nag91jcx8y510qvxqnd6rzccc6ecwrrf1ah7ttyk14xtq8jahdrmqk9q0pnrdvj1w4tawbvvfcv42b62z0z2rdj6gbj5c2m8rx315702wmxeddd0fxsm7dadez2dh9qt1q8h7vm151p4zf40mmw2x1syc8atm6rnadw8ttkes3w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChlNjgLlGYZ6vIMHz3wO0jYGYCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQIYQynVuKuzPqgDAaoEqQFP0Cp2k-q4qvb1qQ6e83V2rTF5SzB8Gt7WOb7DWjJUCASbbiMlOV2GicWcBKWXm1vWJLQBVUdBYbtxZ0mnV3FqxzHVXgoGJ9xD9iI-fEQSd7pMKGSOf1AEA00yxVa5aggbzYuojs2NS7PwpEtHM2kTpoB1iXjI4J5-aQVKN4UH7ZwqVxm5LlUlZRpKHKJOl2dJ_LLJd7sv6C1LNQuh4053Hz3HH4Ao61CcgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_35p2QZPIiy2dyE57kdr2hPVMyuvA%252526client%25253Dca-pub-5271052033776811%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 04:16:01 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame EAA2 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=VJIPbSx3Pi1yJG0aTt1m8bhKK-wYnhsg&g=763c1703c9843e511bd0da8f97a809b0%2F18376122078504561464&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632024961196&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0jzv52hp29k3vwv5z4xe2nnbqvcj9xs1crg8trym5hhbpk4sem4snkkfg4nxz28j0r00chb5pcw55ftzpt0xcp4re8jw9114nag91jcx8y510qvxqnd6rzccc6ecwrrf1ah7ttyk14xtq8jahdrmqk9q0pnrdvj1w4tawbvvfcv42b62z0z2rdj6gbj5c2m8rx315702wmxeddd0fxsm7dadez2dh9qt1q8h7vm151p4zf40mmw2x1syc8atm6rnadw8ttkes3w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChlNjgLlGYZ6vIMHz3wO0jYGYCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQIYQynVuKuzPqgDAaoEqQFP0Cp2k-q4qvb1qQ6e83V2rTF5SzB8Gt7WOb7DWjJUCASbbiMlOV2GicWcBKWXm1vWJLQBVUdBYbtxZ0mnV3FqxzHVXgoGJ9xD9iI-fEQSd7pMKGSOf1AEA00yxVa5aggbzYuojs2NS7PwpEtHM2kTpoB1iXjI4J5-aQVKN4UH7ZwqVxm5LlUlZRpKHKJOl2dJ_LLJd7sv6C1LNQuh4053Hz3HH4Ao61CcgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_35p2QZPIiy2dyE57kdr2hPVMyuvA%252526client%25253Dca-pub-5271052033776811%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.192.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash
crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date
Sun, 19 Sep 2021 04:16:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1450633
cf-polished
origFmt=png, origSize=44613
x-guploader-uploadid
ADPycdu8AuXqXnc1Z7kTP3l-JmrZxQ8XC0WHk3RnPaeBj9uKIwfNOBKLc6_pUuH8tj7LO-fQic3h6do45VfeaTyNTTjIFPjx4Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39202
last-modified
Wed, 22 Jan 2020 13:11:41 GMT
server
cloudflare
etag
"c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qHcbLmQn3yryzzdLs46Rqgm%2F4GZvhl7PfgXHdv0HZlwTtCm8dU%2BK%2BsLZW2vt5hSnBfltFOz3tM6nCHHCfFu7ORZ8zmqRXkkDK6Mya03ISy9YniDdTpwaloPq4pZGfK%2Bw"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698701189315
content-type
image/webp
expires
Mon, 20 Sep 2021 04:16:01 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
44613
accept-ranges
bytes
cf-ray
690fff094b6237c7-MAD
cf-bgj
imgq:85,h2pri
