urlscan.io logo urlscan.io
SecurityTrails logo

dragonball-tube.com Open in urlscan Pro
188.114.97.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dragonball-tube.com/
Effective URL: https://dragonball-tube.com/
Submission: On August 31 via manual from IT — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 66 IPs in 7 countries across 61 domains to perform 677 HTTP transactions. The main IP is 188.114.97.12, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is dragonball-tube.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.
This is the only time dragonball-tube.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 50 188.114.97.12 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 208.93.230.28 29893 (CHATANGO)
47 51.91.68.112 16276 (OVH)
22 195.201.169.184 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 5 2a01:4f8:10b:... 24940 (HETZNER-AS)
108 2606:4700:20:... 13335 (CLOUDFLAR...)
1 86 62.171.186.137 51167 (CONTABO)
24 217.79.188.60 24961 (MYLOC-AS ...)
20 217.79.188.46 24961 (MYLOC-AS ...)
3 94.130.9.175 24940 (HETZNER-AS)
2 46.4.20.142 24940 (HETZNER-AS)
1 162.19.154.224 16276 (OVH)
1 2 2a03:2880:f10... 32934 (FACEBOOK)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 178.250.0.165 44788 (ASN-CRITE...)
2 185.89.211.12 29990 (ASN-APPNEX)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2 145.239.193.130 16276 (OVH)
2 88.198.250.30 24940 (HETZNER-AS)
2 2a01:4f8:212:... 24940 (HETZNER-AS)
24 3.11.195.34 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
8 18.66.147.120 16509 (AMAZON-02)
12 18.66.147.89 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a02:2638::3 44788 (ASN-CRITE...)
11 185.180.12.68 60068 (CDN77 ^_^)
5 92.123.17.141 16625 (AKAMAI-AS)
2 9 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
2 151.101.65.44 54113 (FASTLY)
30 52.56.221.73 16509 (AMAZON-02)
4 208.93.230.22 29893 (CHATANGO)
2 13.32.121.21 16509 (AMAZON-02)
35 51.210.32.121 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
20 2a02:6ea0:c70... 60068 (CDN77 ^_^)
5 54.38.64.100 16276 (OVH)
5 2.18.79.133 20940 (AKAMAI-ASN1)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
10 145.239.193.51 16276 (OVH)
5 51.89.9.253 16276 (OVH)
10 2620:116:800d... 16509 (AMAZON-02)
5 54.73.196.234 16509 (AMAZON-02)
5 108.138.2.52 16509 (AMAZON-02)
4 4 84.200.5.215 44066 (DE-FIRSTC...)
1 46.4.62.19 24940 (HETZNER-AS)
1 46.4.41.145 24940 (HETZNER-AS)
5 2600:9000:20e... 16509 (AMAZON-02)
9 141.95.98.71 16276 (OVH)
10 52.17.27.112 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:1::... 13335 (CLOUDFLAR...)
5 54.217.253.224 16509 (AMAZON-02)
5 2600:9000:223... 16509 (AMAZON-02)
2 2 142.250.184.194 15169 (GOOGLE)
2 3 185.86.139.57 201081 (SMARTADSE...)
2 2 185.89.211.84 29990 (ASN-APPNEX)
2 185.64.189.110 62713 (AS-PUBMATIC)
2 35.71.131.137 16509 (AMAZON-02)
677 66
50    188.114.97.12 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
dragonball-tube.com
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    208.93.230.28 (United States)

ASN29893 (CHATANGO, US)
st.chatango.com
47    51.91.68.112 (France)

ASN16276 (OVH, FR)
PTR: ns3161774.ip-51-91-68.eu
view.webplexmedia.de
22    195.201.169.184 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.184.169.201.195.clients.your-server.de
deliver.helpnation.de
emmaglam.com
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2a01:4f8:10b:ddc::2 (Germany)

ASN24940 (HETZNER-AS, DE)
cee3f0doi1a2.de
c.blyatflix.de
thisis.aninter.net
static.hubu.fm
108    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
86    62.171.186.137 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: vmd55357.contaboserver.net
www.news8.de
news8.de
24    217.79.188.60 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
imagesrv.adition.com
20    217.79.188.46 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad4.adfarm1.adition.com
ad4.adfarm1.adition.com
3    94.130.9.175 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h109.hubuhost.com
ref.cdnplus.de
g.cash-ads.com
2    46.4.20.142 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.142.20.4.46.clients.your-server.de
ad.a-ads.com
static.a-ads.com
1    162.19.154.224 (France)

ASN16276 (OVH, FR)
PTR: de-c114.cdnplus.de
de-c114.cdnplus.de
2    2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
2    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
6    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
2    88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
2    2a01:4f8:212:29e0::2 (Germany)

ASN24940 (HETZNER-AS, DE)
tool.hubu.link
24    3.11.195.34 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
track.webgains.com
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
8    18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net
analytics.webgains.io
12    18.66.147.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-89.fra60.r.cloudfront.net
cdn.track.production.webgains.team
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
11    185.180.12.68 (Vienna, Austria)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-731.bunnyinfra.net
consent.cookiefirst.com
5    92.123.17.141 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-17-141.deploy.static.akamaitechnologies.com
www.awin1.com
9    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
30    52.56.221.73 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
api.webgains.io
4    208.93.230.22 (United States)

ASN29893 (CHATANGO, US)
ust.chatango.com
2    13.32.121.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net
sb.scorecardresearch.com
35    51.210.32.121 (France)

ASN16276 (OVH, FR)
PTR: ns3172585.ip-51-210-32.eu
www.fesch.tv
media.news8.de
3    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
20    2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
ads.themoneytizer.com
5    54.38.64.100 (France)

ASN16276 (OVH, FR)
c.tmyzer.com
5    2.18.79.133 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-133.deploy.static.akamaitechnologies.com
ced.sascdn.com
5    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
10    145.239.193.51 (France)

ASN16276 (OVH, FR)
tag.leadplace.fr
5    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
10    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
5    54.73.196.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-196-234.eu-west-1.compute.amazonaws.com
p.cpx.to
5    108.138.2.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-2-52.fra56.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
4    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    46.4.62.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads4.sunbonet.de
partner.o2online.de
1    46.4.41.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads2.sunbonet.de
partner.blau.de
5    2600:9000:20ed:ba00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
9    141.95.98.71 (France)

ASN16276 (OVH, FR)
PTR: ns3216577.ip-141-95-98.eu
id5-sync.com
10    52.17.27.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-27-112.eu-west-1.compute.amazonaws.com
s.cpx.to
5    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2606:4700:1::6813:864e (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
5    54.217.253.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-253-224.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
5    2600:9000:223d:5600:11:615:7240:93a1 (United States)

ASN16509 (AMAZON-02, US)
pxl.qccerttest.com
2    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
3    185.86.139.57 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
2    185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
2    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
Apex Domain
Subdomains		 Transfer
114 news8.de
www.news8.de
news8.de
media.news8.de
4 MB
108 ad4m.at
ad4m.at — Cisco Umbrella Rank: 2138
as.ad4m.at — Cisco Umbrella Rank: 30472
assets.ad4m.at — Cisco Umbrella Rank: 39315
7 MB
50 dragonball-tube.com
dragonball-tube.com
1 MB
47 webplexmedia.de
view.webplexmedia.de
220 KB
44 adition.com
imagesrv.adition.com — Cisco Umbrella Rank: 19952
ad4.adfarm1.adition.com — Cisco Umbrella Rank: 62266
222 KB
38 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 22472
api.webgains.io — Cisco Umbrella Rank: 58879
683 KB
24 webgains.com
track.webgains.com — Cisco Umbrella Rank: 48447
438 KB
20 themoneytizer.com
ads.themoneytizer.com — Cisco Umbrella Rank: 29996
999 KB
19 emmaglam.com
emmaglam.com — Cisco Umbrella Rank: 870563
1 MB
15 cpx.to
p.cpx.to — Cisco Umbrella Rank: 9801
s.cpx.to — Cisco Umbrella Rank: 2035
15 KB
14 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 742
gum.criteo.com — Cisco Umbrella Rank: 387
mug.criteo.com — Cisco Umbrella Rank: 2794
22 KB
12 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 69717
992 KB
11 cookiefirst.com
consent.cookiefirst.com — Cisco Umbrella Rank: 42101
102 KB
10 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 910
pixel.quantserve.com — Cisco Umbrella Rank: 417
52 KB
10 leadplace.fr
tag.leadplace.fr — Cisco Umbrella Rank: 30605
30 KB
9 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 471 Failed
7 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 112
tpc.googlesyndication.com — Cisco Umbrella Rank: 145
215 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
ajax.googleapis.com — Cisco Umbrella Rank: 279
195 KB
7 fesch.tv
www.fesch.tv
1 MB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
189 KB
7 chatango.com
st.chatango.com — Cisco Umbrella Rank: 51211
ust.chatango.com — Cisco Umbrella Rank: 61894
248 KB
5 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 1007
3 KB
5 adleadevent.com
adtrack.adleadevent.com — Cisco Umbrella Rank: 32841
3 KB
5 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 858
6 KB
5 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
128 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 749
5 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1777
101 KB
5 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 10660
159 KB
5 tmyzer.com
c.tmyzer.com — Cisco Umbrella Rank: 28782
1 KB
5 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16722
3 KB
5 google.com
apis.google.com — Cisco Umbrella Rank: 110
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 78
72 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 Failed
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
6 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 225
secure.adnxs.com — Cisco Umbrella Rank: 435
5 KB
3 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1514
1 KB
3 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 7557
1 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 658
85 KB
3 cdnplus.de
ref.cdnplus.de — Cisco Umbrella Rank: 470345
de-c114.cdnplus.de — Cisco Umbrella Rank: 604923
39 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
40 KB
3 helpnation.de
deliver.helpnation.de
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 336
529 B
2 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 859
299 B
2 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 60545
677 B
2 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 59966
437 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 152
2 KB
2 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 971
162 KB
2 hubu.link
tool.hubu.link — Cisco Umbrella Rank: 961608
25 KB
2 hubu.fm
static.hubu.fm
684 B
2 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 47180
811 B
2 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 48437
1 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 384
3 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
2 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 39729
static.a-ads.com — Cisco Umbrella Rank: 51621
156 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 154
88 KB
1 blau.de
partner.blau.de — Cisco Umbrella Rank: 70726
1 KB
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 70979
1 KB
1 cash-ads.com
g.cash-ads.com — Cisco Umbrella Rank: 931738
37 KB
1 google.nl
adservice.google.nl — Cisco Umbrella Rank: 14442
792 B
1 aninter.net
thisis.aninter.net — Cisco Umbrella Rank: 612157
171 B
1 blyatflix.de
c.blyatflix.de — Cisco Umbrella Rank: 492851
197 B
1 cee3f0doi1a2.de
cee3f0doi1a2.de
773 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 66
41 KB
677 61
Domain Requested by
85 news8.de view.webplexmedia.de
news8.de
54 assets.ad4m.at as.ad4m.at
50 dragonball-tube.com 1 redirects dragonball-tube.com
47 view.webplexmedia.de dragonball-tube.com
view.webplexmedia.de
news8.de
g.cash-ads.com
36 ad4m.at view.webplexmedia.de
ad4m.at
emmaglam.com
30 api.webgains.io analytics.webgains.io
28 media.news8.de view.webplexmedia.de
media.news8.de
24 track.webgains.com as.ad4m.at
24 imagesrv.adition.com view.webplexmedia.de
ad4.adfarm1.adition.com
imagesrv.adition.com
20 ads.themoneytizer.com media.news8.de
ads.themoneytizer.com
20 ad4.adfarm1.adition.com view.webplexmedia.de
ad4.adfarm1.adition.com
imagesrv.adition.com
19 emmaglam.com deliver.helpnation.de
emmaglam.com
18 as.ad4m.at ad4m.at
as.ad4m.at
12 cdn.track.production.webgains.team as.ad4m.at
track.webgains.com
11 consent.cookiefirst.com news8.de
consent.cookiefirst.com
10 s.cpx.to p.cpx.to
media.news8.de
10 tag.leadplace.fr ads.themoneytizer.com
tag.leadplace.fr
9 id5-sync.com media.news8.de
ced.sascdn.com
ads.themoneytizer.com
9 gum.criteo.com 2 redirects static.criteo.net
ads.themoneytizer.com
dragonball-tube.com
8 analytics.webgains.io track.webgains.com
7 www.fesch.tv news8.de
6 fonts.gstatic.com fonts.googleapis.com
6 pagead2.googlesyndication.com emmaglam.com
pagead2.googlesyndication.com
dragonball-tube.com
tpc.googlesyndication.com
5 pixel.quantserve.com media.news8.de
5 pxl.qccerttest.com media.news8.de
5 adtrack.adleadevent.com ajax.googleapis.com
5 ajax.googleapis.com d2zur9cc2gf1tx.cloudfront.net
5 rules.quantcount.com secure.quantserve.com
5 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
5 p.cpx.to ads.themoneytizer.com
5 secure.quantserve.com ads.themoneytizer.com
5 onetag-sys.com ads.themoneytizer.com
5 spl.zeotap.com ads.themoneytizer.com
5 ced.sascdn.com ads.themoneytizer.com
5 c.tmyzer.com ads.themoneytizer.com
5 www.awin1.com as.ad4m.at
4 ust.chatango.com st.chatango.com
dragonball-tube.com
3 sync.smartadserver.com 2 redirects media.news8.de
3 jsc.mgid.com view.webplexmedia.de
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
dragonball-tube.com
3 static.criteo.net imagesrv.adition.com
static.criteo.net
3 fonts.googleapis.com emmaglam.com
news8.de
3 bidder.criteo.com imagesrv.adition.com
dragonball-tube.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
st.chatango.com
3 deliver.helpnation.de dragonball-tube.com
deliver.helpnation.de
3 st.chatango.com dragonball-tube.com
st.chatango.com
2 match.adsrvr.org media.news8.de
s.cpx.to
2 image2.pubmatic.com media.news8.de
2 secure.adnxs.com 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 sb.scorecardresearch.com cdn.taboola.com
st.chatango.com
2 cdn.taboola.com st.chatango.com
cdn.taboola.com
2 mug.criteo.com dragonball-tube.com
view.webplexmedia.de
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
emmaglam.com
2 tool.hubu.link emmaglam.com
2 static.hubu.fm 2 redirects
2 pb.media01.eu as.ad4m.at
2 pv.medialead.de 2 redirects
2 ib.adnxs.com imagesrv.adition.com
2 cdn.jsdelivr.net imagesrv.adition.com
2 www.facebook.com 1 redirects connect.facebook.net
2 ref.cdnplus.de cee3f0doi1a2.de
ref.cdnplus.de
2 connect.facebook.net dragonball-tube.com
connect.facebook.net
2 www.google.com 1 redirects news8.de
tpc.googlesyndication.com
2 apis.google.com dragonball-tube.com
apis.google.com
1 partner.blau.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 g.cash-ads.com view.webplexmedia.de
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.nl pagead2.googlesyndication.com
1 static.a-ads.com ad.a-ads.com
1 de-c114.cdnplus.de dragonball-tube.com
1 thisis.aninter.net 1 redirects
1 ad.a-ads.com cee3f0doi1a2.de
1 c.blyatflix.de cee3f0doi1a2.de
1 www.news8.de 1 redirects
1 cee3f0doi1a2.de deliver.helpnation.de
1 www.gstatic.com dragonball-tube.com
1 www.googletagmanager.com dragonball-tube.com
677 81

This site contains links to these domains. Also see Links.

Domain
naruto-tube.com
onepiece-tube.com
www.facebook.com
amzn.to
naruto-tube.org
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.chatango.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-09 -
2023-07-09		 a year crt.sh
view.webplexmedia.de
R3		 2022-06-29 -
2022-09-27		 3 months crt.sh
deliver.helpnation.de
R3		 2022-06-24 -
2022-09-22		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-09 -
2022-09-07		 3 months crt.sh
cee3f0doi1a2.de
R3		 2022-07-02 -
2022-09-30		 3 months crt.sh
news8.de
R3		 2022-07-09 -
2022-10-07		 3 months crt.sh
emmaglam.com
R3		 2022-07-23 -
2022-10-21		 3 months crt.sh
*.adition.com
AlphaSSL CA - SHA256 - G2		 2022-04-26 -
2023-05-28		 a year crt.sh
*.adfarm1.adition.com
AlphaSSL CA - SHA256 - G2		 2022-06-01 -
2023-07-03		 a year crt.sh
ref.cdnplus.de
R3		 2022-07-02 -
2022-09-30		 3 months crt.sh
c.blyatflix.de
R3		 2022-07-01 -
2022-09-29		 3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2021-12-08 -
2023-01-08		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.webgains.com
Amazon		 2022-06-14 -
2023-07-13		 a year crt.sh
*.webgains.io
Amazon		 2022-08-23 -
2023-09-21		 a year crt.sh
cdn.track.production.webgains.team
Amazon		 2022-08-08 -
2023-09-06		 a year crt.sh
*.google.nl
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
consent.cookiefirst.com
R3		 2022-08-08 -
2022-11-06		 3 months crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
fesch.tv
R3		 2022-07-16 -
2022-10-14		 3 months crt.sh
media.news8.de
R3		 2022-08-03 -
2022-11-01		 3 months crt.sh
g.cash-ads.com
R3		 2022-07-01 -
2022-09-29		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
1266287590.rsc.cdn77.org
R3		 2022-08-02 -
2022-10-31		 3 months crt.sh
c.tmyzer.com
R3		 2022-07-29 -
2022-10-27		 3 months crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA		 2021-09-13 -
2022-09-13		 a year crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2		 2021-09-12 -
2022-09-12		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2022-01-13 -
2023-01-13		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2022-01-17 -
2023-01-17		 a year crt.sh
adtrack.adleadevent.com
Amazon		 2022-06-13 -
2023-07-12		 a year crt.sh
qccerttest.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh

This page contains 88 frames:

Primary Page: https://dragonball-tube.com/
Frame ID: D0C1500110780AAB2AC41D794B084BC9
Requests: 65 HTTP requests in this frame

Frame: https://view.webplexmedia.de/b2.php?uid=945079468&e=0&s=0&p=0&w=300&h=250&sid=854&size=4
Frame ID: A74C9D10CB3EC35AE170D1D063D385D0
Requests: 2 HTTP requests in this frame

Frame: https://view.webplexmedia.de/in4.php?uid=945079468&e=0&s=0&p=0&sid=854&size=4&referrer=
Frame ID: 18C979FA229CC23872AC640BF037A75A
Requests: 3 HTTP requests in this frame

Frame: https://view.webplexmedia.de/b2.php?uid=945079468&e=0&s=0&p=0&w=728&h=90&sid=854&size=2
Frame ID: BB78D927F99EAF6BB84BE47D6D5F5256
Requests: 2 HTTP requests in this frame

Frame: https://deliver.helpnation.de/b2.php?uid=924994936&e=0&s=0&p=0&w=728&h=90&sid=4&size=2
Frame ID: 4F798B9C6022D9A1BAD3F1FFA4BB5DF6
Requests: 1 HTTP requests in this frame

Frame: https://news8.de/
Frame ID: DD31740FD99E23EB8C49F52BC85BDA5B
Requests: 112 HTTP requests in this frame

Frame: https://view.webplexmedia.de/in4.php?uid=945079468&e=0&s=0&p=0&sid=854&size=2&referrer=
Frame ID: FE93CA71FD978BA4E9B705D209F02AF0
Requests: 6 HTTP requests in this frame

Frame: https://deliver.helpnation.de/in4.php?uid=924994936&e=0&s=0&p=0&sid=4&size=2&referrer=
Frame ID: 1FAC665997A61E74AB7CD5BE7F7A5F47
Requests: 1 HTTP requests in this frame

Frame: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Frame ID: 4B1CB61EF467DC67E6C71B21B2D1DDEE
Requests: 42 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: D6CAE29988170E19ECE62AFF6586E362
Requests: 1 HTTP requests in this frame

Frame: https://ref.cdnplus.de/
Frame ID: 3C7F8533B6CC2F37A70F0A200C9721C1
Requests: 2 HTTP requests in this frame

Frame: https://c.blyatflix.de/nora/?t=1661953470
Frame ID: 270EEC99E99AEC5B444283F55396EDC9
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1616084?size=300x250
Frame ID: 8F2D9608CC60A640AEC3B376358387DC
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df15ffdb793ed5ac%2526domain%253Ddragonball-tube.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fdragonball-tube.com%25252Fff2ab2b7e0fd34%2526relation%253Dparent.parent%26container_width%3D290%26height%3D600%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FDragonballTube%26locale%3Dde_DE%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D280
Frame ID: 08C2E26A14BA7163F61121A2CCBE98D5
Requests: 1 HTTP requests in this frame

Frame: https://ad4.adfarm1.adition.com/banner?sid=3974826&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D945079468%26e%3D0%26s%3D0%26p%3D0%26sid%3D854%26size%3D2%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=0&wi=1980000899&ac=1&screen_res=6&wpt=H&clickurl=
Frame ID: 2C6DF04DE8644101D82941A42579B043
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: C8A3C7F84175B651AF45E536F55B07F3
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=34719%2C43766%2C179236&b=X97FzfrfPMba6H4HetqtpDKcQSMtXgRUJ%2CJ6zuzf5f1YGUBH6H7tptrgetxSdtbJrTX%2CJ6zuzf5f3xEGhBH6H7tpte3J6SxSdtbJrTX&f=e2Xh3fVfqKpcjHZHet2CVW5UwSbtxMYH1%2CGzXtBfpfER3hKHeHGtBC3grfZSjtekEFE%2CGzXtBfpfXVM3SKHeHGtBCrbERTZSjtekEFE&c=728&d=90&e=&g=a1ba059a84e1ae9fa7910ec301ccfcde%2F16504116802739112511&i=26474%2C24891%2C71657&j=41%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_MOBILE_728x90&r=1661953470676&y=1&s=&z=0
Frame ID: 8697C473233B331D8E01AB9256DAC4B1
Requests: 16 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/main.css
Frame ID: 0DDB3D8B50E297CC3C96D52A377926C4
Requests: 4 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/main.css
Frame ID: F11310ED7FA04B7806D52B01AF183BD1
Requests: 4 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/main.css
Frame ID: 21FF364186BA3F2110199E82CFC74190
Requests: 4 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/main.css
Frame ID: 9D22AE4CCD564627B0502938851E2D88
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/zrt_lookup.html
Frame ID: 990E08AB81A89A63A833896103C8D58D
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 853EA58B5E5B32203EC84B98D0E509B5
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 339314E080389FC6D0CC68A6C28D5BEA
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: AD12D62DED5C992693B4384619CC83BB
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 465CBCA48862F3618B4FBBADEF3AA37C
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: A1199F83F4DB2471BB3FD86B53213F53
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 5F7097515F3F89E31ADD5300063AF668
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 5A92946DE073052C41C77402ACCA83CD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4176752718986875&output=html&adk=1812271804&adf=552093719&plat=1%3A147968%2C2%3A147968%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fdeliver.helpnation.de%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661953470893&bpp=2&bdt=215&idt=258&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&nras=1&correlator=8565491059101&frm=8&ife=1&pv=2&ga_vid=1320985863.1661953471&ga_sid=1661953471&ga_hid=449534032&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2186634244&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44770880&oid=2&pvsid=1293389133885865&tmod=2122787773&uas=0&nvt=1&top=https%3A%2F%2Fdragonball-tube.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.jgono2r902kt&fsb=1&dtd=271
Frame ID: C8D00CFA6B9DAA340C12F8AEC490CCF1
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C200038%2C198961&b=XgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ%2CGD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7&f=e5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1%2CVQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ&c=160&d=600&e=&g=7ea91e771920b8b21b1bc32acf478e32%2F16387982739420500580&i=71725%2C22499%2C71690&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661953471132&y=1&s=&z=0
Frame ID: E67BFCEC9401497895E720390CFCC257
Requests: 18 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=250&e=&g=2a12d80c20bafeab3c839a532ff90396%2F243427342487950804&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471133&y=1&s=&z=0
Frame ID: 834A2044D25734F796A334AA14717664
Requests: 16 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=600&e=&g=041ebb38454811a790791f204a1326bd%2F12281858215853902489&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471133&y=1&s=&z=0
Frame ID: C83856DD3F09752EE515E70347B0F2AC
Requests: 16 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=24673%2C202438%2C183975&b=dpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=K783aRfZf5Gps5HMHktzCBX8u7Srt7eHq%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=600&e=&g=0bb93e021ccb1a459333b4d84bbb1e63%2F6572354349658930294&i=20430%2C82994%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471135&y=1&s=&z=0
Frame ID: 9CCCCD8F87D049D03D0437BDD442A818
Requests: 16 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=58783%2C182430%2C197862&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=728&d=90&e=&g=31769b53ae3ed83b5e9c7ed5919a74c7%2F6132780761417666784&i=28472%2C20378%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661953471138&y=1&s=&z=0
Frame ID: 84C0F82CE8D960FB1139EE80AEAF80ED
Requests: 16 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=200038%2C198961%2C19769&b=GD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=VQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=964718de9fa25e82662452021fb383c0%2F16559786827644174996&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471139&y=1&s=&z=0
Frame ID: EDB56290C08A50441E9B86EF696289A4
Requests: 16 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=dragonball-tube.com
Frame ID: 3EE0C967C3E2745D27B70BCE7E31BC0A
Requests: 2 HTTP requests in this frame