69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame EAA2 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=VJIPbSx3Pi1yJG0aTt1m8bhKK-wYnhsg&g=763c1703c9843e511bd0da8f97a809b0%2F18376122078504561464&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632024961196&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0jzv52hp29k3vwv5z4xe2nnbqvcj9xs1crg8trym5hhbpk4sem4snkkfg4nxz28j0r00chb5pcw55ftzpt0xcp4re8jw9114nag91jcx8y510qvxqnd6rzccc6ecwrrf1ah7ttyk14xtq8jahdrmqk9q0pnrdvj1w4tawbvvfcv42b62z0z2rdj6gbj5c2m8rx315702wmxeddd0fxsm7dadez2dh9qt1q8h7vm151p4zf40mmw2x1syc8atm6rnadw8ttkes3w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChlNjgLlGYZ6vIMHz3wO0jYGYCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQIYQynVuKuzPqgDAaoEqQFP0Cp2k-q4qvb1qQ6e83V2rTF5SzB8Gt7WOb7DWjJUCASbbiMlOV2GicWcBKWXm1vWJLQBVUdBYbtxZ0mnV3FqxzHVXgoGJ9xD9iI-fEQSd7pMKGSOf1AEA00yxVa5aggbzYuojs2NS7PwpEtHM2kTpoB1iXjI4J5-aQVKN4UH7ZwqVxm5LlUlZRpKHKJOl2dJ_LLJd7sv6C1LNQuh4053Hz3HH4Ao61CcgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_35p2QZPIiy2dyE57kdr2hPVMyuvA%252526client%25253Dca-pub-5271052033776811%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.192.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:16:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
280174
cf-polished
origFmt=png, origSize=136328
x-guploader-uploadid
ADPycduQYFGrDhhEHnoMQ597PAsLETD5llIKn_SUVS1EMqYpvtJ01ZXLsE3aNzYpeAuKhKSvepYX8ZW_n13SkUKIU_jujFdXTw
x-goog-storage-class
MULTI_REGIONAL
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JaJgF3OTdGmP5A3FhfABM5RvdJ0KT3Vpx%2FDv2i15%2BTq%2BeEzmOflzNlr7C4EkFHbn2LNSVpag7HC5sT%2F1P7lU8PDR7NKvf%2BQ8nRbVCcnz4wQY6O94NF5ZchUJbizOevD5"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
115268
cf-ray
690fff094b6337c7-MAD
expires
Mon, 20 Sep 2021 04:16:01 GMT
last-modified
Tue, 29 Oct 2019 09:42:57 GMT
server
cloudflare
etag
"0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
x-goog-generation
1572342177666668
access-control-allow-origin
*
access-control-expose-headers
Content-Type,Content-Length
cache-control
public, max-age=86400
x-goog-stored-content-length
136328
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame EAA2 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneide7RC3fVfYpcjHZHet1tbrzUjTQTx8Joneid__asuidVJIPbSx3Pi1yJG0aTt1m8bhKK-wYnhsgasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=VJIPbSx3Pi1yJG0aTt1m8bhKK-wYnhsg&g=763c1703c9843e511bd0da8f97a809b0%2F18376122078504561464&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632024961196&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0jzv52hp29k3vwv5z4xe2nnbqvcj9xs1crg8trym5hhbpk4sem4snkkfg4nxz28j0r00chb5pcw55ftzpt0xcp4re8jw9114nag91jcx8y510qvxqnd6rzccc6ecwrrf1ah7ttyk14xtq8jahdrmqk9q0pnrdvj1w4tawbvvfcv42b62z0z2rdj6gbj5c2m8rx315702wmxeddd0fxsm7dadez2dh9qt1q8h7vm151p4zf40mmw2x1syc8atm6rnadw8ttkes3w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChlNjgLlGYZ6vIMHz3wO0jYGYCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQIYQynVuKuzPqgDAaoEqQFP0Cp2k-q4qvb1qQ6e83V2rTF5SzB8Gt7WOb7DWjJUCASbbiMlOV2GicWcBKWXm1vWJLQBVUdBYbtxZ0mnV3FqxzHVXgoGJ9xD9iI-fEQSd7pMKGSOf1AEA00yxVa5aggbzYuojs2NS7PwpEtHM2kTpoB1iXjI4J5-aQVKN4UH7ZwqVxm5LlUlZRpKHKJOl2dJ_LLJd7sv6C1LNQuh4053Hz3HH4Ao61CcgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_35p2QZPIiy2dyE57kdr2hPVMyuvA%252526client%25253Dca-pub-5271052033776811%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 04:16:01 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame EAA2 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=VJIPbSx3Pi1yJG0aTt1m8bhKK-wYnhsg&g=763c1703c9843e511bd0da8f97a809b0%2F18376122078504561464&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632024961196&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0jzv52hp29k3vwv5z4xe2nnbqvcj9xs1crg8trym5hhbpk4sem4snkkfg4nxz28j0r00chb5pcw55ftzpt0xcp4re8jw9114nag91jcx8y510qvxqnd6rzccc6ecwrrf1ah7ttyk14xtq8jahdrmqk9q0pnrdvj1w4tawbvvfcv42b62z0z2rdj6gbj5c2m8rx315702wmxeddd0fxsm7dadez2dh9qt1q8h7vm151p4zf40mmw2x1syc8atm6rnadw8ttkes3w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChlNjgLlGYZ6vIMHz3wO0jYGYCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQIYQynVuKuzPqgDAaoEqQFP0Cp2k-q4qvb1qQ6e83V2rTF5SzB8Gt7WOb7DWjJUCASbbiMlOV2GicWcBKWXm1vWJLQBVUdBYbtxZ0mnV3FqxzHVXgoGJ9xD9iI-fEQSd7pMKGSOf1AEA00yxVa5aggbzYuojs2NS7PwpEtHM2kTpoB1iXjI4J5-aQVKN4UH7ZwqVxm5LlUlZRpKHKJOl2dJ_LLJd7sv6C1LNQuh4053Hz3HH4Ao61CcgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_35p2QZPIiy2dyE57kdr2hPVMyuvA%252526client%25253Dca-pub-5271052033776811%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.192.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:16:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
283706
cf-polished
qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid
ADPycdsoT26b2gskPMNq15ZYvpyl6NI1VnLYIhJ9dzP2rffmfUZUy08h5oD92hEsBmdhhgA0JDvBvcGnLWY5ay-ilCaRg1cKWQ
x-goog-storage-class
MULTI_REGIONAL
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMClMjMl13l8R7bllM9XIFb9plD3LNW9BlmG%2BcLKTZsLpyWl7hM0sX9JsOl%2BCqcIy0hjUXqXaFS07WmQPvOQ98t9fm94MXlXm2mnWiEkG%2B%2BDiOJwjzG8Pf323HZIjCZy"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8354
cf-ray
690fff094b6637c7-MAD
expires
Mon, 20 Sep 2021 04:16:01 GMT
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
x-goog-generation
1579698787150900
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Length
cache-control
public, max-age=86400
x-goog-stored-content-length
16723
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
assets.ad4m.at/ Frame EAA2 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=VJIPbSx3Pi1yJG0aTt1m8bhKK-wYnhsg&g=763c1703c9843e511bd0da8f97a809b0%2F18376122078504561464&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632024961196&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0jzv52hp29k3vwv5z4xe2nnbqvcj9xs1crg8trym5hhbpk4sem4snkkfg4nxz28j0r00chb5pcw55ftzpt0xcp4re8jw9114nag91jcx8y510qvxqnd6rzccc6ecwrrf1ah7ttyk14xtq8jahdrmqk9q0pnrdvj1w4tawbvvfcv42b62z0z2rdj6gbj5c2m8rx315702wmxeddd0fxsm7dadez2dh9qt1q8h7vm151p4zf40mmw2x1syc8atm6rnadw8ttkes3w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChlNjgLlGYZ6vIMHz3wO0jYGYCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQIYQynVuKuzPqgDAaoEqQFP0Cp2k-q4qvb1qQ6e83V2rTF5SzB8Gt7WOb7DWjJUCASbbiMlOV2GicWcBKWXm1vWJLQBVUdBYbtxZ0mnV3FqxzHVXgoGJ9xD9iI-fEQSd7pMKGSOf1AEA00yxVa5aggbzYuojs2NS7PwpEtHM2kTpoB1iXjI4J5-aQVKN4UH7ZwqVxm5LlUlZRpKHKJOl2dJ_LLJd7sv6C1LNQuh4053Hz3HH4Ao61CcgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_35p2QZPIiy2dyE57kdr2hPVMyuvA%252526client%25253Dca-pub-5271052033776811%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.192.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 04:16:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249833