Frame: https://st.chatango.com/h5/gz/r0817221641/id.html
Frame ID: DD4E5E32E321BD519704E2825B07DD21
Requests: 10 HTTP requests in this frame

Frame: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5
Frame ID: 03790DF96DA40A236BA40FE32F4A4567
Requests: 2 HTTP requests in this frame

Frame: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=
Frame ID: C8FD28C4C571F3FAC13CB063E0DC2799
Requests: 4 HTTP requests in this frame

Frame: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Frame ID: A32BFA2F25BD7FB0B453AF502159E460
Requests: 3 HTTP requests in this frame

Frame: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Frame ID: C6226DE4280DB97573F034CD071F3A7C
Requests: 3 HTTP requests in this frame

Frame: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5
Frame ID: C51B87382FEAB4A55F483FBAF1A2FAC6
Requests: 3 HTTP requests in this frame

Frame: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Frame ID: 38E1360BD567936657779B66FF337965
Requests: 3 HTTP requests in this frame

Frame: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Frame ID: CABC94AD94AA15897446CBE2BABAE556
Requests: 2 HTTP requests in this frame

Frame: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Frame ID: 003F282E28785DCFF708886F28FC0EC2
Requests: 2 HTTP requests in this frame

Frame: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=
Frame ID: BBFD56DFF59B904209DFDB51DAD4B64C
Requests: 4 HTTP requests in this frame

Frame: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Frame ID: 50DCDA9479D0A6E34CFB258812A7675E
Requests: 2 HTTP requests in this frame

Frame: https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5
Frame ID: 95FDDCB533228EF1237951C48E321902
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 1A4E549C7FA9F2E3F098023BBF461A2F
Requests: 1 HTTP requests in this frame

Frame: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=https://fohlenfive.de
Frame ID: 6C4FB4248A0619CC6E2944B9A792945C
Requests: 22 HTTP requests in this frame

Frame: https://view.webplexmedia.de/?sess=mX7OxuHl8WYe2f1OMhzf95JekUWOUiJUWSHQkPIRw8nGi%2BawF9ddE8Y%2Fv0zFyAbT
Frame ID: 4ECC419F036CF05F88679FD4895BD291
Requests: 3 HTTP requests in this frame

Frame: https://view.webplexmedia.de/?sess=mX7OxuHl8WYe2f1OMhzf95JekUWOUiJUWSHQkPIRw8nGi%2BawF9ddE8Y%2Fv0zFyAbT
Frame ID: AF4C01086B675901F97FE034BB90316E
Requests: 3 HTTP requests in this frame

Frame: https://view.webplexmedia.de/?sess=mX7OxuHl8WYe2f1OMhzf95JekUWOUiJUWSHQkPIRw8nGi%2BawF9ddE8Y%2Fv0zFyAbT
Frame ID: CF8F425E9A140B34E69FBC42C47ACBA5
Requests: 3 HTTP requests in this frame

Frame: https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Frame ID: 891B53B1EA89DFEE0DBA822CA77D44F6
Requests: 3 HTTP requests in this frame

Frame: https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Frame ID: 73C32B1E7F799DDFE50D18FBF26D4B77
Requests: 3 HTTP requests in this frame

Frame: https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Frame ID: C8322DCA924C3AEEC8DAF6EE96DA7EAA
Requests: 3 HTTP requests in this frame

Frame: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://enamora.de
Frame ID: 87FC856EF378EC1F7CC4CAEFA57386EF
Requests: 27 HTTP requests in this frame

Frame: https://ad4.adfarm1.adition.com/banner?sid=3974826&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=7138035801138921830&wi=819798388&ac=1&screen_res=6&wpt=H&clickurl=
Frame ID: C4D70F8053862FEAF5826C8D1B829DD0
Requests: 9 HTTP requests in this frame

Frame: https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5
Frame ID: 66CC0E41986C084174820C92003D8949
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DAC53C5EDB0BA36BFF1E2C3114BD1CD4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 403359E5E7D99AC0923D5E00107D1DAD
Requests: 2 HTTP requests in this frame

Frame: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://stadt-koeln.de
Frame ID: 4B5BBD701D81B43F62D32D0281942AB1
Requests: 22 HTTP requests in this frame

Frame: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://klamm.de
Frame ID: B105FD2495D0CD6DF074F070BB487CB5
Requests: 27 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1661953474799
Frame ID: B3E2AE061329440C551801A0AB431CE5
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=13957%2C197100%2C15573&b=zxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsW%2CMVzUzfrfjepBCWHEHGtDt661tBS9tb4Vs3%2CbWPSQfZfeDVaYHbHztKt1d8fbS3t5AjTJ&f=8MzFDf8fZxWsgHJHEtqCkkYcGS5t8Y7Uk%2C6dzhef3fMWZgUeHmHYtECWWRFYSBt2QZU7%2C391Fpf4fkY2F7HrHAtXC1E7fPSztA3Psd&c=970&d=250&e=&g=9988ac34699aeb29756238388a5ec6ee%2F5214816783953817931&i=20774%2C20773%2C26474&j=14%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&r=1661953474453&y=1&s=&z=0
Frame ID: AB6BF11B3D60A82FEF71F9CF2F62E187
Requests: 11 HTTP requests in this frame

Frame: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=https://wunderweib.de
Frame ID: C6A7ABACBB0FBCC6B4D7C275303746E1
Requests: 22 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referrer%3Dhttps%3A%2F%2Ffohlenfive.de&id=MTIZ
Frame ID: 98A02878053ACAAD7054B145D87BBFE3
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1661953475168
Frame ID: 771A43E7E25B4B651EA27C7DF1D9CAB6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1661953475192
Frame ID: 89330A086606D0381FB201DFCF113884
Requests: 1 HTTP requests in this frame

Frame: https://view.webplexmedia.de/tags/300/?source=495573400
Frame ID: 90800CD4DA1D278DA6FD98449E242D5B
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1661953475198
Frame ID: 5CB9A6718A80CB0F2A1174ED7547DC0A
Requests: 1 HTTP requests in this frame

Frame: https://view.webplexmedia.de/tags/300/?source=495573400
Frame ID: CBDB7D10E89A2247B872BE75BB1B136A
Requests: 2 HTTP requests in this frame

Frame: https://view.webplexmedia.de/tags/300/?source=495573400
Frame ID: 9F10EEFD2DB20F6896BC783120ED953B
Requests: 2 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dhttps%3A%2F%2Fenamora.de&id=MTIZ
Frame ID: 650563F323CDBEA2D7C2213E4D7464F5
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=dragonball-tube.com
Frame ID: 1775B0AF5FBDF32EDF4A2AA55242E2AF
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1661953475358
Frame ID: EF4570216F339110502FE834BD41EB9A
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dhttps%3A%2F%2Fstadt-koeln.de&id=MTIZ
Frame ID: 4F0A895F4DB4D18F31CEF62017042C39
Requests: 1 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/main.css
Frame ID: EB8BEF6459A5915A6DF2689AE38CCD12
Requests: 4 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/main.css
Frame ID: C6937F3568DA534CF15A48CC2B3E3C53
Requests: 4 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/main.css
Frame ID: 6DD332CFCCEC3F0F2B3F722F624B78B1
Requests: 4 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/main.css
Frame ID: 2D7669A643E734A98E0E889AC2A6F74E
Requests: 4 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dhttps%3A%2F%2Fklamm.de&id=MTIZ
Frame ID: 3786EF2AA8D1F6D1A8A4874181FB53A2
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referrer%3Dhttps%3A%2F%2Fwunderweib.de&id=MTIZ
Frame ID: 594F3254A4D17D82898D3E0101DC2531
Requests: 1 HTTP requests in this frame

Frame: https://view.webplexmedia.de/gtx.php?nc=f57aa43c7c661a4f5bed940c28fce8e1&sid=929&uid=495573400&sz=5
Frame ID: 33C66E3EBB27C572CCD4DA1C1073B155
Requests: 1 HTTP requests in this frame

Frame: https://view.webplexmedia.de/sl.php?key=NTcw
Frame ID: 55487EB9EF267BB9322BDC807EB76956
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 482647C2C20AD538632AC1D5617DB0CD
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=56666%2C183975%2C24673&b=j1xCEfGfxxJ9UYHEH2t6tqX1tZSDtDbet9%2C8MzFDf8fR29KcgHJHEtxtkMeaGS5t8r2fk%2C5kZuXfEfKWkapH7HMt3tE3QaYSktVj2f1&f=xQVsQfAfAAbJcPHdHztDCdDju7S4tqpMFA%2CZkVuwfBfz65xcmHDHDtDCJ41C6SJtxeWaJ%2CpA9u1fgfj9WfkH4HmtJCQ7Yh9S7tERYUE&c=300&d=250&e=&g=aef4e8e5c1e4cdc5e29c4d7e82bd7783%2F14711240335851992919&i=22427%2C20597%2C20430&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&r=1661953480011&y=1&s=&z=0
Frame ID: 7017768D54D9004584C52433ED28E742
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dragonball -Tube

Page URL History Show full URLs

  1. http://dragonball-tube.com/ HTTP 301
    https://dragonball-tube.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • mootools.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

677
Requests

97 %
HTTPS

39 %
IPv6

61
Domains

81
Subdomains

66
IPs

7
Countries

20750 kB
Transfer

29521 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dragonball-tube.com/ HTTP 301
    https://dragonball-tube.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://www.google.com/jsapi HTTP 301
  • https://www.gstatic.com/charts/loader.js
Request Chain 67
  • https://www.news8.de/ HTTP 301
  • https://news8.de/
Request Chain 80
  • https://thisis.aninter.net/ HTTP 302
  • https://de-c114.cdnplus.de/antibot.mp3
Request Chain 82
  • https://www.facebook.com/v2.12/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15ffdb793ed5ac%26domain%3Ddragonball-tube.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fdragonball-tube.com%252Fff2ab2b7e0fd34%26relation%3Dparent.parent&container_width=290&height=600&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FDragonballTube&locale=de_DE&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=280 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df15ffdb793ed5ac%2526domain%253Ddragonball-tube.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fdragonball-tube.com%25252Fff2ab2b7e0fd34%2526relation%253Dparent.parent%26container_width%3D290%26height%3D600%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FDragonballTube%26locale%3Dde_DE%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D280
Request Chain 135
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidX97FzfrfPMba6H4HetqtpDKcQSMtXgRUJoneid__webplexmedia_advancedad_MOBILE_728x90&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidX97FzfrfPMba6H4HetqtpDKcQSMtXgRUJoneid__webplexmedia_advancedad_MOBILE_728x90&actionid=981741&produktid=&dt_url=
Request Chain 144
  • https://static.hubu.fm/matomo.js HTTP 301
  • https://tool.hubu.link/matomo.js
Request Chain 184
  • https://static.hubu.fm/matomo.php?action_name=Abnehmen%20mit%20diesem%20leckeren%20Rezept%20-%20EMMAGLAM&idsite=7&rec=1&r=413233&h=13&m=44&s=31&url=https%3A%2F%2Femmaglam.com%2F2021%2F08%2F24%2Fabnehmen-mit-diesem-leckeren-rezept%2F&urlref=https%3A%2F%2Fdeliver.helpnation.de%2F&_id=&_idn=1&send_image=0&_refts=1661953471&_ref=https%3A%2F%2Fdeliver.helpnation.de%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=jxJvCF&devicePixelRatio=1&nwefftype=4g&webgl=1&pf_net=109&pf_srv=148&pf_tfr=0&pf_dm1=248 HTTP 301
  • https://tool.hubu.link/matomo.php?action_name=Abnehmen%20mit%20diesem%20leckeren%20Rezept%20-%20EMMAGLAM&idsite=7&rec=1&r=413233&h=13&m=44&s=31&url=https%3A%2F%2Femmaglam.com%2F2021%2F08%2F24%2Fabnehmen-mit-diesem-leckeren-rezept%2F&urlref=https%3A%2F%2Fdeliver.helpnation.de%2F&_id=&_idn=1&send_image=0&_refts=1661953471&_ref=https%3A%2F%2Fdeliver.helpnation.de%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=jxJvCF&devicePixelRatio=1&nwefftype=4g&webgl=1&pf_net=109&pf_srv=148&pf_tfr=0&pf_dm1=248
Request Chain 286
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ad4.adfarm1.adition.com&sn=ChromeSyncframe&so=0&topUrl=dragonball-tube.com&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=ew9SSHxjRCszeWEyWUpBb1lETmVHNDloYnFrYnpwOTM3K1VoTDlRa2VXUVlwWTNqUVZBMnltSnFabnFYcFdWZU1uTUNRdlljTWdldDlIdDV4WWx4VTROUGh2V1hQNjRESmU1Wk95RlBUT0VYMUNUdUlhQjQ1SGxzUktUWEdXTHYxZ2M2Y0lmVTZUc1VqWUtuQlZRSlFBSHJtb0lVdWNNVGRnVlJVdHpOOGJBczNYVDQzdkV4ajZnU1g3d1pDaThGVFVLZXd2Wm5MK1lOZVYya1dmblByN2FFWHM5QlNDanp1ck1HOVZiRXRtKzFaemU2Z2pZb2R0OFp4cVlzR3BaQ0ttdXVRNW5ndkNodHM5cS8xcitLQk8yT1lzZjMweXpQUHhkc0YzQlRtdzVNZHo2YUNoOVdSejFOYzFRbGxRMll2TmMzOHw&cppv=2
Request Chain 498
  • https://www.telefonica-partner.de/tpv.php?t=117683V1226132702M&subid=oneidzxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsWoneid__webplexmedia_advancedad_970x250&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117683V1226132702M&subid=oneidzxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsWoneid__webplexmedia_advancedad_970x250&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2022083115443575789011365X117683V1226132702MSoneidzxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsWoneid__webplexmedia_advancedad_970x250&gdpr_consent=&gdpr=0&cons=0&spid=2022083115443575789011365X117683V1226132702MSoneidzxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsWoneid__webplexmedia_advancedad_970x250&wfid=117683&partnerid=12218
Request Chain 501
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022083115443575789011363X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Request Chain 504
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidbWPSQfZfeDVaYHbHztKt1d8fbS3t5AjTJoneid__webplexmedia_advancedad_970x250&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidbWPSQfZfeDVaYHbHztKt1d8fbS3t5AjTJoneid__webplexmedia_advancedad_970x250&actionid=981741&produktid=&dt_url=
Request Chain 614
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ad4.adfarm1.adition.com&sn=ChromeSyncframe&so=2&topUrl=dragonball-tube.com&bundle=__YfiV8lMkI5SXBmV0RuejRFVU11Q2J6SzlkeEJkQ0clMkZlOEVRaWpTJTJCN0w3MW5NdEFSem5yeFM3cDJoWGduenpxTiUyQmdObGVZY0MlMkJXSXpsWEtleDhvbXpzTVl1bk85NmZMSUMwcnEyWVVhU0I1SlNMQVp2bXoyd1dqelJ2cyUyQmtUak9wTXRYS1Y5U0pvVW1NY0N0R2RGd1VRSURKWmNSSGQ4WEUweGpSNzZ5eGVwVVp5ZjAlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=fdVFcXxmbkRPUWlYNWVKcXA5M01ROHZvYlMxWDRZU01kNmI0Mnd0UTlVTE5nUHh2WDFicHpGOURlZkk4SUNNSGZlS2QrZFA0aTFXRXc2OWd1WlA5dFkvb3BRU25wWEJMcTNUUHE2OGZFVS8rMzNVWFA1NWM5TUFiVEw5MnlFaXNvTytmbmMvVE5wdGhaSmYzR1JVRzFYbXZOcGRQZ1dqcm1DYjN5UUdLNHRNcEdScFhKM05RRzBMRUJsckNJMmpKZkVWQStsR0drcGo1ZnRSWFlldEFORDZsMFFiaVBLRE1GWktSLzRKdkVxVHR4RThwbkxRSC93VzB0aEgrNWNTODBJTG4rN3RrZEJERVlCOTNBMWxJcEdxTkQzRlNVNHIySFpNNHE0T2VadWZGL1krdFFRUkoySUdGZEp4MEJGKytuWXZTMnw&cppv=2
Request Chain 645
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=6ddc8673-acf0-4205-a045-ce10f6f8d6f1 HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=6ddc8673-acf0-4205-a045-ce10f6f8d6f1&google_gid=CAESEIGczn1dxLUQHpVkJPJjZd8&google_cver=1
Request Chain 646
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D6ddc8673-acf0-4205-a045-ce10f6f8d6f1&gdpr=0 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=6ddc8673-acf0-4205-a045-ce10f6f8d6f1&gdpr=0&cklb=1
Request Chain 647
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3D%26url%3Dhttps%253A%252F%252Fmedia.news8.de%252Fin4.php%253Fuid%253D495573400%2526e%253D0%2526s%253D0%2526p%253D0%2526sid%253D929%2526size%253D4%2526referrer%253Dhttps%253A%252F%252Fenamora.de%26hn_ver%3D40%26fid%3D6ddc8673-acf0-4205-a045-ce10f6f8d6f1 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=8368826727068441185&pid=12763&ref=&url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dhttps%3A%2F%2Fenamora.de&hn_ver=40&fid=6ddc8673-acf0-4205-a045-ce10f6f8d6f1
Request Chain 651
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Deefef1f7-8f55-4ef1-b226-399b9b85e539&gdpr=0 HTTP 302
  • https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=4536891572803098826&fid=eefef1f7-8f55-4ef1-b226-399b9b85e539
Request Chain 653
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=eefef1f7-8f55-4ef1-b226-399b9b85e539 HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=eefef1f7-8f55-4ef1-b226-399b9b85e539&google_gid=CAESEIGczn1dxLUQHpVkJPJjZd8&google_cver=1
Request Chain 654
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3D%26url%3Dhttps%253A%252F%252Fmedia.news8.de%252Fin4.php%253Fuid%253D495573400%2526e%253D0%2526s%253D0%2526p%253D0%2526sid%253D929%2526size%253D4%2526referrer%253Dhttps%253A%252F%252Fklamm.de%26hn_ver%3D40%26fid%3Deefef1f7-8f55-4ef1-b226-399b9b85e539 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=8368826727068441185&pid=12763&ref=&url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dhttps%3A%2F%2Fklamm.de&hn_ver=40&fid=eefef1f7-8f55-4ef1-b226-399b9b85e539

677 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dragonball-tube.com/
Redirect Chain
  • http://dragonball-tube.com/
  • https://dragonball-tube.com/
26 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dragonball-tube.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e409dc20738a652ea368358dbc02ff88e6e4ba1d5fb97c678981b8f32c7f7bc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
74363382cafe695e-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 31 Aug 2022 13:44:30 GMT
expires
Mon, 1 Jan 2001 00:00:00 GMT
last-modified
Wed, 31 Aug 2022 13:44:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZ18IPeNn7jqM1wl6kONV7dI6wdtF3rIcmL3wy7E1BLWailkCcPZ9n77pbWZ9HJSwpegxYNbIfTnKDjMspFs12Qj0N0DOKyXzxCq%2BhM5gneLLIc2k9HxbG7eOIsVhNkYXH80%2BUvz"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-RAY
7436338259889b39-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Wed, 31 Aug 2022 13:44:29 GMT
Expires
Wed, 31 Aug 2022 14:44:29 GMT
Location
https://dragonball-tube.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSd9lkR3YbLL8UVHkqVEpcnyJwMOpwP7%2B2O2YE5Wm2KpmpDJDsX2xxO12YR1Q3FyDxr8Tlooa0G64HtC0w5KAG6SbFu780%2BaGhJjn%2Fj8Cb2fOtY4c8iLEzFnnOWU45A%2BcN%2BxjZ3z"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mootools.js
dragonball-tube.com/media/system/js/ 		73 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dragonball-tube.com/media/system/js/mootools.js
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f41f29b0f02e5481de7e96b521b618eca399bade637e84457034fab87681d91

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:33:48 GMT
server
cloudflare
age
5916
etag
W/"532d913c-122c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gw3Vx70nYQXse%2B6nCD5vDl9EmjXeqC9Ih91BcscJD2vpJDCOlNpCN6PPuQ6jBk%2BYNVjsgsVzf2m1jJaZTjZx1Rb3t4%2Bhz%2BuLd7EWjdxlrB%2BmqgdpzUgqybuUNYey3awgf8K48W08"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74363383bc6f695e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
caption.js
dragonball-tube.com/media/system/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dragonball-tube.com/media/system/js/caption.js
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfe8f7650885b0eb139da2fd24a038fb4ca0067a566ea5c93e30fd68c3ad9eee