cf-polished
qual=85, origFmt=jpeg, origSize=40264
x-guploader-uploadid
ADPycdsFxik0yr8zRJgo7pywAV0ogtTt-2gyH0Q51GtSjH-i1u68-yuhELsU5PdqoJZbFmvTWQlAC2CoVAuf02YTHRQ3N_tLzw
x-goog-storage-class
MULTI_REGIONAL
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wwncjglm7I44Nk1hT4n0m%2FMS%2BqykIuevNgtRosZZ3kLa49oj%2B4okghV2yfmpm1r4ZBF0xG0UjJx%2BI9qPvgvyZmwUOlXkADt0prZjQLWmXmvqdihTHNlROQJRIPiTyB5%2B"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35504
cf-ray
690fff094b6437c7-MAD
expires
Mon, 20 Sep 2021 04:16:01 GMT
last-modified
Wed, 19 Feb 2020 17:37:15 GMT
server
cloudflare
etag
"9eb405de815dd9d9e1f1e47322ddf6dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=DWwdxw==, md5=nrQF3oFd2dnh8eRzIt323A==
x-goog-generation
1582133835673152
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Length
cache-control
public, max-age=86400
x-goog-stored-content-length
40264
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
/
banner.congstar.de/cookie/ Frame EAA2
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CPmF4OCWivMCFbuK_QcdeBcCug;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidVJIPbSx3Pi1yJG0aTt1m8bhKK-wYnhsgasuid__dc_reach_suite02wkz&gdpr_cons...
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1632024961_4c8bd690-1900-11ec-a5f3-692d0d349c1f
0
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1632024961_4c8bd690-1900-11ec-a5f3-692d0d349c1f
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=728&d=90&e=VJIPbSx3Pi1yJG0aTt1m8bhKK-wYnhsg&g=763c1703c9843e511bd0da8f97a809b0%2F18376122078504561464&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632024961196&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0jzv52hp29k3vwv5z4xe2nnbqvcj9xs1crg8trym5hhbpk4sem4snkkfg4nxz28j0r00chb5pcw55ftzpt0xcp4re8jw9114nag91jcx8y510qvxqnd6rzccc6ecwrrf1ah7ttyk14xtq8jahdrmqk9q0pnrdvj1w4tawbvvfcv42b62z0z2rdj6gbj5c2m8rx315702wmxeddd0fxsm7dadez2dh9qt1q8h7vm151p4zf40mmw2x1syc8atm6rnadw8ttkes3w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DChlNjgLlGYZ6vIMHz3wO0jYGYCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUyNzEwNTIwMzM3NzY4MTGgAcKu6N0DyAEJqQIYQynVuKuzPqgDAaoEqQFP0Cp2k-q4qvb1qQ6e83V2rTF5SzB8Gt7WOb7DWjJUCASbbiMlOV2GicWcBKWXm1vWJLQBVUdBYbtxZ0mnV3FqxzHVXgoGJ9xD9iI-fEQSd7pMKGSOf1AEA00yxVa5aggbzYuojs2NS7PwpEtHM2kTpoB1iXjI4J5-aQVKN4UH7ZwqVxm5LlUlZRpKHKJOl2dJ_LLJd7sv6C1LNQuh4053Hz3HH4Ao61CcgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_35p2QZPIiy2dyE57kdr2hPVMyuvA%252526client%25253Dca-pub-5271052033776811%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.139.251.148.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 04:16:00 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Sun, 19 Sep 2021 04:16:01 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1632024961_4c8bd690-1900-11ec-a5f3-692d0d349c1f
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame F0D3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210915&jk=3866630722841695&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210915&jk=3866630722841695&bg=!k5ClkNTNAAaUnz4elJ87ACkAdvg8WutMt6HoyOYXzyJzX3IOrxJJBvRtciPrMd6IT43kOiPwGVwazwIAAABuUgAAAAloAQcKAKmtVOJaxh_A4vaWyFeU-QvloTYtzPcQ2vfjkZsCccRELdnOaKCSXvw3iJ_TusrxMep_SmokrDKzZPyhLgCVjj7pymqxVAd5Z9pQg6CQ_Z6OS8UqNqRs07yOHXcHyU5MKXmGlCqxSPqTfzn-6u990i_WdR56mGjGGb25xref-IQCHIQB2nDrmg6mq5sWmQ_BX7ZF6fTfxrRvRlmk5K97sINEkHWBUYqRXcKPmQJ4BsaV8PUnmRw63MzN5dhW2oRhmC23anTJcMosghIn2OIFqD0CfkX_2wqrpCfWLM4tSGIufxsPb6Fp48xiadWYdZjvyfTcyCPwgK1sYwGRHayPRU0e4dsgSK0N_aSv2IldxZU1f_1zGX6TTFrFTd3aCERcAPrgP-O0_dQPI-8KgjSK4qXlhx_qXSGVHVXgP7uvGKuADZJSHEkopyB7l2wSV8kzSTzqM7idXHf5qYf4H3rBDm9jwfyQIO4snFA4LIXhPt605YyxqVklhXEa658fNxfdIesjePv8qbmMAZbQUb0GhFRQ7LLYKWzyMnFZGvvLFpLqxysH-3XR2xCW6K9vbSs757bAG6K5KMtQ08pS2AdEzEVgj_v5vhelSmFixbJG5ZdPFt32okNI-MtrvLZy0rvRjHXL211Va6nfW0jXmmelJRnXmc1Y9OLjWOg2v5hMVPG2VSiyOUJA0GVHz25Ty9W3G5QDlNEpk3kh2XudKYtnyeKcSnik2E4hsCcwu-IWKGPd3SVx906MYOzi3j4LK_RXifXpG-cf6xs9FJZBwuXx1doYq3h7MJMg59XXA4uiI6aepNfSspj3BwISmwK7Gh-y7q87Ik78UTtdCLrdGRF_XPBcfRCVr09LhkBcTns1dtL0tAYOb4D8lKxo0z77WJECpjpR2205uCtCtVXYBqHPFuynTEmCG9cApqvLr85YjZoydski2Ymc3v2TXstz7FxrptYwghriVQ7yp29KvkWIU6j9mAHfU8DfMRDru-8ieKb9ta9V21r4k50p5azlUli31_XDavmacoqEzO4x2alX7cT4_ccQ4fRc2UjCb4nHidNWa6w--Ww
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.proxysite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKiO7NQL_A6lqDeDHd_iJ1NZIoGBhJ7tuIfSUHACkW8UPrX69mUtSa9HpRaanrVj-L

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| onbeforexrselect boolean| originAgentCluster number| screenWidth number| google_ad_slot object| FB object| __twttrll object| twttr object| __twttr function| $ function| jQuery function| setFormAction function| isProd function| closeLanguageBar function| setLanguage function| setupNavDrop function| initMobileNav function| initCustomForms function| initSameHeight object| jcf string| GoogleAnalyticsObject function| ga object| jQuery1124042538295166975537 object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_persistent_state_async string| google_user_agent_client_hint object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| googletag object| GoogleGcLKhOms object| google_image_requests

28 Cookies

Domain/Path Name / Value
www.proxysite.com/ Name: PHPSESSID
Value: mk549aiis29r95rv1ll4ou1aj7
www.proxysite.com/ Name: hl
Value: en
www.proxysite.com/ Name: AWSALB
Value: QAEUxAjrvAuI9tXgX9SNr+bNw5IwwuWFwcnwFSZ9zNvmKfVBB6dqa2KASGfMOA0gTQgDDTsb6lIxCcHQO9fU1XlEEzw0felVahNFMzFpLa8maCwflmnBS1eIglUL
www.proxysite.com/ Name: AWSALBCORS
Value: QAEUxAjrvAuI9tXgX9SNr+bNw5IwwuWFwcnwFSZ9zNvmKfVBB6dqa2KASGfMOA0gTQgDDTsb6lIxCcHQO9fU1XlEEzw0felVahNFMzFpLa8maCwflmnBS1eIglUL
.proxysite.com/ Name: _ga
Value: GA1.2.201018814.1632024960
.proxysite.com/ Name: _gid
Value: GA1.2.51218623.1632024960
.proxysite.com/ Name: _gat