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:33:48 GMT
server
cloudflare
age
5916
etag
W/"532d913c-865"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5uOLh2%2BagvYcOVtib78O33H2TChqQEzoyQGH13NZ%2FVTSgWatkCPzD6V6Hg9RMxOiqiukI%2FdrvVQneJ4%2BqFRLs3mmDtiWqrenLwYHdH6FNIeNs027pRiKjbBvFV9pYGXp%2BjKm7Sp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74363383bc7a695e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
general.css
dragonball-tube.com/templates/system/css/ 		2 KB
974 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dragonball-tube.com/templates/system/css/general.css
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cbc4cc3417ad2b7c4f69cd47a7b91dbd798b3722462fdccd081c31d05f2e61c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:22:49 GMT
server
cloudflare
age
5916
etag
W/"532d8ea9-956"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7V7KLDSXaWCsTnbJbMH7e0uDAIEVpE%2Ba9AlvmqByxbjA55d9FDkUz3ixzQeV8sGikgbY8ESFr9Tk2gJ4b2%2F01VRnZEkbSkLjyXn2nMZPCIRX%2BBkA96tbAAeur9efKSWZQlSX6FJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74363383bc71695e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
system.css
dragonball-tube.com/templates/system/css/ 		1 KB
788 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dragonball-tube.com/templates/system/css/system.css
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d824c8b104ad2fe36019f4b3238d8c2969ae84008602a1f3d0b96024d6b131a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:22:49 GMT
server
cloudflare
age
5916
etag
W/"532d8ea9-569"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yj6MdOrjLOdhIkj46ieh7cheFmuwGtz2zTi8HdwV9uftxFz2PwybsFqUEDPNZJiTYhQg2XuP0jIc11iMPnQ83IzvME8eT4k8DtMrkiDCLUQD0QC7IFgXsmLy8gBo9tN%2FKbVEYZHH"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74363383bc74695e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
template2.css
dragonball-tube.com/templates/caprica/css/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dragonball-tube.com/templates/caprica/css/template2.css
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e412e84a85c83657fa00a6da402a8b64c0c6faa1bb7024416ee72792d6d2bdb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Jun 2018 23:54:58 GMT
server
cloudflare
age
5916
etag
W/"5b19c5d2-4c2e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDGgRFubz7bcbmSZbi87FuhhyvV6FX7ffDbUYQcX0hj8pnKkVBpx3fOYH%2FHgPM4d57%2Bwi1yXw9G78fsxE2SYTFBRBNzboziPm8mzNwcgdU%2FNmkakGtua3wh1KibC7pph087Lo70V"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74363383bc75695e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1000px2.css
dragonball-tube.com/templates/caprica/css/ 		230 B
575 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dragonball-tube.com/templates/caprica/css/1000px2.css
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebc89744247b7dc55942489f3cc024ffb5561f35598be98f78bb65fb51711b7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:30:38 GMT
server
cloudflare
age
5916
etag
W/"532d907e-e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BXwdjjkgMrMZLPoeuID2ra5WIwrEvDI%2FN3Ksh%2BGaR56WdqOS0dqzNgW6IAw8R97Fjl6MnptHw%2BmaWOi4%2FAgh5%2BSCi2S%2Bu3%2Bglyq0ifJvX3qfJCxE2AcRZKhw31xWEykLKRFAv9Gz"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74363383bc77695e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ownstyle.css
dragonball-tube.com/templates/caprica/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dragonball-tube.com/templates/caprica/css/ownstyle.css
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ef441397a2b83b65f0891e02347b0f824fd7cad319b1c097308f785012268b7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 06 Jul 2018 14:14:29 GMT
server
cloudflare
age
5916
etag
W/"5b3f7945-3764"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5DSfohJ3XMbz9zQgnuXeFY20gNSjndVXQ78emFBzmfqzz3HryPmEA4xkYucW107VUnUl1gL0Y2arhvA%2B9SQ%2FlAKEjDrxW867RnXQtD3fAD%2F2wm9UJnRwEXktBh7nbGOXhw%2BpSn9"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74363383bc79695e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-3.3.1.min.js
dragonball-tube.com/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dragonball-tube.com/jquery-3.3.1.min.js
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Jun 2018 14:11:40 GMT
server
cloudflare
age
5916
etag
W/"5b363e1c-1538f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrFcycA9nTY6HseGjJv4KWFsuXzWlLdwjawDTQx2WPbRRo%2Btij4CFGjNJLzzVAKkruZ%2BJwn7APjW2wRNtJEz9cPuf53BA1nlcNcby%2B1bwUGfieOdjwnkzrVqtYXbwX2Nxj8SWP9b"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74363383bc7b695e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-64822671-1
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
55320df11f4b1f769e314be2802aa92e719d09e1e6d2f8f2b243c984446b67b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41923
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Aug 2022 13:44:30 GMT
trans.gif
dragonball-tube.com/templates/caprica/images/ 		49 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/caprica/images/trans.gif
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:30:39 GMT
server
cloudflare
age
4722
etag
"532d907f-31"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkfyKLOXvAdXmK2fy%2BcbCE3q%2FiKuO44GE8bGknughiCPTEpVFFL87w44EOUD6PzgS%2FeVtHX9EnNeYg8hu9DBROQ%2BT3LLUbeUoHA6ZU2b4VUskKU1elK8OtEB0zqDJ4QzVCUJSNTP"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633841f32921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
49
dragonball_dropdown.png
dragonball-tube.com/templates/caprica/images/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/caprica/images/dragonball_dropdown.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24716b89ef0706ab40b366d8363c0c3de855d42d869dec9082e65103a9cd5978

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Wed, 28 Mar 2018 11:39:33 GMT
server
cloudflare
age
4721
etag
"5abb7ef5-4530"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRVQk%2BkmQ5OvGApepoSHKpU68rDxMohhkbrUmBUQuoi%2BCORLFu7nLiYsigRwA7jRUVVrPMzmj6o14O4WxmQ0RIwi%2BAJMuPbxwxlEUTx2PRrM%2BT8icp%2FIGxZhBhjBnOO6vR3f7EEt"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633841f38921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17712
dragonballz_dropdown.png
dragonball-tube.com/templates/caprica/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/caprica/images/dragonballz_dropdown.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c38fb8803f0f3d54042275fb83f607444ffe92e4243c6ed002bcc7fdccfc3c61

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 05 May 2018 14:12:55 GMT
server
cloudflare
age
4722
etag
"5aedbbe7-2e77"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SgtVvppe8%2FpTA9NsYYN4r3n77kcZDNpdXJ2fb4hGN2fCSbqpIr3bQYk99U8Os0zQY0UX2ZroroT9PXrPHUYk14dDiy8N%2B4W92Qwvcl5MppMPQp2j2%2Byez%2BeShXrNPZNSsvazBteP"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633841f39921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11895
dragonballgt_dropdown.png
dragonball-tube.com/templates/caprica/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/caprica/images/dragonballgt_dropdown.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd65f097cca15df3bd4afad4e6e69575f85b3364d33eed8f8ec2ee778d9c78ca

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Wed, 28 Mar 2018 11:54:34 GMT
server
cloudflare
age
4721
etag
"5abb827a-2116"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crnbf0eRR8fnu14maOiuDUYFz7Mh5Uk7JWSZNYcyh26oK6UrZnnIuYrghE6LKw3Sv4%2BaxPNsS6x0%2FRpj79LjvhGRZ0bQ5MQ0GGzmsn5KNMN%2BPFhCJc1fzXwCzl%2F5Kg8%2BzxCCRxwl"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633841f3b921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8470
dragonballsuper_dropdown.png
dragonball-tube.com/templates/caprica/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/caprica/images/dragonballsuper_dropdown.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d1add8b66b3b2eb042aa10501e0cbb9cd1ac7a0747c97a6e5ecb2eda32345bb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Wed, 28 Mar 2018 11:55:18 GMT
server
cloudflare
age
4832
etag
"5abb82a6-1ced"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hElU64LpU8wVLGZZDigtD4wbHNQEgL9Yznb5q5LYYX%2F0%2FcoM4owhuO68O7gcs6kvIUwsEpHt2ZWqbbfnb6dKzXFj9gAQea1GZSpumdGMAOdiydzo%2FVqfFnm7zBFlg0bLq9pxHr9Z"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633841f3c921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7405
emb.js
st.chatango.com/js/gz/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.chatango.com/js/gz/emb.js
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.28 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
95db5e0f52d1d89a1c17733e005452f61c10c4b351a8737b7730fbf68dc3cd8e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 13:44:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 23:45:11 GMT
Server
nginx
Content-Type
application/x-javascript
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23804
Expires
Wed, 31 Aug 2022 13:44:31 GMT
banner.php
view.webplexmedia.de/ 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/banner.php?uid=945079468&e=0&p=0&s=0&sid=854&size=4
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
979e8f8ee5ebf383c6efc90997069e513bbdb12623bf1ecd12de5bec7d44e3a4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cache-control
no-cache
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
gzip
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
banner_small2.gif
dragonball-tube.com/templates/Grafiken/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/Grafiken/banner_small2.gif
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02ad60828c115e97fc41cd91e4e4303ec29c46160b2493a85b1d5b9bc3e08eb3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:30:36 GMT
server
cloudflare
age
4832
etag
"532d907c-18a34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDjEglhrSeJHJBKtRSiNRe9olaOiRyWlfkOVkR1uWEAgzISiKBsKsjs6SwsRYOPdwPsQBofNrQ321vaJ2rlmDgv7dpKsivFk5epcqCIcLyOrJq6U9lv4VVstXTAg%2BwBXef43PovA"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633841f3d921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
100916
banner_small.gif
dragonball-tube.com/templates/Grafiken/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/Grafiken/banner_small.gif
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeff4ff0fb0ac203d6273caa750d6ec45728de9bfdccd031699795498a70c5df

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:30:36 GMT
server
cloudflare
age
4832
etag
"532d907c-1f233"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nczgwE2vYju57iEdgw92%2FC%2BI03fQeU8vAdW0HbYbvBLXuawZ3xSpTM%2FzjEK%2FS7g54KZYe%2FbefVixq%2FzgMl%2BxAHOAbmJtljw54u6Y2bg%2B6bQuDEq4l9wwrulz%2FdhgCW%2BhQa1kTRfw"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633841f3f921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
127539
facebook.svg
dragonball-tube.com/templates/Grafiken/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/Grafiken/facebook.svg
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a12a69741a00b3fe0f1eeab41df223f7ea4ed428a90e091622a46e6db06cd6b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Apr 2020 15:29:46 GMT
server
cloudflare
age
7030
etag
W/"5e94856a-4a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liecpEvrKmSAsGfTANcV0u7yCYnleYpwN7AgmgPGlfU%2B%2FMkFMKKb47kwoj0BMgVoIQdQoG5BDbTQ%2BDqjSwF9mEO5zpMvqP6ZIw%2ByNzrZrUsMuSy16g1gJ%2ByA03k1u%2BsBFHqk9jXs"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
743633841f40921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
amazon.svg
dragonball-tube.com/templates/Grafiken/ 		673 B
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/Grafiken/amazon.svg?new
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad975e3af8266a5e38d207e80eb4bd17b8593a0f629f0013af5dc1153252c452

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Apr 2020 15:42:46 GMT
server
cloudflare
age
7030
etag
W/"5e948876-2a1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AW9ICzJxH286SIhyCTAAAiEWUySFFewkJJIJQ%2BYxqAv6GmrytGvecUp%2FIllDF3zgB%2F6zEH5wTgPTGwOQMVNndcWmuI7DtYO6z7zBA9PZC2Beaq2oVIrnq203pB%2B6RD1IrvQ%2FcyhT"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
743633841f44921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
manga100.png
dragonball-tube.com/templates/Grafiken/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/Grafiken/manga100.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b492fbe0a02dc8d5f6097dd996ebe2c8de3310d3d4dd2888a40326582ae8dd16

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:30:37 GMT
server
cloudflare
age
2638
etag
"532d907d-2329"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2bUV2qFvLZNsCBxtp8mLnmVP2aLwr00hFs22Hhjtue3yPXRJrEim2XkhfXXIiJxM0%2Byp0yxx68kXIztizYuR7NG5p10V11EgDZhAVfXUrNtI7WTMwMFvX9D6tS4b9ec6kBH46f%2FZ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633841f45921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9001
BorutoGo.png
dragonball-tube.com/templates/startseite/ 		227 KB
228 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/startseite/BorutoGo.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6881118acfcf78a6d84c2b2e1d8f5f11ff5363150d608414726464802f1c3635

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Tue, 04 Apr 2017 23:55:36 GMT
server
cloudflare
age
2638
etag
"58e43278-38d72"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXpo2%2FtoarG3Nw3NT9zy2NJwpSZtgAjhD9Q2%2BNZ2pYUkADoI0iF6pFTCnhXcix2XIcJo7a92Q2ucrnf3OeWU1WnyLBkV6S7%2B1M2qXfDkqdYBMcY1zjKrpLu1JjiBFdaDnMei067r"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633841f46921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
232818
anime100.png
dragonball-tube.com/templates/Grafiken/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/Grafiken/anime100.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b492fbe0a02dc8d5f6097dd996ebe2c8de3310d3d4dd2888a40326582ae8dd16

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:30:36 GMT
server
cloudflare
age
2638
etag
"532d907c-2329"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFY8Zjk0D17H1jRKWZWr3PtV39FAQjMlYXB20vt%2Bpi3PVOQcDwiC%2BPpYC36%2BeFHiEDXXRwRi%2Fwa5Wp9Ev%2FiaEeGbQUh5vqsQmWdxJnfZKmu2Dmk6ZSsMyDunM2SNo4ukn3usepey"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633841f49921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9001
kalender.png
dragonball-tube.com/templates/startseite/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/startseite/kalender.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a8847e6fdfa97e19c86eafcaf7f60e470847db1a40e12b15b39782004d4663d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:30:40 GMT
server
cloudflare
age
2638
etag
"532d9080-705"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWdF%2FhKOCluzntGtZmBZJcscpF5U%2FIPQjkwwVw0rIT7uHFEh7xgJBqmuKkQDMMadszYw8yJVuPz%2FvdvcBwtT6HCuYU8UB9JeuTYXT3AKVvhJN6EBPqLkpGWRqCUPy%2FeJ53%2FYtVOD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633841f4a921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1797
sdbh026.png
dragonball-tube.com/templates/startseite/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/startseite/sdbh026.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6b254942d9acce474295b68f0c687bc7333468d1bf8c3dd2b909555e9a1eae4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 29 Aug 2020 10:35:40 GMT
server
cloudflare
age
2638
etag
"5f4a2f7c-6f9b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9DfDYWy7dvnLDcUWNkKx31E531mHzZwjv2S3BSwEl5X1Ehdg4ay6k6nNvadvYBkHxK7dWnhN5kobByQkzG%2BiCfc5cDKFD%2FvV5%2F7vtyZ9u7Vmj4mrNNYQOtNa5BIYn2e3gpZgQsj"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633841f4b921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28571
DragonBall_063.png
dragonball-tube.com/templates/startseite/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/startseite/DragonBall_063.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2555f97253b61f29dff22b233037ad73159912cfbe96d290894f8efb6576a01e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 29 Aug 2020 10:32:08 GMT
server
cloudflare
age
2638
etag
"5f4a2ea8-33ae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDuLrX0orKPtPH%2FHZNc2saSced%2BOk%2FWscued7spY%2BUGrSOfCpLPwblH1om1N5mvfLXnQjBCbZWXgje2gGv%2FKvD7TToEMwIcqoAkoYVoCfmBW1v501P4MFyqq8WNkyrCksFlh743F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633841f4c921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13230
sdbh025.png
dragonball-tube.com/templates/startseite/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/startseite/sdbh025.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cea864c08935e4829ac476a659369a6f104bc42975540ca96922c364c05a0ad7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Mon, 17 Aug 2020 21:35:58 GMT
server
cloudflare
age
2638
etag
"5f3af83e-76a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQ6G9svGaiksZb9ZRtO%2BuavMfX0%2FDFb16ODNv9h2%2B5JdgRqtBWiEcK4Qrg7uhpuLh8nZ2ShfEmhefADpJRAGBymmzIyGzbnRUjPmQWbKbkj2p7yhGMEDSLCSrMknsyNEBpb1BkvA"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633841f4e921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30375
DragonBall_062.png
dragonball-tube.com/templates/startseite/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/startseite/DragonBall_062.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
471fa3e2feed6a9cc4337221b28d39234da2e826ef933b3df31a1d713e1e134c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Mon, 17 Aug 2020 21:39:24 GMT
server
cloudflare
age
2637
etag
"5f3af90c-2b3c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3koDUyoR8dHa2wx1FGNgqKVSCl2h8Aihp29R4y6GSJDhBbJzv8%2B6yD4E57FdZ%2FW%2FP%2FKALwFuENibV2oxxWOcEa43FJHsOGael0KdA48TNw%2FmMS5DLVPYF82Hsac5xPAtTTb4es7"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633841f4f921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11068
banner.php
view.webplexmedia.de/ 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/banner.php?uid=945079468&e=0&p=0&s=0&sid=854&size=2
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
70d6644ae6100468cefbb889c4f815c1977cf54d1558370ff508fb5d56e61c7b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cache-control
no-cache
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
gzip
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
banner.php
deliver.helpnation.de/ 		362 B
434 B 		Script
General
Check archive.org
Download Go to
Full URL
https://deliver.helpnation.de/banner.php?uid=924994936&e=0&p=0&s=0&sid=4&size=2
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
d1dff7ddfdb142c4a7685479a7f665d75a32026aede769007614b8fcb81a8ddc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
gzip
server
nginx
date
Wed, 31 Aug 2022 13:44:30 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
plusone.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c83d212d214bd2b84cf910740973055f9a6391ee8a53c4c815d81fcb9f40afb9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20362
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Wed, 31 Aug 2022 13:44:30 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"0993e376ef617183"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Aug 2022 13:44:30 GMT
loader.js
www.gstatic.com/charts/
Redirect Chain
  • https://www.google.com/jsapi
  • https://www.gstatic.com/charts/loader.js
65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/loader.js
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H2
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:18:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19937
x-xss-protection
0
last-modified
Wed, 23 Jun 2021 18:41:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="gviz"
vary
Accept-Encoding, Origin
report-to
{"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-type
text/javascript
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
expires
Wed, 31 Aug 2022 14:18:28 GMT

Redirect headers

date
Wed, 31 Aug 2022 13:35:15 GMT
x-content-type-options
nosniff
server
sffe
age
555
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/charts/loader.js
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Wed, 31 Aug 2022 14:05:15 GMT
cookies.png
dragonball-tube.com/templates/caprica/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/caprica/images/cookies.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b987b66e874b72abe1919a9d966a5e49922760e7806c10a9aed3cfebba0da33

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Thu, 24 May 2018 23:39:11 GMT
server
cloudflare
age
4722
etag
"5b074d1f-13ef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CVgLz68D9S1kORv8gxirXQBGNrlIlweZFmY2zN4%2BtOsQGfeL3esnqBWpgJGT4vNifBM%2FYjI3EV4NFxPdMSFiO6%2BO9PXH3fRgJhwiyjywMisEZl34JMN6JcHpEHbBozPl9NwjOEyE"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633841f52921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5103
body_bg2.jpg
dragonball-tube.com/templates/caprica/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/caprica/images/body_bg2.jpg
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/templates/caprica/css/template2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eee63d56cb60adcef9626ef237065a99dd7bb638ad21b6ba09bc29a3977050d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/templates/caprica/css/template2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 09 Jun 2018 17:32:49 GMT
server
cloudflare
age
4832
etag
"5b1c0f41-224b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YRSazVT0ih%2F68HZ53vMGK9FUun2mvgQHrWIu%2BH%2BGZ5rit4sqZy3Y4ZSXP08kYxDKM%2BPHuW4lCqm6YMenFZf2TixkOcIRMimoLmegbngwVntINISx4h2u%2FbyZ0BuGAoLK2u35sp3O"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633841f54921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8779
main_bg3.jpg
dragonball-tube.com/templates/caprica/images/ 		310 KB
310 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/caprica/images/main_bg3.jpg
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/templates/caprica/css/template2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62536b7ae3d555a8f998d3ab12bc7b920dde483edf9daf8d35e878d2d1182775

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/templates/caprica/css/template2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Jun 2018 10:10:57 GMT
server
cloudflare
age
2209
etag
"5b1f9c31-4d7cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2Frt5xARYfdA%2FnAPcHMlyfVTJWxi0yu%2FGvzh9Ba1Ug%2F43bQyEszwLPQbx9LLL8HcuGu7KQ9uyawEZh13aYsVuemY93NnxeeGhQpOKtyvm3GEi23BAY1WKqY7IWCWRWH0wy9qVdNK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633841f57921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
317388
logo.gif
dragonball-tube.com/templates/caprica/images/ 		43 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/caprica/images/logo.gif
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/templates/caprica/css/template2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/templates/caprica/css/template2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:30:39 GMT
server
cloudflare
age
4832
etag
"532d907f-2b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2P6YusE9T1N2%2FpiyU6u07MOg2cHWXOlGgCGSJGCWUP70hJwqEk%2B9cXkAlFyh%2FZ%2FaIB2hfyADGiAq%2BPZtN07Qp4dmzEgnDv1oUsa3EBDAuv8isxm%2Fi%2BDHRFOVtnIKpPN1gaMkp6a"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633841f59921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cb.jpg
dragonball-tube.com/templates/caprica/images/ 		421 B
891 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/caprica/images/cb.jpg
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/templates/caprica/css/template2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b525db9076ab2e60b649f451fc0b8f28bdfd0e798cd03ff2a7bbb0df056bb8de

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/templates/caprica/css/template2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:30:38 GMT
server
cloudflare
age
4832
etag
"532d907e-1a5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=acg7tcMwXYrFPDdZrFBNw4I02FLYhlH%2Fx6y0WgpnL6NfXOsoLxPLcm11jjarR37xzcggeUT7tr4M8UQguJv%2FXeyniqaSE54KT%2BGJ8paUfWX5dUGX6U6yXOMae6aoLAXDrK3XN8S2"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633842f66921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
421
mod_repeat2.jpg
dragonball-tube.com/templates/caprica/images/ 		845 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/caprica/images/mod_repeat2.jpg
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/templates/caprica/css/template2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f9ddb16e79d4d766243bdc8882427313b422a2b42f86b281aec279b49e98fcf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/templates/caprica/css/template2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:30:39 GMT
server
cloudflare
age
7030
etag
"532d907f-34d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K01hd5OKP7X4Ie2goquqU8%2B5ruy4qpGEq8PvRFlaHcnA1oIW81bpjZFFfUe8YTdZNyCq1khBHPOeVjRrjMMUZs0vvDZXZf9G7sk8MEbzI71xD8Wq7PKoa6tL6q%2BvmoxZSDnR4FLX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633842f6d921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
845
mod_bot2.jpg
dragonball-tube.com/templates/caprica/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/caprica/images/mod_bot2.jpg
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/templates/caprica/css/template2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89c575f0c94b26e707f9c06719f913681933a7ad9ee4dfd2602d426589c1082f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/templates/caprica/css/template2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:30:38 GMT
server
cloudflare
age
4832
etag
"532d907e-7cd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPUvTCXOhnieFbJ4UDWmPHuFdJgXE%2FwGnNFTIWzIb45dL7EdLJVKw8v2YUR4UHjaaz0qPVonp7REUxEexlYS70rwyytGq3yTEFgWmhMcYXzLegGq9QFTsxX0M1GXTvNkqfxmtjHJ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633842f6e921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1997
mod_top2.jpg
dragonball-tube.com/templates/caprica/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/caprica/images/mod_top2.jpg
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/templates/caprica/css/template2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bc55c8ba260bec669e7e1a3a9f58bee850b833f3aa81f77a239a3acff6f8b35

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/templates/caprica/css/template2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:30:39 GMT
server
cloudflare
age
4832
etag
"532d907f-b2d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HIpYHU3mYbH589XlhbJpAOiJFZM8fhzBfqaNjYs3IhYuE3rczAtVC%2B0cv4YsqaZ%2FPPpStiUmGS82KzuzrnUa8p%2B6KOT0bWw77ZMHiE2uhZcKKhb8cmNC0pJjPLWnnDNV7PrpNj3Q"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633842f6f921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2861
b2.php
view.webplexmedia.de/ Frame A74C 		740 B
593 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/b2.php?uid=945079468&e=0&s=0&p=0&w=300&h=250&sid=854&size=4
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/banner.php?uid=945079468&e=0&p=0&s=0&sid=854&size=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
14172044559b3520a896741ca738a9bf7f8307adbd5386c24811d314d6d616b7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dragonball-tube.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:30 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
webplvers.js
view.webplexmedia.de/js/ 		91 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/js/webplvers.js
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/banner.php?uid=945079468&e=0&p=0&s=0&sid=854&size=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
8c25ade0a1d20dfb962dbc265e60d98d90544f13ce586820e3c3dc2baae64e81
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dragonball-tube.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
last-modified
Tue, 31 Aug 2021 15:27:16 GMT
server
nginx
etag
"612e4a54-16b34"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
application/javascript
accept-ranges
bytes
content-length
92980
x-xss-protection
1; mode=block
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-64822671-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3348
date
Wed, 31 Aug 2022 12:48:42 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 31 Aug 2022 14:48:42 GMT
lg0.jpg
view.webplexmedia.de/ Frame A74C 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://view.webplexmedia.de/lg0.jpg
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=945079468&e=0&s=0&p=0&w=300&h=250&sid=854&size=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
last-modified
Fri, 04 Dec 2020 00:56:23 GMT
server
nginx
etag
"5fc98937-5de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
in4.php
view.webplexmedia.de/ Frame 18C9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/in4.php?uid=945079468&e=0&s=0&p=0&sid=854&size=4&referrer=
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=945079468&e=0&s=0&p=0&w=300&h=250&sid=854&size=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
17de521791f8fbb76b054407f96a9cabf90a222c67ae367d02ecbe66832fa948
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:30 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
sdk.js
connect.facebook.net/de_DE/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/de_DE/sdk.js
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b84166bfe38537664b2d1fae7dbb2ec3d0041d495810a1adc50168a2030c2243
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
j2V5jx8MUTbEy4bUhVp3Fg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
k3x5K4HsLal6Dca0NfnQGEIeZAJz1ZXaeaokY7bdi7W8GyNvf+L7FmgzBxRK8/GacZBuCcAjXtfedfxx8zNVsA==
x-fb-trip-id
686109401
x-fb-content-md5
4d32868f4b9af88fbe7f0d7d4884176f
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 31 Aug 2022 13:44:30 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"ba8cbf9167ffda328051c885b8fb86d4"
timing-allow-origin
*
expires
Wed, 31 Aug 2022 14:02:15 GMT
pw.jpg
dragonball-tube.com/templates/caprica/images/ 		647 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/caprica/images/pw.jpg
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/templates/caprica/css/template2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89ccf7b1b02f7c10f304e95be9d4263e8f72bb0902ba137dc4aa4e1f7fe26c88

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/templates/caprica/css/template2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:30:39 GMT
server
cloudflare
age
4832
etag
"532d907f-287"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQp1Ox4TsxIdrBsJSg7KbSIhi0j%2F%2FqNzTwEFBrwzUFSswV6D38OV7s80zAI%2BejvnaQ3IWR%2BPnGkMu%2FEHdoBMF8uJt1%2BHhGzGmOLqokKnLKaONrB6eZ0hpEfZGqLeut41AS%2Bs5d2k"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7436338548bc921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
647
sub_bg1.png
dragonball-tube.com/templates/startseite/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/startseite/sub_bg1.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c80fe2f3fddacf61c34f8b931a37f7e781aa87f3d37f66350da5525f200a095b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:30:39 GMT
server
cloudflare
age
1962
etag
"532d907f-23df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1Tgk%2BjeGDoHp60VU9XdCr3rI67TLXP0mYgTJHwI4IpKXhiY7aXwnBtBd1Xcl0JRwvz6tpq6%2B4a3O%2FDBHrpYl%2BnFzKlXYdk92wLjlhT5rr5laYxyFH4%2BcJ0ITb%2FZSDD0wYJ5c4cF"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7436338548bf921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9183
lottery_bg.png
dragonball-tube.com/templates/startseite/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/startseite/lottery_bg.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c00f31ad114bda11405e2d6314696b4fd8081c4c22f89ef9df1ee887c78914fb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:30:40 GMT
server
cloudflare
age
1962
etag
"532d9080-431e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFXweDVQVPTmDycNawztF%2BZ60IQlTW6WEfftbOPOa2K%2FNEy3CHrgFB6nFgy0hZ1vzeaXPssIYZzmlTuKyQFiF2vR8P48qGfkSbHKvhAj5XdWRskaqrwtRBNFbthOBOnFcsg1kqw%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7436338548c0921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17182
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1346643311&t=pageview&_s=1&dl=https%3A%2F%2Fdragonball-tube.com%2F&ul=en-us&de=UTF-8&dt=Dragonball%20-Tube&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2046635149&gjid=274205556&cid=112436510.1661953470&tid=UA-64822671-1&_gid=1632722142.1661953470&_r=1&gtm=2ou8t0&z=1863039362
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dragonball-tube.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 13:44:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dragonball-tube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sub_bg2.png
dragonball-tube.com/templates/startseite/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/startseite/sub_bg2.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82a3f563c7950d61eb323ac36257d3ee7c9bddfb304098d118d472ae9d19ba9a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:30:39 GMT
server
cloudflare
age
1962
etag
"532d907f-19b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csDO6Jv9ktiMP2UDNqm8I2r%2FZBMKCgXg%2FN64Ev8gbnf8FuqITP%2FyrZvYBXlL5ZM8E56h%2BCLSE9pRtrzD6%2BZI4Q5yUSTL3WV4Wh6yI%2Bno4B9fPi18eSTt0wCA%2Fne49%2Fl%2F9w%2FYPNZY"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7436338568f0921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6579
info_box.png
dragonball-tube.com/templates/startseite/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/startseite/info_box.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c700207cd346b2625a804b41f581afc9351b319719ffb198ad39144366df6239

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:30:39 GMT
server
cloudflare
age
1962
etag
"532d907f-5342"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNrDgovUji4OzpPJrm890lQp0s27nWLaOpO64Orkr1RDjdlYS5%2B6nQwQG9obn4V6fpjHviS32UG5GU88H%2FL6fcEpJKYZ1Q4GT2rH3wc2PwtNEG8G0V3c60IYLTH9wNLiRfL5gEuW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7436338568f6921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21314
update_bg.png
dragonball-tube.com/templates/startseite/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/startseite/update_bg.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edbf3cc6250e1cac743959257f830469c245d353342d4a29694b82fee059c3a7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:30:40 GMT
server
cloudflare
age
1962
etag
"532d9080-7f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VyqA5ouZ24I0bq4YhhvzUErqRhecmgb0lq1Mhho8wkEuPGikjqei8vjFMZtydKXz75m%2Byj1D5RvrRLbbGVnsyq%2B%2Fij%2BAasf4stxY1BOJ6IuFUHNyf7GGUBBplUJT%2FmuzzekTeLba"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7436338568f8921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2041
news_top2.png
dragonball-tube.com/templates/startseite/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/startseite/news_top2.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03d5ce9fd1cd67e0c631da7ecee842bb6cbac4b82ea16064e3b3159e377482ba

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 15 Aug 2015 08:13:58 GMT
server
cloudflare
age
1962
etag
"55cef4c6-146d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EiP1BuU4U0sNyRA2mKED4fBxnvlj6U9DFysehOShvxks9Qje%2F0A3M1UQsZ%2F1Mrhpidus%2FW%2FIJix9NoKdwiT7YqpwJkNjUQXnAJ8wuug97kbwGTGjSE9fKuGVj8MXDlq7i2DmUXUt"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7436338568fc921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5229
news_middle_left.png
dragonball-tube.com/templates/startseite/ 		226 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/startseite/news_middle_left.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0398576f2352ddc2a9e0cec57cba9534325074f41e707a70d03e92af5c521ff0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:30:40 GMT
server
cloudflare
age
1962
etag
"532d9080-e2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdUWFNnqHWWRxySebIQc60D%2BEdJDBDO8HgzIZYHyusWpx1B3qMoR%2BjDqF5MlR%2FG9hdx4xJAg6cAd3facFHgoCwjTeUCehoScNMMf9%2B30iuBpCW9n63xn31TZpoQ40vqUVtu8gB3Y"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7436338568ff921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226
news_middle.png
dragonball-tube.com/templates/startseite/ 		549 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/startseite/news_middle.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0df6b7e526b74f0f781f4bb2718066c37696cf55d3818b8a1923fca65c64b448

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:30:40 GMT
server
cloudflare
age
1962
etag
"532d9080-225"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRTKAFoGqZehqxKFHTXDI36B2Hd3yNtTnPwtHWfXXDlo9rQ%2FNLOEp8mgRTpBur%2BUa1Vi3pCzUVaflKU7Woooaj%2FNIceioDDlinWGVFeNjAxlFybmXrpcd42xLqhJHCsqI9jIKxbM"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633856901921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
549
news_middle_right.png
dragonball-tube.com/templates/startseite/ 		228 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/startseite/news_middle_right.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9640bfe02ee029a65059e83f9da9aa81c16e4da84051876fc09581aeaeec63e3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:30:41 GMT
server
cloudflare
age
1962
etag
"532d9081-e4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXVlamW6KoBkQ3tbNEpYdx4m8Ax2MkzVtW9YXn9ATEZI855POtcvp1C1o9mPJQK0UMYcL8Yu2p3lSW0m6HaCHD8dgyj55iNhkKD76K8YCglM9mJSiyjyswOj3L1hzJSM66K9K4lM"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633856902921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
228
news_bottom.png
dragonball-tube.com/templates/startseite/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/startseite/news_bottom.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cf3abac33af5b2486b6f5a80408290d4d081e2dc5e26a7c1a402f48f76bad88

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:30:39 GMT
server
cloudflare
age
1962
etag
"532d907f-1a19"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2F9PZFUvUv%2FLV9pPUTwCooNn9DPVXYOfRnmZanzE5i3s4L0IohfD%2FlrnHV4pOWbOyqFYPM1xfXR7uG2DnVxKPJ3dIwYWZ3kazpuMH6aEKKjT6JossQwUaYzIz8la7BK%2BOvdC96GE"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633856903921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6681
news_top_ad.png
dragonball-tube.com/templates/startseite/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/startseite/news_top_ad.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dd15ee91f5ab4245c84ac337159c1b27d247d9299f7f3abb1d792bd8f14edb3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 06 Mar 2015 23:08:29 GMT
server
cloudflare
etag
"54fa336d-969"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cO36RZpQh%2FOGCyfdXl%2BAsHcVVoTrZi6x6%2BTUjPyrcDR86CyWlq29gpoJg9U%2F21Bei30ngD8BJTlvig7QBsEYBe0%2BU5ZBlVCiRyT4KmrRDLreXcVi2zszPhfQgjyzNbSI2M20MyTn"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633856905921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2409
b2.php
view.webplexmedia.de/ Frame BB78 		740 B
595 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/b2.php?uid=945079468&e=0&s=0&p=0&w=728&h=90&sid=854&size=2
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/banner.php?uid=945079468&e=0&p=0&s=0&sid=854&size=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
517f644aff03e243be5e16123a6caa65f1f9b91100dac3bd9089f2eeec202d7d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dragonball-tube.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:30 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
b2.php
deliver.helpnation.de/ Frame 4F79 		249 B
353 B 		Document
General
Check archive.org
Download Go to
Full URL
https://deliver.helpnation.de/b2.php?uid=924994936&e=0&s=0&p=0&w=728&h=90&sid=4&size=2
Requested by
Host: deliver.helpnation.de
URL: https://deliver.helpnation.de/banner.php?uid=924994936&e=0&p=0&s=0&sid=4&size=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
fb370df72145d766239306c63c0c9e2b02d0d82c9889fdae4667eb7a7249a034
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dragonball-tube.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:30 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
jw.js
cee3f0doi1a2.de/ 		2 KB
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cee3f0doi1a2.de/jw.js?de=7HyJZH5uCVK0Sw63
Requested by
Host: deliver.helpnation.de
URL: https://deliver.helpnation.de/banner.php?uid=924994936&e=0&p=0&s=0&sid=4&size=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
3bc1f989c9129baa76e8a27f34d9e622da8c38aec236cebf30c8e1e48103196c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dragonball-tube.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
gzip
vary
Accept-Encoding
server
nginx
x-xss-protection
1; mode=block
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
text/javascript;charset=utf-8
news_bottom_ad.png
dragonball-tube.com/templates/startseite/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/startseite/news_bottom_ad.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1450e5fc1f894c08784e1eeffcbb628afade4c3a2737db160d0d13f559f94ee7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Fri, 06 Mar 2015 23:00:57 GMT
server
cloudflare
age
1962
etag
"54fa31a9-197d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCF0jopByRjtZ7ShestsuZVNsHxlyCkLdo2JF3JAx2CnG1a1wwc0sDCzgEHBKvl3FsddpFJ0k6FdJtSkp7OTkkMU9OyXXrTCJXMjay2ls3Bti9UgN7p3UPoR%2FSmvuw2FW080RwQF"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633858941921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6525
news_top1.png
dragonball-tube.com/templates/startseite/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/startseite/news_top1.png
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d24e8c9af57e3a15948d22b892b7c4937bfcfd7378e6d881e75b3dcfa2443a7f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Mar 2014 13:30:39 GMT
server
cloudflare
age
1962
etag
"532d907f-15a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smwZEVunKkX9WYVAbd5XdX77uR8HvKEReTYSfWeP1ZW8g49V7yaWN5%2BYWSG4a9PueOxGmGjDcl7Fxr0Ciwk3ocqCuriFTVh3wXNKlnpyg6Dr6tHc%2FdRRlcKvcg6nyrnsRPl18JAv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633858942921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5545
footer_bg.jpg
dragonball-tube.com/templates/caprica/images/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dragonball-tube.com/templates/caprica/images/footer_bg.jpg
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/templates/caprica/css/template2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0d09f55cae1a62d19fa7e49b14465aa41215dac2887bcf221e600113c7707b8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dragonball-tube.com/templates/caprica/css/template2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
last-modified
Sat, 09 Jun 2018 17:43:29 GMT
server
cloudflare
age
7029
etag
"5b1c11c1-692c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FujFRGsdIkb6kNF9dycRs2SWgfd9CUXAk7rXy7VKnXlhkj0lGsNJ6rlNUuxAcvJRi8XCZkoNeIFZROhZd56zsD%2FP%2BA1OWpPpdcuwtszDCJ9AO59PWkEXl3WnZ2%2FGf5y3wnLnyCA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
743633858943921f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26924
blank.gif
view.webplexmedia.de/ Frame 18C9 		43 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://view.webplexmedia.de/blank.gif
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=945079468&e=0&s=0&p=0&sid=854&size=4&referrer=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
5e709cf94bd75ce9f22e956e2e3f852350fdca2c27a1cf53d756fd0e0f08827b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://view.webplexmedia.de/in4.php?uid=945079468&e=0&s=0&p=0&sid=854&size=4&referrer=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
last-modified
Fri, 04 Dec 2020 00:56:47 GMT
server
nginx
etag
"5fc9894f-2b"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
43
x-xss-protection
1; mode=block
57fgjj6v.js
ad4m.at/ Frame 18C9 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/57fgjj6v.js
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=945079468&e=0&s=0&p=0&sid=854&size=4&referrer=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a2b3e41cf4d6b16ef89a098a6f72bc2a54a76ab63c02e14e617cba05cc4a38

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://view.webplexmedia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
97336
cf-polished
origSize=51099
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 10:41:11 GMT
server
cloudflare
etag
W/"d5f2cf8e554d28884c63541e94f6f7b9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGooukHWFKq6Y2%2FFvsv15gye%2FGz%2BRT9nS4q4W85Y7YUopKsS2sAcMR0rCk10431YBeS3OtLp50xOLs7tsfkaROAFVdDGugFEKlVeCXkVa1M8x%2FUdDmLXEaOEbejSH6eYEc3s3Zg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
expires
Tue, 23 Aug 2022 11:04:14 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
74363385efc75c50-FRA
cf-bgj
minify
/
news8.de/ Frame DD31
Redirect Chain
  • https://www.news8.de/
  • https://news8.de/
160 KB
161 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news8.de/
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=945079468&e=0&s=0&p=0&sid=854&size=4&referrer=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
7a04ecd654ddea0f1a13432ddd92ccd77be9b46d9a7ead225d66125810bbfc22
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://view.webplexmedia.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
max-age=86400
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:31 GMT
expires
Thu, 01 Sep 2022 13:44:31 GMT
last-modified
Wed, 31 Aug 2022 13:13:31 GMT
link
<https://news8.de/wp-json/>; rel="https://api.w.org/"
server
nginx
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=86400
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:30 GMT
expires
Thu, 01 Sep 2022 13:44:30 GMT
location
https://news8.de/
server
nginx
x-redirect-by
WordPress
x-xss-protection
1; mode=block
lg0.jpg
view.webplexmedia.de/ Frame BB78 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://view.webplexmedia.de/lg0.jpg
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=945079468&e=0&s=0&p=0&w=728&h=90&sid=854&size=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
last-modified
Fri, 04 Dec 2020 00:56:23 GMT
server
nginx
etag
"5fc98937-5de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
in4.php
view.webplexmedia.de/ Frame FE93 		727 B
597 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/in4.php?uid=945079468&e=0&s=0&p=0&sid=854&size=2&referrer=
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=945079468&e=0&s=0&p=0&w=728&h=90&sid=854&size=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
1d8fd12dc816835e256600e3042c355a78b7e2c5508a760002a1836e3fc59966
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:30 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
sdk.js
connect.facebook.net/de_DE/ 		303 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/de_DE/sdk.js?hash=cd53f38cafb65588e682d8249d86fe00
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
651d5a55b7bcafbfb592b0a4df1e6800f3b89d5b20acb8f1f680736bbc5316c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://dragonball-tube.com/
Origin
https://dragonball-tube.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
aIcMR1dK5cS4kT5tUvFC6A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88050
x-fb-rlafr
0
x-fb-debug
2lChgtCk2U3jJBBcn+i4zga8TAt6j01V8RI/t2HrwrYTiaFxCDc2rV7I1aRZsTQvOdZuX38hvKWLMwEDS47FMQ==
x-fb-content-md5
99918b147afebf39c0edb8782f018a32
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 31 Aug 2022 13:44:30 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"dea444bc15fa4e147b88250cfa7f4b6e"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 31 Aug 2023 12:35:36 GMT
in4.php
deliver.helpnation.de/ Frame 1FAC 		162 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://deliver.helpnation.de/in4.php?uid=924994936&e=0&s=0&p=0&sid=4&size=2&referrer=
Requested by
Host: deliver.helpnation.de
URL: https://deliver.helpnation.de/b2.php?uid=924994936&e=0&s=0&p=0&w=728&h=90&sid=4&size=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
dd5d2ece36f87b02e567fab75d9b97b2c49d04b3c6ee2c43e177622ee66fdd81
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:30 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
/
emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/ Frame 4B1C 		55 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Requested by
Host: deliver.helpnation.de
URL: https://deliver.helpnation.de/in4.php?uid=924994936&e=0&s=0&p=0&sid=4&size=2&referrer=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
89141fb02ca66a70d90ff804823dd662c99cee3ec72b5bc33f2e995a4ef76695
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://deliver.helpnation.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:30 GMT
link
<https://emmaglam.com/wp-json/>; rel="https://api.w.org/" <https://emmaglam.com/wp-json/wp/v2/posts/883>; rel="alternate"; type="application/json" <https://emmaglam.com/?p=883>; rel=shortlink
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-pingback
https://emmaglam.com/xmlrpc.php
x-xss-protection
1; mode=block
adition.js
imagesrv.adition.com/js/ Frame FE93 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=945079468&e=0&s=0&p=0&sid=854&size=2&referrer=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://view.webplexmedia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad4.adfarm1.adition.com/ Frame FE93 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=3974826
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=945079468&e=0&s=0&p=0&sid=854&size=2&referrer=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
9e3dbbcaf1d1cf4f9b9b1906e98073523fba93c63cf624aad7226f63ec1ad528

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://view.webplexmedia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 15:44:30 +0200
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
cache-control
max-age=600
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires
Sat, 01 Jan 2000 00:00:00 GMT
57fgjj6v.js
ad4m.at/ Frame FE93 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/57fgjj6v.js
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=945079468&e=0&s=0&p=0&sid=854&size=2&referrer=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a2b3e41cf4d6b16ef89a098a6f72bc2a54a76ab63c02e14e617cba05cc4a38

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://view.webplexmedia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
96843
cf-polished
origSize=51099
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 10:41:11 GMT
server
cloudflare
etag
W/"d5f2cf8e554d28884c63541e94f6f7b9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yklwZ6d0gt8BP00e4bWB78zjl09fp6LVWYOYOAWrQFN1EtqfVohXHS7ZWSbxrXPNTKLjAEW68vTocA87Psdyt4SsL8w4WyEJqqO4aBtxjjWpEN4PqIYP%2BAzGsCO6gOAAFS5vFls%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
expires
Tue, 23 Aug 2022 11:04:14 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
743633868ae191dd-FRA
cf-bgj
minify
frame.html
ad4m.at/ Frame D6CA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://view.webplexmedia.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
495559
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
743633868adf91dd-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 31 Aug 2022 13:44:30 GMT
expires
Thu, 25 Aug 2022 20:10:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRcEOQTcVnqxWNiF4RPfYdK4UONCz1WItKpNBUzpODjl%2BcyrtX9WghCpju6ymFtvyjZlZ3f7qwfCH8iUYNiVEWOugS7dK4Yq31qDMda3J7u5g4NgW3ouZAYOJ92MOuXMz1ZLBP0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
ref.cdnplus.de/ Frame 3C7F 		805 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ref.cdnplus.de/
Requested by
Host: cee3f0doi1a2.de
URL: https://cee3f0doi1a2.de/jw.js?de=7HyJZH5uCVK0Sw63
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
3aba1bb7563b4d5d171c2785219b3fc32f27f1e32bd108de504821180438429e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:30 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
/
c.blyatflix.de/nora/ Frame 270E 		0
197 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c.blyatflix.de/nora/?t=1661953470
Requested by
Host: cee3f0doi1a2.de
URL: https://cee3f0doi1a2.de/jw.js?de=7HyJZH5uCVK0Sw63
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:30 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
1616084
ad.a-ads.com/ Frame 8F2D 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1616084?size=300x250
Requested by
Host: cee3f0doi1a2.de
URL: https://cee3f0doi1a2.de/jw.js?de=7HyJZH5uCVK0Sw63
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.20.142 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.142.20.4.46.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
288387557bd23a78a62e6ebd3656487103b957a7b96cce672dfe0d26a6c0097f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 31 Aug 2022 13:44:30 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
antibot.mp3
de-c114.cdnplus.de/
Redirect Chain
  • https://thisis.aninter.net/
  • https://de-c114.cdnplus.de/antibot.mp3
131 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://de-c114.cdnplus.de/antibot.mp3
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
HTTP/1.0
Server
162.19.154.224 , France, ASN16276 (OVH, FR),
Reverse DNS
de-c114.cdnplus.de
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

icy-name
Hubu.FM | Radio Hunteburg
X-Clacks-Overhead
GNU Terry Pratchett
icy-br
128
icy-notice2
Shoutcast DNAS/posix(linux x64) v2.6.1.777<BR>
icy-url
https://hubu.fm
Access-Control-Allow-Origin
*
icy-genre
Misc, News
icy-sr
44100
icy-pub
1
Connection
close
Accept-Ranges
none
content-type
audio/mpeg
icy-notice1
<BR>This stream requires <a href="http://www.winamp.com">Winamp</a><BR>
Cache-Control
no-cache,no-store,must-revalidate,max-age=0