Value: 1
.proxysite.com/ Name: __gads
Value: ID=79c1726e715221dd-223590a137c900c4:T=1632024960:RT=1632024960:S=ALNI_MYV35HhRzJtt1_xx8HiwntDXQzCcg
.doubleclick.net/ Name: IDE
Value: AHWqTUmjpxD6HIV886IrGiQf9UhXKfKOiMW5V5F6ClSMC9kNN9SxTjdcudRlv87PBIU
.casalemedia.com/ Name: CMID
Value: YUa5gEUtx5V6qyNfC1Cb9wAA
.casalemedia.com/ Name: CMPS
Value: 3217
.quantserve.com/ Name: d
Value: EBgBCQGkJIEA
.quantserve.com/ Name: mc
Value: 6146b980-b6da9-a08d0-486df
.mookie1.com/ Name: id
Value: 10816731512256084873
.mookie1.com/ Name: mdata
Value: 1|10816731512256084873|1632024960743
.mookie1.com/ Name: ov
Value: f568325b69de5d513564c7fd35827abc
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.casalemedia.com/ Name: CMPRO
Value: 1117
.casalemedia.com/ Name: CMST
Value: YUa5gGFGuYAA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: DC842AC6-E644-4620-A82D-90A9089DB453
.openx.net/ Name: i
Value: 6cf5440a-1142-4001-b7c7-3e10fe6aae06|1632024960
.rlcdn.com/ Name: rlas3
Value: AcKpUEsVfhn3c4K3T2O1f/im5buP5ShaKsvZ+zquJ/Q=
.rlcdn.com/ Name: pxrc
Value: CIDzmooGEgUI6AcQABIGCOndKhAA
.awin1.com/ Name: awpv11830
Value: 412871|1632024961|4c8b6160-1900-11ec-855b-692d0ae1a3be
.awin1.com/ Name: awpv14098
Value: 412871|1632024961|4c8baf80-1900-11ec-a5f3-692d0d349c1f
.awin1.com/ Name: awpv11938
Value: 412871|1632024961|4c8bd690-1900-11ec-a5f3-692d0d349c1f
.awin1.com/ Name: AWSESS
Value: 367022:2542680
.congstar.de/ Name: staticentry
Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1632024961_4c8bd690-1900-11ec-a5f3-692d0d349c1f%22%2C%22sp%22%3A%22awin%22%7D

1 Console Messages

Source Level URL
Text
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUa5gEUtx5V6qyNfC1Cb9wAABF0AAAIB&google_cver=1&google_gid=CAESENdIXJQfrK2akH-kui0ePis&google_push=AYg5qPJvXtRkoQS3fciqcAwH96ZBsAQWxpWKiO7NQL_A6lqDeDHd_iJ1NZIoGBhJ7tuIfSUHACkW8UPrX69mUtSa9HpRaanrVj-L
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
adservice.google.com
adservice.google.de
as.ad4m.at
assets.ad4m.at
banner.congstar.de
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
googleads.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
platform.twitter.com
prod-rtb.ad4mat.net
rtb.openx.net
static-de.ad4mat.net
syndication.twitter.com
tpc.googlesyndication.com
us14.proxysite.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.proxysite.com
cm.g.doubleclick.net
104.111.239.217
104.21.192.4
104.21.192.5
104.244.42.200
104.26.7.27
142.250.181.225
142.250.181.226
142.250.184.226
142.250.184.228
142.250.185.162
142.250.186.162
142.250.186.98
142.250.74.194
142.250.74.206
148.251.139.77
157.240.236.1
157.240.236.35
167.114.175.21
185.64.190.78
216.58.212.166
3.213.74.218
34.95.89.54
34.98.67.61
35.227.252.103
35.244.174.68
69.173.144.165
91.228.74.226
93.184.220.66
036a97f58ae41233cce615d76fb5511d15d9db41201bae08f0099eeb07faec28
0585e1d3112f593ea81391977086c5784be27c5ccef173cb80ccdbfbc50bd1c4
06b34901b9ee1d57c9e0a37a7665c7aa77f6ab8b884cda5e8caad1c3f8b8c639
0ac9094e17f405afb1a4cb915170e1051a048db8597a64460222f03fab4dcc76