Redirect headers

location
https://de-c114.cdnplus.de/antibot.mp3
date
Wed, 31 Aug 2022 13:44:30 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.RCjy1Y8rVQI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-0tS5mCMNnYMxvdneyjgJLKOuvlg/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.RCjy1Y8rVQI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-0tS5mCMNnYMxvdneyjgJLKOuvlg/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a877d18de61f68a6bf3f8240fa730e23e2d80ffbc4b5e1293e5697dc6a585d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 00:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51176
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Aug 2023 00:51:06 GMT
/
www.facebook.com/login/ Frame 08C2
Redirect Chain
  • https://www.facebook.com/v2.12/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15ffdb793ed5ac%2...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fcon...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df15ffdb793ed5ac%2526domain%253Ddragonball-tube.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fdragonball-tube.com%25252Fff2ab2b7e0fd34%2526relation%253Dparent.parent%26container_width%3D290%26height%3D600%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FDragonballTube%26locale%3Dde_DE%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D280
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js?hash=cd53f38cafb65588e682d8249d86fe00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 31 Aug 2022 13:44:30 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
3Zk5ZyebQN9GcTBcZ8SsTFHFoIkvXZ3hiCEDZfTwn6iEAN53cCNJllL14lUE4BqsZUh5my4EKQ3pnI3dJjjxmA==
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Wed, 31 Aug 2022 13:44:30 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v8.0
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df15ffdb793ed5ac%2526domain%253Ddragonball-tube.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fdragonball-tube.com%25252Fff2ab2b7e0fd34%2526relation%253Dparent.parent%26container_width%3D290%26height%3D600%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FDragonballTube%26locale%3Dde_DE%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D280
pragma
no-cache
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-fb-debug
Y2gug5BMsRalTrjSmN7moJy/An2h4BdArLDTRkwL/NeT/Es0ENFtQc2yOJXa0pJWzBo0KyUiDU4NWdxRLlXfpw==
x-fb-rlafr
0
x-xss-protection
0
banner
ad4.adfarm1.adition.com/ Frame 2C6D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=3974826&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D945079468%26e%3D0%26s%3D0%26p%3D0%26sid%3D854%26size%3D2%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=0&wi=1980000899&ac=1&screen_res=6&wpt=H&clickurl=
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=3974826
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
2443d90558d9c645fadf3154ffeb61f5155b771da77a1b5db035e58100693139

Request headers

Referer
https://view.webplexmedia.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 31 Aug 2022 15:44:30 +0200
expires
Sat, 01 Jan 2000 00:00:00 GMT
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma
no-cache
server
ADITIONSERVER v1.0
57fgjj6v.js
ad4m.at/ Frame FE93 		50 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/57fgjj6v.js
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=945079468&e=0&s=0&p=0&sid=854&size=2&referrer=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a2b3e41cf4d6b16ef89a098a6f72bc2a54a76ab63c02e14e617cba05cc4a38

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://view.webplexmedia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
96843
cf-polished
origSize=51099
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 10:41:11 GMT
server
cloudflare
etag
W/"d5f2cf8e554d28884c63541e94f6f7b9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvxJ9u9dGOg06swrUozSU0H7xIueIlI9RAhmcfedMo4bWSN5rX6%2F2KdJym3t7E%2BwHx8v2UGClrbhKrtaTgewSxuqF2XVJkjLut9nZIfaQGFYkVvveT4Z%2BGgFNuYSoIbJTrhREuQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
expires
Tue, 23 Aug 2022 11:04:14 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
74363386eb5b91dd-FRA
cf-bgj
minify
frame.html
ad4m.at/ Frame C8A3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://view.webplexmedia.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
495559
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
74363386eb5f91dd-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 31 Aug 2022 13:44:30 GMT
expires
Thu, 25 Aug 2022 20:10:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Dos%2FLvNizRlbiIYdHAy%2FfpLPZO0H4MH9Pufi9lJ9j%2FDfY8%2BODLZTjRvAuR7QGXddfZ2xU5jMwOXs%2Behlmzn7g%2FZyQHgw9R7U15LnHnzKl6gIXnGww0RYhVdj6KO6b4voFDKxlw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
pahb_n.prod.js
imagesrv.adition.com/banners/268/xml/pa_static/pb/native/ Frame 2C6D 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=3974826&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D945079468%26e%3D0%26s%3D0%26p%3D0%26sid%3D854%26size%3D2%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=0&wi=1980000899&ac=1&screen_res=6&wpt=H&clickurl=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
c8a971105c9d001834b7d079ca4367c9084cda1a380a1cd1bac3a7444d668a95

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
last-modified
Sun, 10 Apr 2022 07:06:34 GMT
etag
"2466592594-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8271
rs
ad4m.at/ Frame FE93 		469 B
837 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ef0c91e24e85f74f1de1a411d3bae2418f53ef03a877c6ecf17431dcf8316db

Request headers

Referer
https://view.webplexmedia.de/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
743633879abb903d-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ucrs2Vtdaw1MHCse79%2FESQd1IDZKflPunBemrkOpwvjbndQ79u7JWOpgl3gFYy2ZxPs%2BXz7Uz4%2Fu0dbtfcx6gZKznLG9i8GsfIJZR8N0ixvLYkigLRTSx4MxKKp6VKIsIPDQCFY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://view.webplexmedia.de
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://view.webplexmedia.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://view.webplexmedia.de
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
743633874a4b903d-FRA
content-length
24
content-type
text/plain
date
Wed, 31 Aug 2022 13:44:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKAdVx1Y1gqwRXm2mf9lBhoHWOPIsMG7jP78uR80BC7N7pMayDC7OVOVDjHJkk4M1FzJnghFJVLHWN8XEebYdHv8tnKumIpOp6hLZFRVwB4Q5LwE6uiGx%2B5avaB1XXe5wYeI63c%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-h8v1
300x250
static.a-ads.com/a-ads-banners/117603/ Frame 8F2D 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/117603/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1616084?size=300x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.20.142 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.142.20.4.46.clients.your-server.de
Software
nginx /
Resource Hash
56979661e60a2854395bfa60af743f37f059f7974e404fa38fc459952b8b09b4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
last-modified
Sun, 19 Apr 2020 16:05:30 GMT
server
nginx
x-amz-request-id
50AR401RSDKQY061
etag
"e611891876c203f494097807a9a1ed33"
content-type
image/gif
cache-control
max-age=315360000
content-length
154540
accept-ranges
bytes
x-amz-version-id
MDRGnyw9kCruRlqmS7AytZ4Es5dbIgC4
x-amz-id-2
vmpDKt1j7BuMYPwZyZGnczekYgthWrbPcT90rxC9NTSPZW8shlJM1p5LJ822CFalNuciq6h0pvY=
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.css
imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/ Frame 2C6D 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/main.css
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
17c3d6c6eebe77883a37c8f031de1595950b60c3696674867c541b2f30e00c99

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
last-modified
Sun, 10 Apr 2022 06:57:40 GMT
etag
"3884677435-br"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
1337
prebid2.1.0.js
imagesrv.adition.com/banners/268/xml/pa_static/pb/prebid/ Frame 2C6D 		174 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/xml/pa_static/pb/prebid/prebid2.1.0.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
568dd1d03aaa979a84f4bb146bc456de281b39b3877dc0a5763d77fabc6fc34a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
last-modified
Sun, 10 Apr 2022 06:55:37 GMT
etag
"2555188002-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
48224
jquery.min.js
ref.cdnplus.de/ Frame 3C7F 		94 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ref.cdnplus.de/jquery.min.js
Requested by
Host: ref.cdnplus.de
URL: https://ref.cdnplus.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ref.cdnplus.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
gzip
last-modified
Thu, 26 May 2022 14:16:34 GMT
server
nginx
etag
W/"628f8bc2-1762a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Wed, 07 Sep 2022 13:44:30 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 2C6D 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220831
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/prebid/prebid2.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c9b554029c65838a20bb2a81de5bc4224a567c4552fc1bbd492f839f5fa3c67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ad4.adfarm1.adition.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
38608
x-jsd-version
1.0.1448
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19180-FRA, cache-iad-kiad7000165-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"669-WESKDVKNhQ4MfbD/8IqVDZ8P5Hg"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=voPQklNfROqeQVi7LwPBsW20irJLeW5CBFbGgTBKCrz5YEr%2BaTeIWXVZxx9vgR2g5mIfCnRNiaqKPnBrT%2FSo%2FnNAGQYXa5Dfzzw2dLGGDRL8hkinS%2FCDc56sk6Tqzz%2Br6BBKoAT6VVr%2BNPZBlYs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
7436338809c49259-FRA
access-control-expose-headers
*
cdb
bidder.criteo.com/ Frame 2C6D 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=16&wv=2.1.0&cb=87374499496
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/prebid/prebid2.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ad4.adfarm1.adition.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Aug 2022 13:44:29 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://ad4.adfarm1.adition.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 2C6D 		471 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/prebid/prebid2.1.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
feedef8ad246726b81ed4144f39e4f92af5537a2d9e06c55fa62a2aa465a35e3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ad4.adfarm1.adition.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 13:44:30 GMT
X-Proxy-Origin
95.211.199.155; 95.211.199.155; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
7c4c668a-9914-4825-bc1f-08d0c7dba143
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ad4.adfarm1.adition.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
471
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 4B1C 		165 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4176752718986875
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1155e976b92237ae79d6085a47ee840c47f14960b1e4da88297b9fb5ebfb0ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://emmaglam.com/
Origin
https://emmaglam.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57327
x-xss-protection
0
server
cafe
etag
523908488202798465
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 31 Aug 2022 13:44:30 GMT
style.min.css
emmaglam.com/wp-includes/css/dist/block-library/ Frame 4B1C 		87 KB
87 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://emmaglam.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
last-modified
Wed, 13 Jul 2022 01:59:20 GMT
server
nginx
etag
"62ce26f8-15b64"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
text/css
accept-ranges
bytes
content-length
88932
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ Frame 4B1C 		21 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Josefin+Sans%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CKarla%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CPT+Serif%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CPlayfair+Display%3A300%2C300i%2C400%2C400i%2C700%2C700i
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
edb6726c3fff1860799494fa30ffe3661c2527fec7263f75c43b7be211eaeb94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 13:23:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 31 Aug 2022 13:44:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Aug 2022 13:44:30 GMT
normalize.css
emmaglam.com/wp-content/themes/blake-von-hauer/css/ Frame 4B1C 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://emmaglam.com/wp-content/themes/blake-von-hauer/css/normalize.css?ver=6.0.2
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
d618a3a41f1fe2e4aacade7342bb5994e35f98557b4e3336c17a48da88e953e5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
last-modified
Tue, 24 Aug 2021 11:11:32 GMT
server
nginx
etag
"6124d3e4-1e75"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
text/css
accept-ranges
bytes
content-length
7797
x-xss-protection
1; mode=block
style.css
emmaglam.com/wp-content/themes/blake-von-hauer/ Frame 4B1C 		49 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://emmaglam.com/wp-content/themes/blake-von-hauer/style.css?ver=6.0.2
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
fd61b4726abb58bb90d2820f7026c087362c59327c56b357c3f7ce810a6ade59
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
last-modified
Tue, 24 Aug 2021 11:11:32 GMT
server
nginx
etag
"6124d3e4-c4d2"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
text/css
accept-ranges
bytes
content-length
50386
x-xss-protection
1; mode=block
font-awesome.min.css
emmaglam.com/wp-content/themes/blake-von-hauer/css/ Frame 4B1C 		28 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://emmaglam.com/wp-content/themes/blake-von-hauer/css/font-awesome.min.css?ver=4.6.3
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
1f4082bc4d525c198936b8e7b8bda99929537de890c143e5e35fca4ac23b2a26
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
last-modified
Tue, 24 Aug 2021 11:11:32 GMT
server
nginx
etag
"6124d3e4-7175"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
text/css
accept-ranges
bytes
content-length
29045
x-xss-protection
1; mode=block
jquery.bxslider.css
emmaglam.com/wp-content/themes/blake-von-hauer/css/ Frame 4B1C 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://emmaglam.com/wp-content/themes/blake-von-hauer/css/jquery.bxslider.css?ver=6.0.2
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
0593174ff4efdddac16bae8411b2c4cd61adbf920f4324ead464074ccc63917d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
last-modified
Tue, 24 Aug 2021 11:11:32 GMT
server
nginx
etag
"6124d3e4-f23"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
text/css
accept-ranges
bytes
content-length
3875
x-xss-protection
1; mode=block
responsive.css
emmaglam.com/wp-content/themes/blake-von-hauer/css/ Frame 4B1C 		12 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://emmaglam.com/wp-content/themes/blake-von-hauer/css/responsive.css?ver=6.0.2
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
125ca25dca8afb2c0c712f9d8fd2c86183d96cedb25e99617e74ad20879b7165
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
last-modified
Tue, 24 Aug 2021 11:11:32 GMT
server
nginx
etag
"6124d3e4-30de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
text/css
accept-ranges
bytes
content-length
12510
x-xss-protection
1; mode=block
slicknav.css
emmaglam.com/wp-content/themes/blake-von-hauer/css/ Frame 4B1C 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://emmaglam.com/wp-content/themes/blake-von-hauer/css/slicknav.css?ver=6.0.2
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
f690efa866e3c106311602fd8846c3140460fb1238f85424131ebe0c198d2591
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
last-modified
Tue, 24 Aug 2021 11:11:32 GMT
server
nginx
etag
"6124d3e4-8f8"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
text/css
accept-ranges
bytes
content-length
2296
x-xss-protection
1; mode=block
jquery.min.js
emmaglam.com/wp-includes/js/jquery/ Frame 4B1C 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emmaglam.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
last-modified
Tue, 24 Aug 2021 11:07:22 GMT
server
nginx
etag
"6124d2ea-15db1"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
application/javascript
accept-ranges
bytes
content-length
89521
x-xss-protection
1; mode=block
jquery-migrate.min.js
emmaglam.com/wp-includes/js/jquery/ Frame 4B1C 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emmaglam.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
last-modified
Tue, 24 Aug 2021 11:07:22 GMT
server
nginx
etag
"6124d2ea-2bd8"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
application/javascript
accept-ranges
bytes
content-length
11224
x-xss-protection
1; mode=block
wgpizbdq.js
ad4m.at/ Frame 4B1C 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/wgpizbdq.js
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9584f421fb06be52362782600272bf07739aae062c73e970d6dd1aeb3ebcfcf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
97304
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 10:41:47 GMT
server
cloudflare
etag
W/"ac60ade5ed7352595cc3030edbc5e415"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0%2FsVXCdEIlln5uZZ6cvQg8EAYnE8v4lEWBclLybBbaVr%2Bp3JgntJOz%2BlS3ouDxIR9Mim%2B364x0JHlgFfZyy6kQBhvrY74pd30TBthwmqL6L6oCnJ8GOXjR%2B2QkdysBSP3OPQK8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
expires
Tue, 23 Aug 2022 11:02:04 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
74363387dd0e91dd-FRA
cf-bgj
minify
zucchini-1040x1387.jpeg
emmaglam.com/wp-content/uploads/2021/08/ Frame 4B1C 		617 KB
618 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emmaglam.com/wp-content/uploads/2021/08/zucchini-1040x1387.jpeg
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
bf205569fe444f13084084efb6712517da6e6b59bbeafa2933fbb93bb1f7eda7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
last-modified
Tue, 24 Aug 2021 14:30:39 GMT
server
nginx
etag
"6125028f-9a582"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
632194
x-xss-protection
1; mode=block
modernizr.js
emmaglam.com/wp-content/themes/blake-von-hauer/js/ Frame 4B1C 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emmaglam.com/wp-content/themes/blake-von-hauer/js/modernizr.js?ver=6.0.2
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
b809efcc7fd9ea21ab5a028abfa4102480b42f33542962cb545b3b8ec9c9b6f6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
last-modified
Tue, 24 Aug 2021 11:11:32 GMT
server
nginx
etag
"6124d3e4-8f2"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
application/javascript
accept-ranges
bytes
content-length
2290
x-xss-protection
1; mode=block
jquery.fitvids.js
emmaglam.com/wp-content/themes/blake-von-hauer/js/ Frame 4B1C 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emmaglam.com/wp-content/themes/blake-von-hauer/js/jquery.fitvids.js?ver=6.0.2
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
1ac676f1c4a499cade859da1d11326a01fb3d99ebdec2d31aaac0ef8d387a834
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
last-modified
Tue, 24 Aug 2021 11:11:32 GMT
server
nginx
etag
"6124d3e4-b34"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
application/javascript
accept-ranges
bytes
content-length
2868
x-xss-protection
1; mode=block
jquery.bxslider.min.js
emmaglam.com/wp-content/themes/blake-von-hauer/js/ Frame 4B1C 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emmaglam.com/wp-content/themes/blake-von-hauer/js/jquery.bxslider.min.js?ver=6.0.2
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
f840acfbbd734f7355b50043ebdf0daade546a92763d0fcf9cadab92c1919265
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
last-modified
Tue, 24 Aug 2021 11:11:32 GMT
server
nginx
etag
"6124d3e4-4bd2"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
application/javascript
accept-ranges
bytes
content-length
19410
x-xss-protection
1; mode=block
burnhambox-bx.js
emmaglam.com/wp-content/themes/blake-von-hauer/js/ Frame 4B1C 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emmaglam.com/wp-content/themes/blake-von-hauer/js/burnhambox-bx.js?ver=6.0.2
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
bebbc1dd159904af1973d97ce32f0390a377f2e2f8692b1a23a86f6a1b0a2781
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
last-modified
Tue, 24 Aug 2021 11:11:32 GMT
server
nginx
etag
"6124d3e4-929"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
application/javascript
accept-ranges
bytes
content-length
2345
x-xss-protection
1; mode=block
burnhambox.js
emmaglam.com/wp-content/themes/blake-von-hauer/js/ Frame 4B1C 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emmaglam.com/wp-content/themes/blake-von-hauer/js/burnhambox.js?ver=6.0.2
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
8ad12eed523baa167f8090c7c10af10b527e2829a98e1510b95a57d105e490e6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
last-modified
Tue, 24 Aug 2021 11:11:32 GMT
server
nginx
etag
"6124d3e4-195a"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
application/javascript
accept-ranges
bytes
content-length
6490
x-xss-protection
1; mode=block
jquery.slicknav.min.js
emmaglam.com/wp-content/themes/blake-von-hauer/js/ Frame 4B1C 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emmaglam.com/wp-content/themes/blake-von-hauer/js/jquery.slicknav.min.js?ver=6.0.2
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
2b784d3e5c0e39e317b6f6298ea422ffec43793f96a9db00ce3765ca66cd87cd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
last-modified
Tue, 24 Aug 2021 11:11:32 GMT
server
nginx
etag
"6124d3e4-18f7"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
application/javascript
accept-ranges
bytes
content-length
6391
x-xss-protection
1; mode=block
wp-emoji-release.min.js
emmaglam.com/wp-includes/js/ Frame 4B1C 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emmaglam.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
last-modified
Wed, 25 May 2022 01:59:21 GMT
server
nginx
etag
"628d8d79-48b9"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
application/javascript
accept-ranges
bytes
content-length
18617
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 8697 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=34719%2C43766%2C179236&b=X97FzfrfPMba6H4HetqtpDKcQSMtXgRUJ%2CJ6zuzf5f1YGUBH6H7tptrgetxSdtbJrTX%2CJ6zuzf5f3xEGhBH6H7tpte3J6SxSdtbJrTX&f=e2Xh3fVfqKpcjHZHet2CVW5UwSbtxMYH1%2CGzXtBfpfER3hKHeHGtBC3grfZSjtekEFE%2CGzXtBfpfXVM3SKHeHGtBCrbERTZSjtekEFE&c=728&d=90&e=&g=a1ba059a84e1ae9fa7910ec301ccfcde%2F16504116802739112511&i=26474%2C24891%2C71657&j=41%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_MOBILE_728x90&r=1661953470676&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a954cc44c4a08b33c2983ac361b1217185444c8ef1cfa8d601bb971db22adb0b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://view.webplexmedia.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
743633884ba55c50-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 13:44:30 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
main.css
imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/ Frame 0DDB 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/main.css
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
17c3d6c6eebe77883a37c8f031de1595950b60c3696674867c541b2f30e00c99

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
last-modified
Sun, 10 Apr 2022 06:57:40 GMT
etag
"3884677435-br"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
1337
adition.js
imagesrv.adition.com/js/ Frame 0DDB 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad4.adfarm1.adition.com/ Frame 0DDB 		1 KB
1017 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=3974827&gdpr=0&gdpr_consent=&gdpr_pd=0&prf[hb_status]=nobid&clickurl=
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
507e02d477d02983ce54b4884eaa4d496d0f2b5dc42ca6c31536a6f9214329c6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/banner?sid=3974826&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D945079468%26e%3D0%26s%3D0%26p%3D0%26sid%3D854%26size%3D2%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=0&wi=1980000899&ac=1&screen_res=6&wpt=H&clickurl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 15:44:30 +0200
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
cache-control
max-age=600
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.css
imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/ Frame F113 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/main.css
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
17c3d6c6eebe77883a37c8f031de1595950b60c3696674867c541b2f30e00c99

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
last-modified
Sun, 10 Apr 2022 06:57:40 GMT
etag
"3884677435-br"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
1337
adition.js
imagesrv.adition.com/js/ Frame F113 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad4.adfarm1.adition.com/ Frame F113 		1 KB
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=3974828&gdpr=0&gdpr_consent=&gdpr_pd=0&prf[hb_status]=nobid&clickurl=
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
88863432041eb15b694a581c0ff863d6774de1b00167860811226a5312716464

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/banner?sid=3974826&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D945079468%26e%3D0%26s%3D0%26p%3D0%26sid%3D854%26size%3D2%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=0&wi=1980000899&ac=1&screen_res=6&wpt=H&clickurl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 15:44:30 +0200
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
cache-control
max-age=600
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.css
imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/ Frame 21FF 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/main.css
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
17c3d6c6eebe77883a37c8f031de1595950b60c3696674867c541b2f30e00c99

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
last-modified
Sun, 10 Apr 2022 06:57:40 GMT
etag
"3884677435-br"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
1337
adition.js
imagesrv.adition.com/js/ Frame 21FF 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad4.adfarm1.adition.com/ Frame 21FF 		1 KB
1017 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=3974829&gdpr=0&gdpr_consent=&gdpr_pd=0&prf[hb_status]=nobid&clickurl=
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
e8b74068f602cc56b217069f28c3ab0c1b6b0c339add33e3a15d6025dfe43380

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/banner?sid=3974826&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D945079468%26e%3D0%26s%3D0%26p%3D0%26sid%3D854%26size%3D2%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=0&wi=1980000899&ac=1&screen_res=6&wpt=H&clickurl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 15:44:30 +0200
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
cache-control
max-age=600
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.css
imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/ Frame 9D22 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/main.css
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
17c3d6c6eebe77883a37c8f031de1595950b60c3696674867c541b2f30e00c99

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
last-modified
Sun, 10 Apr 2022 06:57:40 GMT
etag
"3884677435-br"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
1337
adition.js
imagesrv.adition.com/js/ Frame 9D22 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad4.adfarm1.adition.com/ Frame 9D22 		1 KB
1015 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=3974830&gdpr=0&gdpr_consent=&gdpr_pd=0&prf[hb_status]=nobid&clickurl=
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
0445407612ef205a29cc84507a9ce72d60f631261f80fe5d009c97bb56659574