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2b94244fd4297ce67caae8f1c17a4dbe515c5b49275b335b7d7af60e537fec
0e932077700b08707120f8b3243472af89cb67c44f3cd2e9b073be8f3939dd69
0f2de05108a380f3e8bbdde4f58a74c5db21cb502bbfe12360621c7f46066fdb
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
1d7f622cafddd4829d847fa4c16c25c4d34e7c3dfc9c571a76d06d10c331a40b
24d026371427b41d6d168c5d4c18de465b026afc3907c86c8f3b3bc31bd87467
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f1513a46b73f5ada51bafe9acd73abc1489f912de163236e4b6480a8311fb18
35d4a453929aeb9cb4ca18e20087e72d2b251d050a6a7ec20931c152049d341f
3cee69d07c93d87ecbb03f206ddb86c9d4ba12638a18ed177de725be2eb8333a
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e
426493ba600ec8c39b1a3e8853bc2863c3588c97e59f72f520104f2a42d2dc23
494b155c1cc054adc12d9a58a862d7f3ce0dd8d39c7f3335464719412e32392c
4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5183c4270510a43d23df0772fb29617aa102dc91942f0a862aec3e81913ef2c6
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
60738e0c21e145c63411dab779e72942f078ede817a5cdf57466ef0e61ff8d49
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
631c9285a9a3324342d1f843598cd6a5fbd7992b5b833266769bd5470c368265
654d9c2368858ab2e93f25f594857d26d282c86520a8901c93f8155b3dc7674b
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
724acb468e6daf873120d385f6717f09d84ffb51b33c81cb135597dad94ab4d7
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
770da7643a54e06b63d0c10b9386c21eebe7fe791bbd43e760a9f763aa95d26f
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7e608d70ce8409e402ff5748238e29a46d9b2611ae57675776c07831a8a86f54
7ffcb15458cc6d82ade6166ddb0788afe839679e06d01368d615e8f2c0c6a5f1
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
938bb7a4fe2818088711d433b38bb086516f778d8614faaf479ac89cf62968ec
9428518d1b1c9e441b6dcf1effddc210ce3ab2d1e0913be29695e907b4c82c43
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9fca5f1617ef949660239d615640d5d9a7a8b26a03c652dc1a9447c11d35370b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1645a503912de50279ee56b6fe6dd948bb0dac27a5705e9f855b37f567eec46
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c1c897d722820c6529c2ad94ad187d9416598a61dafac99088e9fb723761fb10
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
d047e9c956c997c38ab9342ba3425857a3ade5e33caf784bb3a35a0066047fc8
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d2568c052b452231835fe2dba24a62b753e2c153735dcced63aab0005ec06a60
d3f154bd52d039a8d725c3a790c0887142a2963f09b28c6280e4629ca8521e93
d7aa362f899dd8f6e58bce9d234625a3996615cb8f5a6d14c9765ab08481a49c
d7dfc0b20804c31c51e2129ef9c89022c1d7a23ede23d4e623ef9e921d148eb2
daaaa4101e8414d3c9c0baab3c015599b7e1fa70035268b8ba23ea6790f00bf3
dc2261fa7fc402f3869461ab510796c6a45c58b4910d7eaaf674bfefd5274e6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaee2371582b8c319e9f7b6432b570d1c7cc5bda80a6d7819521c6df355c3f9b
ecb0a51c8bccd33964654ecedc1115640eec2c15b217d843df9ed2c36d358060
f6bcb1dac262644b6204d61d42b98c6e61966b7172f5751b843d44df4a31f321
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75