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/banner?sid=3974826&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D945079468%26e%3D0%26s%3D0%26p%3D0%26sid%3D854%26size%3D2%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=0&wi=1980000899&ac=1&screen_res=6&wpt=H&clickurl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 15:44:30 +0200
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
cache-control
max-age=600
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires
Sat, 01 Jan 2000 00:00:00 GMT
Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
fonts.gstatic.com/s/josefinsans/v25/ Frame 4B1C 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/josefinsans/v25/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CKarla%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CPT+Serif%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CPlayfair+Display%3A300%2C300i%2C400%2C400i%2C700%2C700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3701f4ae604d8fccb4ddca393e076a456aebfb06c1a9d94c1c13089293f55716
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://emmaglam.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 13:51:51 GMT
x-content-type-options
nosniff
age
258759
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26592
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:56:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 28 Aug 2023 13:51:51 GMT
fontawesome-webfont.woff2
emmaglam.com/wp-content/themes/blake-von-hauer/css/fonts/ Frame 4B1C 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://emmaglam.com/wp-content/themes/blake-von-hauer/css/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/wp-content/themes/blake-von-hauer/css/font-awesome.min.css?ver=4.6.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://emmaglam.com/wp-content/themes/blake-von-hauer/css/font-awesome.min.css?ver=4.6.3
Origin
https://emmaglam.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
last-modified
Tue, 24 Aug 2021 11:11:32 GMT
server
nginx
etag
"6124d3e4-118d8"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
application/octet-stream
accept-ranges
bytes
content-length
71896
x-xss-protection
1; mode=block
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ Frame 4B1C 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CKarla%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CPT+Serif%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CPlayfair+Display%3A300%2C300i%2C400%2C400i%2C700%2C700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://emmaglam.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 21:06:55 GMT
x-content-type-options
nosniff
age
146255
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35764
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:06:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 21:06:55 GMT
default.css
as.ad4m.at/ad/style/0.1.22/one-ad/ Frame 8697 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C43766%2C179236&b=X97FzfrfPMba6H4HetqtpDKcQSMtXgRUJ%2CJ6zuzf5f1YGUBH6H7tptrgetxSdtbJrTX%2CJ6zuzf5f3xEGhBH6H7tpte3J6SxSdtbJrTX&f=e2Xh3fVfqKpcjHZHet2CVW5UwSbtxMYH1%2CGzXtBfpfER3hKHeHGtBC3grfZSjtekEFE%2CGzXtBfpfXVM3SKHeHGtBCrbERTZSjtekEFE&c=728&d=90&e=&g=a1ba059a84e1ae9fa7910ec301ccfcde%2F16504116802739112511&i=26474%2C24891%2C71657&j=41%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_MOBILE_728x90&r=1661953470676&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=34719%2C43766%2C179236&b=X97FzfrfPMba6H4HetqtpDKcQSMtXgRUJ%2CJ6zuzf5f1YGUBH6H7tptrgetxSdtbJrTX%2CJ6zuzf5f3xEGhBH6H7tpte3J6SxSdtbJrTX&f=e2Xh3fVfqKpcjHZHet2CVW5UwSbtxMYH1%2CGzXtBfpfER3hKHeHGtBC3grfZSjtekEFE%2CGzXtBfpfXVM3SKHeHGtBCrbERTZSjtekEFE&c=728&d=90&e=&g=a1ba059a84e1ae9fa7910ec301ccfcde%2F16504116802739112511&i=26474%2C24891%2C71657&j=41%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_MOBILE_728x90&r=1661953470676&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
167749
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86775
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 29 Aug 2022 15:08:41 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
74363388cea891dd-FRA
cf-bgj
minify
E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 8697 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C43766%2C179236&b=X97FzfrfPMba6H4HetqtpDKcQSMtXgRUJ%2CJ6zuzf5f1YGUBH6H7tptrgetxSdtbJrTX%2CJ6zuzf5f3xEGhBH6H7tpte3J6SxSdtbJrTX&f=e2Xh3fVfqKpcjHZHet2CVW5UwSbtxMYH1%2CGzXtBfpfER3hKHeHGtBC3grfZSjtekEFE%2CGzXtBfpfXVM3SKHeHGtBCrbERTZSjtekEFE&c=728&d=90&e=&g=a1ba059a84e1ae9fa7910ec301ccfcde%2F16504116802739112511&i=26474%2C24891%2C71657&j=41%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_MOBILE_728x90&r=1661953470676&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
591052
cf-polished
qual=85, origFmt=jpeg, origSize=58124
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9782
last-modified
Fri, 08 Jul 2022 10:19:52 GMT
server
cloudflare
etag
"b4342e277c43aad9c5020a04564bfd1e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpvAHOupZypMBjfHFPp%2BBudhMRjyQ1VRfPTSNiqCx9Cck9Vtm3ef89SKecukeLhJOhRVJwBAfEvzUyhBJo0KJ5bzQn9GCts%2B%2Bc4IPSJ7eohmYvUGwFEgMF8GQZM8WPG99Saqo2SOJq57dOw0"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:30 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74363388ecb45c50-FRA
cf-bgj
imgq:85,h2pri
9BB8922D4DC6C9A36B8D83900BE3C417783CEBF3EB448A8A5E268471F12FE38D3472246CD214F7655C16CB473EE4650902292819B5437B86E630B9AE33E0BB1F
assets.ad4m.at/product_image/ Frame 8697 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/9BB8922D4DC6C9A36B8D83900BE3C417783CEBF3EB448A8A5E268471F12FE38D3472246CD214F7655C16CB473EE4650902292819B5437B86E630B9AE33E0BB1F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C43766%2C179236&b=X97FzfrfPMba6H4HetqtpDKcQSMtXgRUJ%2CJ6zuzf5f1YGUBH6H7tptrgetxSdtbJrTX%2CJ6zuzf5f3xEGhBH6H7tpte3J6SxSdtbJrTX&f=e2Xh3fVfqKpcjHZHet2CVW5UwSbtxMYH1%2CGzXtBfpfER3hKHeHGtBC3grfZSjtekEFE%2CGzXtBfpfXVM3SKHeHGtBCrbERTZSjtekEFE&c=728&d=90&e=&g=a1ba059a84e1ae9fa7910ec301ccfcde%2F16504116802739112511&i=26474%2C24891%2C71657&j=41%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_MOBILE_728x90&r=1661953470676&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a868642fa5a7a4692ff83f60cf0f26a6717c5d6a6cb6d550e798462a38a66880

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
585813
cf-polished
qual=85, origFmt=jpeg, origSize=151815
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68606
last-modified
Wed, 15 Sep 2021 13:52:46 GMT
server
cloudflare
etag
"a62d41b78511a9833569245cc89b9e75"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FUmUY3TUtoUbZ9JRQbWoJNjandpGCqq2vjF68k4%2Bk66ew3FCDz8N3OqkjHSq5I1fI5d7hVtG%2BqwCWZiqTZhVt%2BR%2Bc4BcnCm7qgl6LN17CDDJ9A9asfW7hBSLhanpcUNFQZw8s%2F668gXd5XO"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:30 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74363388eca35c50-FRA
cf-bgj
imgq:85,h2pri
view.aspx
pb.media01.eu/ Frame 8697
Redirect Chain
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidX97FzfrfPMba6H4HetqtpDKcQSMtXgRUJoneid__webplexmedia_advancedad_MOBILE_728x90&gdpr_consent=&gdpr=0&gdpr_...
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidX97FzfrfPMba6H4HetqtpDKcQSMtXgRUJoneid__webplexmedia_advancedad_MOBILE_728x90&action...
0
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidX97FzfrfPMba6H4HetqtpDKcQSMtXgRUJoneid__webplexmedia_advancedad_MOBILE_728x90&actionid=981741&produktid=&dt_url=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C43766%2C179236&b=X97FzfrfPMba6H4HetqtpDKcQSMtXgRUJ%2CJ6zuzf5f1YGUBH6H7tptrgetxSdtbJrTX%2CJ6zuzf5f3xEGhBH6H7tpte3J6SxSdtbJrTX&f=e2Xh3fVfqKpcjHZHet2CVW5UwSbtxMYH1%2CGzXtBfpfER3hKHeHGtBC3grfZSjtekEFE%2CGzXtBfpfXVM3SKHeHGtBCrbERTZSjtekEFE&c=728&d=90&e=&g=a1ba059a84e1ae9fa7910ec301ccfcde%2F16504116802739112511&i=26474%2C24891%2C71657&j=41%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_MOBILE_728x90&r=1661953470676&y=1&s=&z=0
Protocol
H2
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 31 Aug 2022 03:44:31 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET,POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 31 Aug 2022 13:44:31 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
5FD3C79B:8506_91EFC182:01BB_630F65BE_67E4B34:1F22C
X-IPLB-Instance
40028
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidX97FzfrfPMba6H4HetqtpDKcQSMtXgRUJoneid__webplexmedia_advancedad_MOBILE_728x90&actionid=981741&produktid=&dt_url=
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
4CF27F3A6A2F6D91C5A3622C8F01C9A26CFA811CA6347403820EFE1173CC3C68B9FBEA4FDD4B7737FA67797C095DA1E54C193B8458F430E3BCD6ACC6B33929DA
assets.ad4m.at/logo/ Frame 8697 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/4CF27F3A6A2F6D91C5A3622C8F01C9A26CFA811CA6347403820EFE1173CC3C68B9FBEA4FDD4B7737FA67797C095DA1E54C193B8458F430E3BCD6ACC6B33929DA
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C43766%2C179236&b=X97FzfrfPMba6H4HetqtpDKcQSMtXgRUJ%2CJ6zuzf5f1YGUBH6H7tptrgetxSdtbJrTX%2CJ6zuzf5f3xEGhBH6H7tpte3J6SxSdtbJrTX&f=e2Xh3fVfqKpcjHZHet2CVW5UwSbtxMYH1%2CGzXtBfpfER3hKHeHGtBC3grfZSjtekEFE%2CGzXtBfpfXVM3SKHeHGtBCrbERTZSjtekEFE&c=728&d=90&e=&g=a1ba059a84e1ae9fa7910ec301ccfcde%2F16504116802739112511&i=26474%2C24891%2C71657&j=41%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_MOBILE_728x90&r=1661953470676&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf109a2d05e13d300f3c97cd9aa2b384992564695380c09a8f3a2e7e9cb0201e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
584415
cf-polished
origFmt=png, origSize=51102
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34016
last-modified
Fri, 11 Sep 2020 12:41:45 GMT
server
cloudflare
etag
"b72205dba9a8fc2d6ba54cb26ab2bce2"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jew82GcDfx2qeOKtc1Q24MAJAy4DhEeSvJ%2F8p%2BSKHKf9%2BTrCsy6retSaLi9n0CGPR5MADNpaMzgyQVum%2FugSTTEylp0t48MCtogL75j%2BX159RE3Jr3D6DoEgM6xvk67ZIvREdBSsnV2mUpFx"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:30 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74363388eca75c50-FRA
cf-bgj
imgq:85,h2pri
D0B9541CF4E773D41DBC4ABCC9F6E672B34430F49375E17E41F087E6D1C801229BC513C607F51A81B070BEEF036EED35D1C1A6EBC0C47606BF42647C16A34FCE
assets.ad4m.at/product_image/ Frame 8697 		162 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/D0B9541CF4E773D41DBC4ABCC9F6E672B34430F49375E17E41F087E6D1C801229BC513C607F51A81B070BEEF036EED35D1C1A6EBC0C47606BF42647C16A34FCE
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C43766%2C179236&b=X97FzfrfPMba6H4HetqtpDKcQSMtXgRUJ%2CJ6zuzf5f1YGUBH6H7tptrgetxSdtbJrTX%2CJ6zuzf5f3xEGhBH6H7tpte3J6SxSdtbJrTX&f=e2Xh3fVfqKpcjHZHet2CVW5UwSbtxMYH1%2CGzXtBfpfER3hKHeHGtBC3grfZSjtekEFE%2CGzXtBfpfXVM3SKHeHGtBCrbERTZSjtekEFE&c=728&d=90&e=&g=a1ba059a84e1ae9fa7910ec301ccfcde%2F16504116802739112511&i=26474%2C24891%2C71657&j=41%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_MOBILE_728x90&r=1661953470676&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32b52bf758f52d20e796e3e41e7659aa55242f7cb2a1e67c3cec59ead1916572

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
588645
cf-polished
origFmt=png, origSize=247392
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
166070
last-modified
Thu, 17 Sep 2020 13:15:19 GMT
server
cloudflare
etag
"af15e6f9d7a2a43237c333b681f8c714"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UaTlkWdlrnTtT5k67G9xBnz8kZE8KnBFpwlA%2BPGc9ijsp217UyPhbNslQHbCj84D%2FpubdR1OWiXczvpd2x84CDruQpyEr5DiTxlfc59WEKtl%2Fx2Oqx1ctXIsEE%2FIvW6xoytQEVYLK4L55MBh"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:30 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74363388ecab5c50-FRA
cf-bgj
imgq:85,h2pri
879E320EDC5232CEBFEB05406BB265888C40387E9B1706739A3A2CFD3C5E737E203877BC4FED8BD7DC3C1D9BDCC13252FCEDBDD063083B2FF3675F8DCFB50B4D
assets.ad4m.at/logo/ Frame 8697 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/879E320EDC5232CEBFEB05406BB265888C40387E9B1706739A3A2CFD3C5E737E203877BC4FED8BD7DC3C1D9BDCC13252FCEDBDD063083B2FF3675F8DCFB50B4D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C43766%2C179236&b=X97FzfrfPMba6H4HetqtpDKcQSMtXgRUJ%2CJ6zuzf5f1YGUBH6H7tptrgetxSdtbJrTX%2CJ6zuzf5f3xEGhBH6H7tpte3J6SxSdtbJrTX&f=e2Xh3fVfqKpcjHZHet2CVW5UwSbtxMYH1%2CGzXtBfpfER3hKHeHGtBC3grfZSjtekEFE%2CGzXtBfpfXVM3SKHeHGtBCrbERTZSjtekEFE&c=728&d=90&e=&g=a1ba059a84e1ae9fa7910ec301ccfcde%2F16504116802739112511&i=26474%2C24891%2C71657&j=41%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_MOBILE_728x90&r=1661953470676&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54beccad9698cb4c45756d70f7c15fa146b4e4cfb4c6bdd34b0998a4c85a7ad4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
591288
cf-polished
origFmt=png, origSize=29551
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12700
last-modified
Tue, 01 Feb 2022 12:21:15 GMT
server
cloudflare
etag
"4919b4647060f47673d9ae71a885cf32"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivVx6N1Uaraa4KM9W%2FFu8EL0LY9n7Tw1Pgfnb00KYqKAwSV1Buu5EAENZL0m5VdnIwpF%2F4CE7K%2F52LFxEvht2ZYGGHM%2BWgH4Sy8XZt7iucS5nLM85fJCxiJKd1EO7OpWpVYK%2F0ZTGcfTsbON"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:30 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74363388ecae5c50-FRA
cf-bgj
imgq:85,h2pri
352CAB25A0D3E3320E2C6C22C08D8C4D7BBEFAC23ED87FB12286EC620ADFBEC6F4C91A6653E430C853C28E792269A5519D67B9C97C3A5C3D9E58138D5F479646
assets.ad4m.at/product_image/ Frame 8697 		403 KB
404 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/352CAB25A0D3E3320E2C6C22C08D8C4D7BBEFAC23ED87FB12286EC620ADFBEC6F4C91A6653E430C853C28E792269A5519D67B9C97C3A5C3D9E58138D5F479646
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C43766%2C179236&b=X97FzfrfPMba6H4HetqtpDKcQSMtXgRUJ%2CJ6zuzf5f1YGUBH6H7tptrgetxSdtbJrTX%2CJ6zuzf5f3xEGhBH6H7tpte3J6SxSdtbJrTX&f=e2Xh3fVfqKpcjHZHet2CVW5UwSbtxMYH1%2CGzXtBfpfER3hKHeHGtBC3grfZSjtekEFE%2CGzXtBfpfXVM3SKHeHGtBCrbERTZSjtekEFE&c=728&d=90&e=&g=a1ba059a84e1ae9fa7910ec301ccfcde%2F16504116802739112511&i=26474%2C24891%2C71657&j=41%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_MOBILE_728x90&r=1661953470676&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76f8f0c9cc435f09d8c0cb8dd8dd4a0cf67254928fecd7aefa5ee182cb95b571

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
584392
cf-polished
origFmt=png, origSize=683776
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
413072
last-modified
Tue, 01 Feb 2022 12:39:54 GMT
server
cloudflare
etag
"89c413851ca4f0b86078ace806d21da7"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VG8PHaLQ3Xrx8lnYVBGKh8Ws61S%2FEdTEmVMX00GddnRzKJtut9KbpsnEXmC0K60ftHKLPEFI5GsvAl86PARHW5m29t3CCHKcPtYdMgEC7K3VFcRB1jRHNxp8RYOIJ%2F%2FCN8zeWyNpxIzYTDYp"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:30 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74363388ecb25c50-FRA
cf-bgj
imgq:85,h2pri
wgpizbdq.js
ad4m.at/ Frame 4B1C 		36 KB
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/wgpizbdq.js
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9584f421fb06be52362782600272bf07739aae062c73e970d6dd1aeb3ebcfcf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
97304
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 10:41:47 GMT
server
cloudflare
etag
W/"ac60ade5ed7352595cc3030edbc5e415"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N7GBTWw2%2F7xY%2Fv3bSxMRGhTZaFUAQ%2B%2F2v2WAzVcPCMJVb6cRvVBTIHuyLqmtpPKlGrQwNM%2BrYp7F3SvMR9NjcjWQJgHFWab8eiyaAJu0sxOirtE46ZchZZXugB8y7BHgQYRjYw8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
expires
Tue, 23 Aug 2022 11:02:04 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
74363388dead91dd-FRA
cf-bgj
minify
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v17/ Frame 4B1C 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CKarla%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CPT+Serif%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CPlayfair+Display%3A300%2C300i%2C400%2C400i%2C700%2C700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://emmaglam.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:28:09 GMT
x-content-type-options
nosniff
age
584181
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32900
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:44:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Aug 2023 19:28:09 GMT
EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v17/ Frame 4B1C 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v17/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CKarla%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CPT+Serif%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CPlayfair+Display%3A300%2C300i%2C400%2C400i%2C700%2C700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://emmaglam.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 19:28:08 GMT
x-content-type-options
nosniff
age
584182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29492
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:29:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Aug 2023 19:28:08 GMT
qkBVXvYC6trAT7RQHt6e4Q.woff2
fonts.gstatic.com/s/karla/v23/ Frame 4B1C 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v23/qkBVXvYC6trAT7RQHt6e4Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CKarla%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CPT+Serif%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CPlayfair+Display%3A300%2C300i%2C400%2C400i%2C700%2C700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c89c795d21fe08b925ea2014adf779625a21310d4d6de59dbdeeafe98bbf62ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://emmaglam.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 03:52:14 GMT
x-content-type-options
nosniff
age
553936
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29876
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:36:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Aug 2023 03:52:14 GMT
matomo.js
tool.hubu.link/ Frame 4B1C
Redirect Chain
  • https://static.hubu.fm/matomo.js
  • https://tool.hubu.link/matomo.js
66 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tool.hubu.link/matomo.js
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol
H2
Server
2a01:4f8:212:29e0::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
50f4f5c78736b4b5eb13cf588426996e5dbd0391b1228e08e4b7ef35ad0d4459

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
content-encoding
gzip
last-modified
Fri, 05 Aug 2022 00:09:31 GMT
server
nginx
etag
W/"62ec5fbb-107b1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 31 Aug 2023 13:44:31 GMT

Redirect headers

location
https://tool.hubu.link/matomo.js
date
Wed, 31 Aug 2022 13:44:30 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-length
162
x-xss-protection
1; mode=block
content-type
text/html
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/ Frame 4B1C 		343 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4176752718986875&plah=emmaglam.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4176752718986875
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c392c23aff29f3624f3ae2d74139a1f9d694bec38c2aacf63a0c4bd691ab9c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123441
x-xss-protection
0
server
cafe
etag
8046845109733372676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 31 Aug 2022 13:44:30 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/ Frame 990E 		0
0
banner
ad4.adfarm1.adition.com/ Frame 0DDB 		19 B
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=3974827&adjsver=3&fvers=&iframe=1&ref=https%3A//ad4.adfarm1.adition.com/banner%3Fsid%3D3974826%26adjsver%3D3%26fvers%3D%26iframe%3D1%26ref%3D%26ro%3Dhttps%253A//view.webplexmedia.de/in4.php%253Fuid%253D945079468%2526e%253D0%2526s%253D0%2526p%253D0%2526sid%253D854%2526size%253D2%2526referrer%253D%26uao%3DMozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit/537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome/105.0.5195.52%2520Safari/537.36%26os%3D17%26browser%3D11%26userid%3D0%26wi%3D1980000899%26ac%3D1%26screen_res%3D6%26wpt%3DH%26clickurl%3D&ro=https%3A//ad4.adfarm1.adition.com/banner%3Fsid%3D3974826%26adjsver%3D3%26fvers%3D%26iframe%3D1%26ref%3D%26ro%3Dhttps%253A//view.webplexmedia.de/in4.php%253Fuid%253D945079468%2526e%253D0%2526s%253D0%2526p%253D0%2526sid%253D854%2526size%253D2%2526referrer%253D%26uao%3DMozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit/537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome/105.0.5195.52%2520Safari/537.36%26os%3D17%26browser%3D11%26userid%3D0%26wi%3D1980000899%26ac%3D1%26screen_res%3D6%26wpt%3DH%26clickurl%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=7138035801138921830&wi=111690897&ac=NaN&gdpr=0&gdpr_pd=0&screen_res=6&prf[hb_status]=nobid&wpt=J&clickurl=
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=3974827&gdpr=0&gdpr_consent=&gdpr_pd=0&prf[hb_status]=nobid&clickurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/banner?sid=3974826&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D945079468%26e%3D0%26s%3D0%26p%3D0%26sid%3D854%26size%3D2%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=0&wi=1980000899&ac=1&screen_res=6&wpt=H&clickurl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 15:44:30 +0200
server
ADITIONSERVER v1.0
etag
7138035801147837450
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
content-type
text/javascript
content-length
19
expires
Sat, 01 Jan 2000 00:00:00 GMT
banner
ad4.adfarm1.adition.com/ Frame F113 		19 B
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=3974828&adjsver=3&fvers=&iframe=1&ref=https%3A//ad4.adfarm1.adition.com/banner%3Fsid%3D3974826%26adjsver%3D3%26fvers%3D%26iframe%3D1%26ref%3D%26ro%3Dhttps%253A//view.webplexmedia.de/in4.php%253Fuid%253D945079468%2526e%253D0%2526s%253D0%2526p%253D0%2526sid%253D854%2526size%253D2%2526referrer%253D%26uao%3DMozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit/537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome/105.0.5195.52%2520Safari/537.36%26os%3D17%26browser%3D11%26userid%3D0%26wi%3D1980000899%26ac%3D1%26screen_res%3D6%26wpt%3DH%26clickurl%3D&ro=https%3A//ad4.adfarm1.adition.com/banner%3Fsid%3D3974826%26adjsver%3D3%26fvers%3D%26iframe%3D1%26ref%3D%26ro%3Dhttps%253A//view.webplexmedia.de/in4.php%253Fuid%253D945079468%2526e%253D0%2526s%253D0%2526p%253D0%2526sid%253D854%2526size%253D2%2526referrer%253D%26uao%3DMozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit/537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome/105.0.5195.52%2520Safari/537.36%26os%3D17%26browser%3D11%26userid%3D0%26wi%3D1980000899%26ac%3D1%26screen_res%3D6%26wpt%3DH%26clickurl%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=7138035801138921830&wi=111690897&ac=NaN&gdpr=0&gdpr_pd=0&screen_res=6&prf[hb_status]=nobid&wpt=J&clickurl=
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=3974828&gdpr=0&gdpr_consent=&gdpr_pd=0&prf[hb_status]=nobid&clickurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/banner?sid=3974826&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D945079468%26e%3D0%26s%3D0%26p%3D0%26sid%3D854%26size%3D2%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=0&wi=1980000899&ac=1&screen_res=6&wpt=H&clickurl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 15:44:30 +0200
server
ADITIONSERVER v1.0
etag
7138035801147902986
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
content-type
text/javascript
content-length
19
expires
Sat, 01 Jan 2000 00:00:00 GMT
banner
ad4.adfarm1.adition.com/ Frame 21FF 		19 B
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=3974829&adjsver=3&fvers=&iframe=1&ref=https%3A//ad4.adfarm1.adition.com/banner%3Fsid%3D3974826%26adjsver%3D3%26fvers%3D%26iframe%3D1%26ref%3D%26ro%3Dhttps%253A//view.webplexmedia.de/in4.php%253Fuid%253D945079468%2526e%253D0%2526s%253D0%2526p%253D0%2526sid%253D854%2526size%253D2%2526referrer%253D%26uao%3DMozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit/537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome/105.0.5195.52%2520Safari/537.36%26os%3D17%26browser%3D11%26userid%3D0%26wi%3D1980000899%26ac%3D1%26screen_res%3D6%26wpt%3DH%26clickurl%3D&ro=https%3A//ad4.adfarm1.adition.com/banner%3Fsid%3D3974826%26adjsver%3D3%26fvers%3D%26iframe%3D1%26ref%3D%26ro%3Dhttps%253A//view.webplexmedia.de/in4.php%253Fuid%253D945079468%2526e%253D0%2526s%253D0%2526p%253D0%2526sid%253D854%2526size%253D2%2526referrer%253D%26uao%3DMozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit/537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome/105.0.5195.52%2520Safari/537.36%26os%3D17%26browser%3D11%26userid%3D0%26wi%3D1980000899%26ac%3D1%26screen_res%3D6%26wpt%3DH%26clickurl%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=7138035801138921830&wi=111690897&ac=NaN&gdpr=0&gdpr_pd=0&screen_res=6&prf[hb_status]=nobid&wpt=J&clickurl=
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=3974829&gdpr=0&gdpr_consent=&gdpr_pd=0&prf[hb_status]=nobid&clickurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/banner?sid=3974826&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D945079468%26e%3D0%26s%3D0%26p%3D0%26sid%3D854%26size%3D2%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=0&wi=1980000899&ac=1&screen_res=6&wpt=H&clickurl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 15:44:30 +0200
server
ADITIONSERVER v1.0
etag
7138035801147968522
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
content-type
text/javascript
content-length
19
expires
Sat, 01 Jan 2000 00:00:00 GMT
banner
ad4.adfarm1.adition.com/ Frame 9D22 		19 B
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=3974830&adjsver=3&fvers=&iframe=1&ref=https%3A//ad4.adfarm1.adition.com/banner%3Fsid%3D3974826%26adjsver%3D3%26fvers%3D%26iframe%3D1%26ref%3D%26ro%3Dhttps%253A//view.webplexmedia.de/in4.php%253Fuid%253D945079468%2526e%253D0%2526s%253D0%2526p%253D0%2526sid%253D854%2526size%253D2%2526referrer%253D%26uao%3DMozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit/537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome/105.0.5195.52%2520Safari/537.36%26os%3D17%26browser%3D11%26userid%3D0%26wi%3D1980000899%26ac%3D1%26screen_res%3D6%26wpt%3DH%26clickurl%3D&ro=https%3A//ad4.adfarm1.adition.com/banner%3Fsid%3D3974826%26adjsver%3D3%26fvers%3D%26iframe%3D1%26ref%3D%26ro%3Dhttps%253A//view.webplexmedia.de/in4.php%253Fuid%253D945079468%2526e%253D0%2526s%253D0%2526p%253D0%2526sid%253D854%2526size%253D2%2526referrer%253D%26uao%3DMozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit/537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome/105.0.5195.52%2520Safari/537.36%26os%3D17%26browser%3D11%26userid%3D0%26wi%3D1980000899%26ac%3D1%26screen_res%3D6%26wpt%3DH%26clickurl%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=7138035801138921830&wi=111690897&ac=NaN&gdpr=0&gdpr_pd=0&screen_res=6&prf[hb_status]=nobid&wpt=J&clickurl=
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=3974830&gdpr=0&gdpr_consent=&gdpr_pd=0&prf[hb_status]=nobid&clickurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/banner?sid=3974826&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D945079468%26e%3D0%26s%3D0%26p%3D0%26sid%3D854%26size%3D2%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=0&wi=1980000899&ac=1&screen_res=6&wpt=H&clickurl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 15:44:30 +0200
server
ADITIONSERVER v1.0
etag
7138035801148034058
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
content-type
text/javascript
content-length
19
expires
Sat, 01 Jan 2000 00:00:00 GMT
link.html
track.webgains.com/ Frame 8697 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3118461&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k3v2v5grpmzaw2n6ywsypxaqf8e86pwsw3gnrrr7ebgarpykg3ab98fab01ft3drv1611fgqne133wexvzan5qt3wfzmxrfecpwv6ns5gsqw92qzyd18w9572a7fcsed34243dtsabqeeccrmxjx5qv0v7ca23b62nss9j6426ry3w1zg1a0ra28kde5xqxt4sn4q24vtr5skchcmzhdh19jw30fdkzj20ha32x1hm8446sc3cdfkc1qmz17b30hrz6m%26a%3D&clickref=oneidGzXtBfpfER3hKHeHGtBC3grfZSjtekEFEoneid__webplexmedia_advancedad_MOBILE_728x90&viewref=oneidJ6zuzf5f1YGUBH6H7tptrgetxSdtbJrTXoneid__webplexmedia_advancedad_MOBILE_728x90
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C43766%2C179236&b=X97FzfrfPMba6H4HetqtpDKcQSMtXgRUJ%2CJ6zuzf5f1YGUBH6H7tptrgetxSdtbJrTX%2CJ6zuzf5f3xEGhBH6H7tpte3J6SxSdtbJrTX&f=e2Xh3fVfqKpcjHZHet2CVW5UwSbtxMYH1%2CGzXtBfpfER3hKHeHGtBC3grfZSjtekEFE%2CGzXtBfpfXVM3SKHeHGtBCrbERTZSjtekEFE&c=728&d=90&e=&g=a1ba059a84e1ae9fa7910ec301ccfcde%2F16504116802739112511&i=26474%2C24891%2C71657&j=41%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_MOBILE_728x90&r=1661953470676&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
df8483ffa43afa35b105e2d83477b94e528490fc8b8dd9e19c95ab86cfd126cc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Wed, 31 Aug 2022 13:44:31 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 13:45:31 GMT
link.html
track.webgains.com/ Frame 8697 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=4019511&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kcn7my9w50j78zcvdxq7cvkfbdg7fyk3sbjzxj3grceax081eh0ebrafbfaaaqbdq01y525m9r247ccc9vx1cx0nberws40brawxtprkb2763pkz7ac7rzqtwbry8fcage52an60qp7fqs452rktr70dsj1905nfkjjdpkypxvf24ndfv4jkzxsh7q6yk40awzw5f2nvrd7p9ft5jg6tcavfjz99bzvj6zxm1vhstrma1cv9bat2ep76dyphh0mqz7jx68%26a%3D&clickref=oneidGzXtBfpfXVM3SKHeHGtBCrbERTZSjtekEFEoneid__webplexmedia_advancedad_MOBILE_728x90&viewref=oneidJ6zuzf5f3xEGhBH6H7tpte3J6SxSdtbJrTXoneid__webplexmedia_advancedad_MOBILE_728x90
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C43766%2C179236&b=X97FzfrfPMba6H4HetqtpDKcQSMtXgRUJ%2CJ6zuzf5f1YGUBH6H7tptrgetxSdtbJrTX%2CJ6zuzf5f3xEGhBH6H7tpte3J6SxSdtbJrTX&f=e2Xh3fVfqKpcjHZHet2CVW5UwSbtxMYH1%2CGzXtBfpfER3hKHeHGtBC3grfZSjtekEFE%2CGzXtBfpfXVM3SKHeHGtBCrbERTZSjtekEFE&c=728&d=90&e=&g=a1ba059a84e1ae9fa7910ec301ccfcde%2F16504116802739112511&i=26474%2C24891%2C71657&j=41%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_MOBILE_728x90&r=1661953470676&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
a4a877a5aa1e7da5c9913c955ebc1a731e1bf8728d7e6207cf0ed05a13219614

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Wed, 31 Aug 2022 13:44:31 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 13:45:31 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/ Frame 990E 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/zrt_lookup.html
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/wp-content/themes/blake-von-hauer/js/burnhambox.js?ver=6.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://emmaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
1114
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 13:25:56 GMT
etag
8616628553774171045
expires
Wed, 14 Sep 2022 13:25:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
frame.html
ad4m.at/ Frame 853E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://emmaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
495559
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
743633897fc391dd-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 31 Aug 2022 13:44:30 GMT
expires
Thu, 25 Aug 2022 20:10:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mB6SFzcHdGcNv7MmCrdKtbctT8XRnPu8Z1H01ZDW2WZdjIlk6avcFkBiWz9%2Fcv7Sml16JbvcVFiTBaxdDbRB5nIUSfyQjz4SrMAIvAtqcT3E3QOhQtfSq1%2BscmJRJl7bqStxqWc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame 3393 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://emmaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
495559
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
743633897fc591dd-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 31 Aug 2022 13:44:30 GMT
expires
Thu, 25 Aug 2022 20:10:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhPWY6R51TVIvg0dkZEEZZ0R5SSxVY52RfTA9WCxZwWDZ0gSw8bIUlu4h8VrEtpjaSikMICUC0sDn7mIm0efYe4%2B%2BSF0Hykg7letWHg%2BOAovlmNJZHhi5%2FklJPjblp1EsTMNSfM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame AD12 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://emmaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
495559
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
743633898fca91dd-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 31 Aug 2022 13:44:30 GMT
expires
Thu, 25 Aug 2022 20:10:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jed7J7sedEaujBilf5wONVm632kwpLeEB%2B1BDYoScMNTOIORusZK4tLyTrRsD8oJyvvKlMAfNv3ytd5h9v0hG6Ld9Umw9YpROHGIyOKMMyNr8L0%2FpxF1av9IBgiiCMiAFFCMMWc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame 465C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://emmaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
495559
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
743633898fcd91dd-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 31 Aug 2022 13:44:30 GMT
expires
Thu, 25 Aug 2022 20:10:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZEccvQQo4J9JQTJ1KNzLzQfbBwfaCPo8vJy2eEvu0oeA3p5LPPN8e9fK8ZVbQm6raMXNzeF4JbUFTcHWI9baAEYjXrzmgr4QDfMCy3tTrHhopm%2BMeJZ%2BOsOWTVed3P91fijO1s%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame A119 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://emmaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
495559
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
743633898fd291dd-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 31 Aug 2022 13:44:30 GMT
expires
Thu, 25 Aug 2022 20:10:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WyT6gIMgVftwVZAAxoQylepbek4XYY4uyvY5WO4zrzhRJn%2BAXCLkSQGUlZ8%2F7RK4a6CmlzBW50g9Niac6fyLr9zCx%2B8hiNvDwd4QwlO63%2FeP9VAVnCrgsZHbXYR%2BnyelAopseSQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame 5F70 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://emmaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
495559
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
743633898fd691dd-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 31 Aug 2022 13:44:30 GMT
expires
Thu, 25 Aug 2022 20:10:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3S2lHbNAcX%2BSZGx4Lla0ozTH59RvBrRXuXvoifZP9ppc3vtHS4nK60HPozSI4jQBezgEqyx3DUpqgujJ9EZhf0q6QlndM7SeWqoKRt%2FPHdGodUpbdUUYBsmxDRZVzdRnzW8PEUg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame 5A92 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://emmaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
495559
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
743633898fd991dd-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 31 Aug 2022 13:44:30 GMT
expires
Thu, 25 Aug 2022 20:10:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2%2FQpSNoZzz7U6DzeLdtbRu7GTUdK10UbfTKC9Q1hUWB%2F0JQmCp%2Bh6c1OVAL056ecZ4JbGLCnCUBRG%2BxntSoaWLfFMPXBa0uXxfdSihNn%2BRT%2F2LMKWk2ROJHWIkMt2sB4FOQDmQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rs
ad4m.at/ Frame 4B1C 		463 B
847 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2e462fb4793b1280b2104fe762b58e2f6c6f86027e2e7f9779c0759e3ba9cb0

Request headers

Referer
https://emmaglam.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7436338a7ed1903d-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwYvgcv%2FhjSiaca0d9iM1FqntZc9kCoQJdufOM43fMGZdIo6tOJXVG973EkDarLp%2FYldyq%2Bqr5cNCJCO945S7nu%2BTbTvxdb%2FuI30VGmfS3qRBUAELHepOSKLPhFx7id48jq3ql0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://emmaglam.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 4B1C 		468 B
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74ecfd9eea177eec3310924ebc059a5f5ad1834a9deeed26b349384a8b883da9

Request headers

Referer
https://emmaglam.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7436338a7ecd903d-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7dM0tHELjMJO4YgN%2B52vqDlMGV%2Fff2ujBRU41q%2BEE9WNztL3Pz79w8Zq4mgngiauRDcMpXmdVanwc%2Fz1uO%2By97OuZYAdQ%2B0IHv3BvixrX7KLrtiEyaqytNNdgSSUHU85UKo3k0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://emmaglam.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 4B1C 		460 B
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83f7a89635aca73ac121457b26bc1c359a29449f19e304bf33ab4c13f3a89892

Request headers

Referer
https://emmaglam.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7436338a7ed4903d-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zY910ag3%2FjIi11hviu4x7MmzuAXCcUcW5iPQyDo1%2FMFCtecCd66Npm0ixt6sO8aX1Bs3XaCOmNzVO3VrZCGSKBhCmQkvPPDKuWeZZOIGTH7oMgYjfye%2BUGU%2FSkSVXlXryKB8ztY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://emmaglam.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://emmaglam.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://emmaglam.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7436338a3e5b903d-FRA
content-length
24
content-type
text/plain
date
Wed, 31 Aug 2022 13:44:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjBBw2H9L%2BNGBNrXqzYfoMg0%2BY4Q7lhfeAY4reRB2D69nBxWl5OuNGNuiN0HpgxgvpTYB%2FStRcPus8TRK5KFdbN4PFqiOUJCQmkQOofWlFjFWjezOmxf6474g7nYr3FCY1WGIOI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://emmaglam.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://emmaglam.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7436338a3e5e903d-FRA
content-length
24
content-type
text/plain
date
Wed, 31 Aug 2022 13:44:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yydnf8nx5Iu3f%2FJ5r%2BzkzykzBpTPdxdDp74CBdIUPlYHq7u5fy3PILwF8NRU96%2B4BE9rK6h39V3m4wdFxWGxr3q1R0fmJLDzBjxzy56ajfJllOhMwXAjXzZevqY%2B6onKlJTlJpM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 4B1C 		458 B
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4670ec81856e44cc664ff12f9bd1d29ba564aa63d3354e6e01381f3eb55d0ee4

Request headers

Referer
https://emmaglam.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7436338a7ed2903d-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJyxlutnwOXRZkSTl7%2BKIoi643IutHHx6FBrr1%2Bni7WKhMl7TO2DtDRoCj2A696kDHFIQ5z%2BglFisUajLfRb6orQTlnNF0j046VeAGYn7ZVhDMC%2Bqe46pOQ631oHeZDl7Eb24Kc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://emmaglam.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 4B1C 		462 B
856 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0e76d6c389d3dd02a77fff1733aa635da50594ce724b552f99adca798604743

Request headers

Referer
https://emmaglam.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7436338a7ed5903d-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmEyDCWyzF%2FiMKxL%2F2PG%2BPO9bDH7ca4sAxmD7l4QIXD%2FT2iYKCS%2FYNMYm%2BvHu363%2F7TztVxNBzBsDiO4JbS5w2183RrQKQd%2FCR%2BYCAVR6tyIPuDHFSsW2X04c5E3YuE9wQz0zUE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://emmaglam.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://emmaglam.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://emmaglam.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7436338a3e60903d-FRA
content-length
24
content-type
text/plain
date
Wed, 31 Aug 2022 13:44:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88Nd%2BlISWCAaSWqbD%2FpbIjr80AM75%2BXyLoxxJQ%2BLsCnfAbyZy9erJuBufb6Rjpal7IQ7r8Rm181IfV1XiVH3pkuw7e5nQGya7kdo6dcZzbSio8QPvfLvaEulqGrU7LF0tLN02eY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://emmaglam.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://emmaglam.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7436338a3e61903d-FRA
content-length
24
content-type
text/plain
date
Wed, 31 Aug 2022 13:44:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4vCpMOS%2BKKqt6HOxqn6UH4FeOoEroXwLvfyJ5DwluDrDWctyQ1ITEDx4lVOAUITaSYCZrUDJ1dJjzoJs3lKJArTJEhExkHJuA5v%2Bp72soTRwq89%2BTDkRy33JJ2TQK4aYEQpsFw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 4B1C 		462 B
843 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
462e9d73985031bfce27c38ce1a7c8325e374e622cafa542045a8daa1c03fffe

Request headers

Referer
https://emmaglam.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7436338a7ed3903d-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AxZJPXXZF0uiz%2FLTKLPto0AoV%2F0cz7yLORJxZGzhSWGGH3KseaYUT9HNf5FFwk7qkiehp1fXaEz1eftIxMBEAsdrB2v7r0nSeAgl02Wnx0oWyrXPGq0wyMhMD9OnuFVaUN9rsAA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://emmaglam.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://emmaglam.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://emmaglam.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7436338a3e63903d-FRA
content-length
24
content-type
text/plain
date
Wed, 31 Aug 2022 13:44:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLwP7hHGjs6ANOeCnx25c8TIDriCKYJgXwqCPxh1lnius9vUVDiWaqd0%2BGVF56MEUdifG1lTTzxhGuOBrC3zHB2b1wfheO%2FDbWmJr1BMKR6hNtk6hActYgFo2KlA%2BHuY76WPnQM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://emmaglam.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://emmaglam.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7436338a3e64903d-FRA
content-length
24
content-type
text/plain
date
Wed, 31 Aug 2022 13:44:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZFeyRUjbeD%2Fm%2BTAO5oXug%2BZt2xYKYf2S6843nh9zF9V6Msnsr1ikZfG3XG5nAPyECiki0ha4MDBXe37ILTJ0DcPIsyVwM%2BLKmBfBEXggP%2Bntfu%2FtKopLhB354gvGX%2FzmzyXNqc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-h8v1
pvClk.min.js
analytics.webgains.io/ Frame 8697 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=4019511&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kcn7my9w50j78zcvdxq7cvkfbdg7fyk3sbjzxj3grceax081eh0ebrafbfaaaqbdq01y525m9r247ccc9vx1cx0nberws40brawxtprkb2763pkz7ac7rzqtwbry8fcage52an60qp7fqs452rktr70dsj1905nfkjjdpkypxvf24ndfv4jkzxsh7q6yk40awzw5f2nvrd7p9ft5jg6tcavfjz99bzvj6zxm1vhstrma1cv9bat2ep76dyphh0mqz7jx68%26a%3D&clickref=oneidGzXtBfpfXVM3SKHeHGtBCrbERTZSjtekEFEoneid__webplexmedia_advancedad_MOBILE_728x90&viewref=oneidJ6zuzf5f3xEGhBH6H7tpte3J6SxSdtbJrTXoneid__webplexmedia_advancedad_MOBILE_728x90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 05:03:56 GMT
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 13:40:24 GMT
server
AmazonS3
age
31236
etag
"42f12532a1be9c2d028e26e9b82a99a2"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
FRA60-P4
content-length
86537
x-amz-cf-id
0rV3gqJwz6zXxM2v2eg7qLgtVRRj1sdRHMw-G5fc_tkPQLBdxKv7Ew==
1643904440_Yb127R2bfg8Ke8W2GmtcLa7soA0HMG4d.png
cdn.track.production.webgains.team/282615/ Frame 8697 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/282615/1643904440_Yb127R2bfg8Ke8W2GmtcLa7soA0HMG4d.png?Expires=1661953771&Signature=npNxrjh7zgUTOB2lgUMNw3-321KnrwTIvQsgtFupaBSJerdgJTO4jxc0EzR7D627uQlL9cqe6H--LuUh823Ax4Sp9ukmEEFFP42VLHQajmtSqzroNWeq9kxDFnQKZDaJXFJsHwRwGridD3ZHwDK7PlleRlhGoC5yogTMBYb5GRoqSGpVbApvH9UFwcGq8ueIU~Pb59lvBUpmubXJxLXrr2~1MI2MzppiZ6cuR7qlwi~9y9vcalyMAPRYWrde08cxUwORXBlIBP5H0Wn0a7KZleOqWbFrjLM5edb4kTu5ANQotWW5WIfh1Sgv7~fdKUfs7lVHO1NZgTrW99e0dT2asg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C43766%2C179236&b=X97FzfrfPMba6H4HetqtpDKcQSMtXgRUJ%2CJ6zuzf5f1YGUBH6H7tptrgetxSdtbJrTX%2CJ6zuzf5f3xEGhBH6H7tpte3J6SxSdtbJrTX&f=e2Xh3fVfqKpcjHZHet2CVW5UwSbtxMYH1%2CGzXtBfpfER3hKHeHGtBC3grfZSjtekEFE%2CGzXtBfpfXVM3SKHeHGtBCrbERTZSjtekEFE&c=728&d=90&e=&g=a1ba059a84e1ae9fa7910ec301ccfcde%2F16504116802739112511&i=26474%2C24891%2C71657&j=41%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_MOBILE_728x90&r=1661953470676&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05986b69288b07065d07201e63bf605a6ba437b02084aef791b2f21e7213d50d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:37:48 GMT
server
AmazonS3
age
39186
etag
"9ec00e4179fcd66db18c10990a7de557"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Wed, 31 Aug 2022 02:51:28 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
1668
x-amz-cf-id
Qh-Pggzcdm0pKYrYXAZkW5L0Sl7vvE0IBsstkJ7oas5cGus-KzaDzw==
1582620939_hyJLsMcTw9BzW5wi63bmu5EBCIosJqdB.jpeg
cdn.track.production.webgains.team/273165/ Frame 8697 		210 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/273165/1582620939_hyJLsMcTw9BzW5wi63bmu5EBCIosJqdB.jpeg?Expires=1661953771&Signature=lHN7RkmV1pfHMxoe1EW4~9gzXNDW-TIBu37~LjNHSQOfSO92cprG5vItRzy7hVCk2m3vb1SKHoG9D~MNizFxK7xGwPS6wWaYniRud5mEsGFTPsp7MknoIsMvfcLVda7xuQzjyOMSczgxnMwkGgiN4Z1XNLo4SZCo7jsqDOOXZj6n7h4-HvPoAH2FgZRILM1vEyMmm6y7etdbx8zFRts3HRBDEYkXsumWPrziT215N~gokpHvoOK9vdWomdUNH0HmJsjoT098FXIyshqsywTTzVbA3jS7MzF15B1qyghIn2XK1041YI1f3MqEm7aDMYMC7lxurHvSRrO5ThS5r1YXPA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C43766%2C179236&b=X97FzfrfPMba6H4HetqtpDKcQSMtXgRUJ%2CJ6zuzf5f1YGUBH6H7tptrgetxSdtbJrTX%2CJ6zuzf5f3xEGhBH6H7tpte3J6SxSdtbJrTX&f=e2Xh3fVfqKpcjHZHet2CVW5UwSbtxMYH1%2CGzXtBfpfER3hKHeHGtBC3grfZSjtekEFE%2CGzXtBfpfXVM3SKHeHGtBCrbERTZSjtekEFE&c=728&d=90&e=&g=a1ba059a84e1ae9fa7910ec301ccfcde%2F16504116802739112511&i=26474%2C24891%2C71657&j=41%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_MOBILE_728x90&r=1661953470676&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3f5311847d8fbac94a3d572938dea0a268ca1ff1fc18f6dad8b5bb9ff16a243

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:25:34 GMT
server
AmazonS3
age
43895
etag
"a30de301a2e6a272912783c9da549a13"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
date
Wed, 31 Aug 2022 01:32:57 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
214933
x-amz-cf-id
a-IQ96e8EpDxDZgNXB3un-XvZs-ffTlKQOtlj9bsExhy2oMNw4no-g==
integrator.js
adservice.google.nl/adsid/ Frame 4B1C 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=emmaglam.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4176752718986875&plah=emmaglam.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Aug 2022 13:44:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4B1C 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=emmaglam.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4176752718986875&plah=emmaglam.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Aug 2022 13:44:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C8D0 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4176752718986875&output=html&adk=1812271804&adf=552093719&plat=1%3A147968%2C2%3A147968%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fdeliver.helpnation.de%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661953470893&bpp=2&bdt=215&idt=258&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&nras=1&correlator=8565491059101&frm=8&ife=1&pv=2&ga_vid=1320985863.1661953471&ga_sid=1661953471&ga_hid=449534032&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2186634244&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44770880&oid=2&pvsid=1293389133885865&tmod=2122787773&uas=0&nvt=1&top=https%3A%2F%2Fdragonball-tube.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.jgono2r902kt&fsb=1&dtd=271
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4176752718986875&plah=emmaglam.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://emmaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 13:44:31 GMT
expires
Wed, 31 Aug 2022 13:44:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rar
as.ad4m.at/ad/ Frame E67B 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=197862%2C200038%2C198961&b=XgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ%2CGD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7&f=e5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1%2CVQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ&c=160&d=600&e=&g=7ea91e771920b8b21b1bc32acf478e32%2F16387982739420500580&i=71725%2C22499%2C71690&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661953471132&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c1559254f9267b0142afb4fc759cb2f436717e6e8614a65ba63003e4fcae13b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://emmaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7436338aea8591dd-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 13:44:31 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 834A 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=250&e=&g=2a12d80c20bafeab3c839a532ff90396%2F243427342487950804&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471133&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cfe2fcd5e94de39175cc3dfc506bdbb07866c4f69de8d0adc9e58680bf273c3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://emmaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7436338aea8991dd-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 13:44:31 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame C838 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=600&e=&g=041ebb38454811a790791f204a1326bd%2F12281858215853902489&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471133&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f44b7464c4452c30bec7ab1eeea8bd43012032e784b007c25ec51a90e15693
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://emmaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7436338aea8b91dd-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 13:44:31 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 9CCC 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=24673%2C202438%2C183975&b=dpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=K783aRfZf5Gps5HMHktzCBX8u7Srt7eHq%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=600&e=&g=0bb93e021ccb1a459333b4d84bbb1e63%2F6572354349658930294&i=20430%2C82994%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471135&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85fa0d0278bef0b937949219c966840c193f772bb4b938cfcdc7fa7c46f79c6b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://emmaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7436338aea9091dd-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 13:44:31 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 84C0 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=58783%2C182430%2C197862&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=728&d=90&e=&g=31769b53ae3ed83b5e9c7ed5919a74c7%2F6132780761417666784&i=28472%2C20378%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661953471138&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
483db3dae0af6290f875eba42729443c469964751832896b74c5210ecabf8a7e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://emmaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7436338aea9891dd-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 13:44:31 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
matomo.php
tool.hubu.link/ Frame 4B1C
Redirect Chain
  • https://static.hubu.fm/matomo.php?action_name=Abnehmen%20mit%20diesem%20leckeren%20Rezept%20-%20EMMAGLAM&idsite=7&rec=1&r=413233&h=13&m=44&s=31&url=https%3A%2F%2Femmaglam.com%2F2021%2F08%2F24%2Fabn...
  • https://tool.hubu.link/matomo.php?action_name=Abnehmen%20mit%20diesem%20leckeren%20Rezept%20-%20EMMAGLAM&idsite=7&rec=1&r=413233&h=13&m=44&s=31&url=https%3A%2F%2Femmaglam.com%2F2021%2F08%2F24%2Fabn...
0
152 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tool.hubu.link/matomo.php?action_name=Abnehmen%20mit%20diesem%20leckeren%20Rezept%20-%20EMMAGLAM&idsite=7&rec=1&r=413233&h=13&m=44&s=31&url=https%3A%2F%2Femmaglam.com%2F2021%2F08%2F24%2Fabnehmen-mit-diesem-leckeren-rezept%2F&urlref=https%3A%2F%2Fdeliver.helpnation.de%2F&_id=&_idn=1&send_image=0&_refts=1661953471&_ref=https%3A%2F%2Fdeliver.helpnation.de%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=jxJvCF&devicePixelRatio=1&nwefftype=4g&webgl=1&pf_net=109&pf_srv=148&pf_tfr=0&pf_dm1=248
Requested by
Host: emmaglam.com
URL: https://emmaglam.com/2021/08/24/abnehmen-mit-diesem-leckeren-rezept/
Protocol
H2
Server
2a01:4f8:212:29e0::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
content-encoding
none
server
nginx
cache-control
no-store
x-xss-protection
1; mode=block
strict-transport-security
max-age=63072000; includeSubdomains; preload

Redirect headers

location
https://tool.hubu.link/matomo.php?action_name=Abnehmen%20mit%20diesem%20leckeren%20Rezept%20-%20EMMAGLAM&idsite=7&rec=1&r=413233&h=13&m=44&s=31&url=https%3A%2F%2Femmaglam.com%2F2021%2F08%2F24%2Fabnehmen-mit-diesem-leckeren-rezept%2F&urlref=https%3A%2F%2Fdeliver.helpnation.de%2F&_id=&_idn=1&send_image=0&_refts=1661953471&_ref=https%3A%2F%2Fdeliver.helpnation.de%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=jxJvCF&devicePixelRatio=1&nwefftype=4g&webgl=1&pf_net=109&pf_srv=148&pf_tfr=0&pf_dm1=248
date
Wed, 31 Aug 2022 13:44:31 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-length
162
x-xss-protection
1; mode=block
content-type
text/html
rar
as.ad4m.at/ad/ Frame EDB5 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=200038%2C198961%2C19769&b=GD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=VQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=964718de9fa25e82662452021fb383c0%2F16559786827644174996&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471139&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2c9f4e1bb7783bdb65b2b2c5c1a12c4c4b27d9a075f076f197b4e6937c747b9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://emmaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7436338b0aed91dd-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 13:44:31 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 2C6D 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/prebid/prebid2.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d91c38797a4f40c02b517763adb6b8d25ca0d0af244856025ecc3543b8540679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 00:22:08 GMT
server
nginx
etag
W/"63041db0-15cdc"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 01 Sep 2022 13:44:31 GMT
style.min.css
news8.de/wp-includes/css/dist/block-library/ Frame DD31 		57 KB
57 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 15 Apr 2021 18:35:59 GMT
server
nginx
etag
"6078878f-e33b"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
58171
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_1c86eae769594960ac0ca2c97f1e0fd8.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_1c86eae769594960ac0ca2c97f1e0fd8.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
c9aeea516311505aad685ba305da7f535e51bd3052f9cff8677a4c70be4ca55b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-1881"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
6273
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_8f0912392af6de0a3fa95a260d7b71f0.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		13 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_8f0912392af6de0a3fa95a260d7b71f0.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
73f7738878e54c2dd6c2d79edf5763175124049d669c28543b9c80342ce5a17c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-34be"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
13502
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_9bb5a28586f226aac80b708fdf03ce7f.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		58 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_9bb5a28586f226aac80b708fdf03ce7f.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
53a1ee0f1371425a273deed2af1b5d1ac4a123774b42d961589a23884d51d9c1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-e78b"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
59275
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_8aebb373abf3d16664650e82baec759c.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		573 B
768 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_8aebb373abf3d16664650e82baec759c.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
a0b779ad590272d25a6b625b33f3d117b71ab8b77efa8266cf2ebcd90bd76764

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-23d"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
573
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_d0a00313c0c15738eca27eb9df2e334d.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		442 B
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_d0a00313c0c15738eca27eb9df2e334d.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
2a3214455e3a5ac54649add67e0bddd593f92fe190a09c22a2270c9bef891a72

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-1ba"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
442
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_4bc19d35d9e5befbc0d4ac845aab7f5b.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_4bc19d35d9e5befbc0d4ac845aab7f5b.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
bdbaae24cb5e89820feaa34c9363b83e4f7e3160e452d45c3b9b602b9b73b534

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-854"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
2132
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_b535dfee3f63967537c8e39bf85c8a0c.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		22 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_b535dfee3f63967537c8e39bf85c8a0c.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
67a80e1c7b36aa53913a77e36a8a6ed6e1e2f305e254476efab497ab7b967e69

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-5870"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
22640
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_15a5edb399271f812847871978ee6cf5.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_15a5edb399271f812847871978ee6cf5.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
1c70babefa9822756487660bc9f6efb38bc17af3b652453f469c1b688074e536

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-12ee"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
4846
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_dd755805eb89a1dfb117a6525d622366.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		13 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_dd755805eb89a1dfb117a6525d622366.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
20822478d32f7b9cebbe947fa565a20d155a5f710403e3bbea65ca814dbe8b8b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-333b"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
13115
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_dbd7348e9bfe6474117b3d8ca3bc857e.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_dbd7348e9bfe6474117b3d8ca3bc857e.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
2a1f470895f45ab9e7bd67a603458a662c16bd7628d2990cb311b87d0dec5c19

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-5df"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
1503
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_2fc5116c97d563229d247a96d5311977.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_2fc5116c97d563229d247a96d5311977.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
bb3296813f7b54986ae0d9a55a8df2463a8b4278de212459b313cd765b8a4774

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-1298"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
4760
expires
Thu, 01 Sep 2022 13:44:31 GMT
css
fonts.googleapis.com/ Frame DD31 		6 KB
603 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%2C700%2C800%7CWork%2BSans%26display%3Dswap&subset=latin%2Clatin-ext
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d951736694abf6e078c76c38dc0c83979714734d020a73d59d066f652c75e3b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 13:38:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 31 Aug 2022 13:44:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Aug 2022 13:44:31 GMT
css
fonts.googleapis.com/ Frame DD31 		594 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=ABeeZee%7CAbel%7CAbril+Fatface%7CAclonica%7CAcme%7CActor%7CAdamina%7CAdvent+Pro%7CAguafina+Script%7CAkronim%7CAladin%7CAldrich%7CAlef%7CAlegreya%7CAlegreya+SC%7CAlegreya+Sans%7CAlegreya+Sans+SC%7CAlex+Brush%7CAlfa+Slab+One%7CAlice%7CAlike%7CAlike+Angular%7CAllan%7CAllerta%7CAllerta+Stencil%7CAllura%7CAlmendra%7CAlmendra+Display%7CAlmendra+SC%7CAmarante%7CAmaranth%7CAmatic+SC%7CAmatica+SC%7CAmethysta%7CAmiko%7CAmiri%7CAmita%7CAnaheim%7CAndada%7CAndika%7CAngkor%7CAnnie+Use+Your+Telescope%7CAnonymous+Pro%7CAntic%7CAntic+Didone%7CAntic+Slab%7CAnton%7CArapey%7CArbutus%7CArbutus+Slab%7CArchitects+Daughter%7CArchivo+Black%7CArchivo+Narrow%7CAref+Ruqaa%7CArima+Madurai%7CArimo%7CArizonia%7CArmata%7CArtifika%7CArvo%7CArya%7CAsap%7CAsar%7CAsset%7CAssistant%7CAstloch%7CAsul%7CAthiti%7CAtma%7CAtomic+Age%7CAubrey%7CAudiowide%7CAutour+One%7CAverage%7CAverage+Sans%7CAveria+Gruesa+Libre%7CAveria+Libre%7CAveria+Sans+Libre%7CAveria+Serif+Libre%7CBad+Script%7CBaloo%7CBaloo+Bhai%7CBaloo+Da%7CBaloo+Thambi%7CBalthazar%7CBangers%7CBasic%7CBattambang%7CBaumans%7CBayon%7CBelgrano%7CBelleza%7CBenchNine%7CBentham%7CBerkshire+Swash%7CBevan%7CBigelow+Rules%7CBigshot+One%7CBilbo%7CBilbo+Swash+Caps%7CBioRhyme%7CBioRhyme+Expanded%7CBiryani%7CBitter%7CBlack+Ops+One%7CBokor%7CBonbon%7CBoogaloo%7CBowlby+One%7CBowlby+One+SC%7CBrawler%7CBree+Serif%7CBubblegum+Sans%7CBubbler+One%7CBuda%7CBuenard%7CBungee%7CBungee+Hairline%7CBungee+Inline%7CBungee+Outline%7CBungee+Shade%7CButcherman%7CButterfly+Kids%7CCabin%7CCabin+Condensed%7CCabin+Sketch%7CCaesar+Dressing%7CCagliostro%7CCairo%7CCalligraffitti%7CCambay%7CCambo%7CCandal%7CCantarell%7CCantata+One%7CCantora+One%7CCapriola%7CCardo%7CCarme%7CCarrois+Gothic%7CCarrois+Gothic+SC%7CCarter+One%7CCatamaran%7CCaudex%7CCaveat%7CCaveat+Brush%7CCedarville+Cursive%7CCeviche+One%7CChanga%7CChanga+One%7CChango%7CChathura%7CChau+Philomene+One%7CChela+One%7CChelsea+Market%7CChenla%7CCherry+Cream+Soda%7CCherry+Swash%7CChewy%7CChicle%7CChivo%7CChonburi%7CCinzel%7CCinzel+Decorative%7CClicker+Script%7CCoda%7CCoda+Caption%7CCodystar%7CCoiny%7CCombo%7CComfortaa%7CComing+Soon%7CConcert+One%7CCondiment%7CContent%7CContrail+One%7CConvergence%7CCookie%7CCopse%7CCorben%7CCormorant%7CCormorant+Garamond%7CCormorant+Infant%7CCormorant+SC%7CCormorant+Unicase%7CCormorant+Upright%7CCourgette%7CCousine%7CCoustard%7CCovered+By+Your+Grace%7CCrafty+Girls%7CCreepster%7CCrete+Round%7CCrimson+Text%7CCroissant+One%7CCrushed%7CCuprum%7CCutive%7CCutive+Mono%7CDamion%7CDancing+Script%7CDangrek%7CDavid+Libre%7CDawning+of+a+New+Day%7CDays+One%7CDekko%7CDelius%7CDelius+Swash+Caps%7CDelius+Unicase%7CDella+Respira%7CDenk+One%7CDevonshire%7CDhurjati%7CDidact+Gothic%7CDiplomata%7CDiplomata+SC%7CDomine%7CDonegal+One%7CDoppio+One%7CDorsa%7CDosis%7CDr+Sugiyama%7CDroid+Sans%7CDroid+Sans+Mono%7CDroid+Serif%7CDuru+Sans%7CDynalight%7CEB+Garamond%7CEagle+Lake%7CEater%7CEconomica%7CEczar%7CEk+Mukta%7CEl+Messiri%7CElectrolize%7CElsie%7CElsie+Swash+Caps%7CEmblema+One%7CEmilys+Candy%7CEngagement%7CEnglebert%7CEnriqueta%7CErica+One%7CEsteban%7CEuphoria+Script%7CEwert%7CExo%7CExo+2%7CExpletus+Sans%7CFanwood+Text%7CFarsan%7CFascinate%7CFascinate+Inline%7CFaster+One%7CFasthand%7CFauna+One%7CFederant%7CFedero%7CFelipa%7CFenix%7CFinger+Paint%7CFira+Mono%7CFira+Sans%7CFjalla+One%7CFjord+One%7CFlamenco%7CFlavors%7CFondamento%7CFontdiner+Swanky%7CForum%7CFrancois+One%7CFrank+Ruhl+Libre%7CFreckle+Face%7CFredericka+the+Great%7CFredoka+One%7CFreehand%7CFresca%7CFrijole%7CFruktur%7CFugaz+One%7CGFS+Didot%7CGFS+Neohellenic%7CGabriela%7CGafata%7CGalada%7CGaldeano%7CGalindo%7CGentium+Basic%7CGentium+Book+Basic%7CGeo%7CGeostar%7CGeostar+Fill%7CGermania+One%7CGidugu%7CGilda+Display%7CGive+You+Glory%7CGlass+Antiqua%7CGlegoo%7CGloria+Hallelujah%7CGoblin+One%7CGochi+Hand%7CGorditas%7CGoudy+Bookletter+1911%7CGraduate%7CGrand+Hotel%7CGravitas+One%7CGreat+Vibes%7CGriffy%7CGruppo%7CGudea%7CGurajada%7CHabibi%7CHalant%7CHammersmith+One%7CHanalei%7CHanalei+Fill%7CHandlee%7CHanuman%7CHappy+Monkey%7CHarmattan%7CHeadland+One%7CHeebo%7CHenny+Penny%7CHerr+Von+Muellerhoff%7CHind%7CHind+Guntur%7CHind+Madurai%7CHind+Siliguri%7CHind+Vadodara%7CHoltwood+One+SC%7CHomemade+Apple%7CHomenaje%7CIM+Fell+DW+Pica%7CIM+Fell+DW+Pica+SC%7CIM+Fell+Double+Pica%7CIM+Fell+Double+Pica+SC%7CIM+Fell+English%7CIM+Fell+English+SC%7CIM+Fell+French+Canon%7CIM+Fell+French+Canon+SC%7CIM+Fell+Great+Primer%7CIM+Fell+Great+Primer+SC%7CIceberg%7CIceland%7CImprima%7CInconsolata%7CInder%7CIndie+Flower%7CInika%7CInknut+Antiqua%7CIrish+Grover%7CIstok+Web%7CItaliana%7CItalianno%7CItim%7CJacques+Francois%7CJacques+Francois+Shadow%7CJaldi%7CJim+Nightshade%7CJockey+One%7CJolly+Lodger%7CJomhuria%7CJosefin+Sans%7CJosefin+Slab%7CJoti+One%7CJudson%7CJulee%7CJulius+Sans+One%7CJunge%7CJura%7CJust+Another+Hand%7CJust+Me+Again+Down+Here%7CKadwa%7CKalam%7CKameron%7CKanit%7CKantumruy%7CKarla%7CKarma%7CKatibeh%7CKaushan+Script%7CKavivanar%7CKavoon%7CKdam+Thmor%7CKeania+One%7CKelly+Slab%7CKenia%7CKhand%7CKhmer%7CKhula%7CKite+One%7CKnewave%7CKotta+One%7CKoulen%7CKranky%7CKreon%7CKristi%7CKrona+One%7CKumar+One%7CKumar+One+Outline%7CKurale%7CLa+Belle+Aurore%7CLaila%7CLakki+Reddy%7CLalezar%7CLancelot%7CLateef%7CLato%7CLeague+Script%7CLeckerli+One%7CLedger%7CLekton%7CLemon%7CLemonada%7CLibre+Baskerville%7CLibre+Franklin%7CLife+Savers%7CLilita+One%7CLily+Script+One%7CLimelight%7CLinden+Hill%7CLobster%7CLobster+Two%7CLondrina+Outline%7CLondrina+Shadow%7CLondrina+Sketch%7CLondrina+Solid%7CLora%7CLove+Ya+Like+A+Sister%7CLoved+by+the+King%7CLovers+Quarrel%7CLuckiest+Guy%7CLusitana%7CLustria%7CMacondo%7CMacondo+Swash+Caps%7CMada%7CMagra%7CMaiden+Orange%7CMaitree%7CMako%7CMallanna%7CMandali%7CMarcellus%7CMarcellus+SC%7CMarck+Script%7CMargarine%7CMarko+One%7CMarmelad%7CMartel%7CMartel+Sans%7CMarvel%7CMate%7CMate+SC%7CMaven+Pro%7CMcLaren%7CMeddon%7CMedievalSharp%7CMedula+One%7CMeera+Inimai%7CMegrim%7CMeie+Script%7CMerienda%7CMerienda+One%7CMerriweather%7CMerriweather+Sans%7CMetal%7CMetal+Mania%7CMetamorphous%7CMetrophobic%7CMichroma%7CMilonga%7CMiltonian%7CMiltonian+Tattoo%7CMiniver%7CMiriam+Libre%7CMirza%7CMiss+Fajardose%7CMitr%7CModak%7CModern+Antiqua%7CMogra%7CMolengo%7CMolle%7CMonda%7CMonofett%7CMonoton%7CMonsieur+La+Doulaise%7CMontaga%7CMontez%7CMontserrat%7CMontserrat+Alternates%7CMontserrat+Subrayada%7CMoul%7CMoulpali%7CMountains+of+Christmas%7CMouse+Memoirs%7CMr+Bedfort%7CMr+Dafoe%7CMr+De+Haviland%7CMrs+Saint+Delafield%7CMrs+Sheppards%7CMukta+Vaani%7CMuli%7CMystery+Quest%7CNTR%7CNeucha%7CNeuton%7CNew+Rocker%7CNews+Cycle%7CNiconne%7CNixie+One%7CNobile%7CNokora%7CNorican%7CNosifer%7CNothing+You+Could+Do%7CNoticia+Text%7CNoto+Sans%7CNoto+Serif%7CNova+Cut%7CNova+Flat%7CNova+Mono%7CNova+Oval%7CNova+Round%7CNova+Script%7CNova+Slim%7CNova+Square%7CNumans%7CNunito%7COdor+Mean+Chey%7COffside%7COld+Standard+TT%7COldenburg%7COleo+Script%7COleo+Script+Swash+Caps%7COpen+Sans%7COpen+Sans+Condensed%7COranienbaum%7COrbitron%7COregano%7COrienta%7COriginal+Surfer%7COswald%7COver+the+Rainbow%7COverlock%7COverlock+SC%7COvo%7COxygen%7COxygen+Mono%7CPT+Mono%7CPT+Sans%7CPT+Sans+Caption%7CPT+Sans+Narrow%7CPT+Serif%7CPT+Serif+Caption%7CPacifico%7CPalanquin%7CPalanquin+Dark%7CPaprika%7CParisienne%7CPassero+One%7CPassion+One%7CPathway+Gothic+One%7CPatrick+Hand%7CPatrick+Hand+SC%7CPattaya%7CPatua+One%7CPavanam%7CPaytone+One%7CPeddana%7CPeralta%7CPermanent+Marker%7CPetit+Formal+Script%7CPetrona%7CPhilosopher%7CPiedra%7CPinyon+Script%7CPirata+One%7CPlaster%7CPlay%7CPlayball%7CPlayfair+Display%7CPlayfair+Display+SC%7CPodkova%7CPoiret+One%7CPoller+One%7CPoly%7CPompiere%7CPontano+Sans%7CPoppins%7CPort+Lligat+Sans%7CPort+Lligat+Slab%7CPragati+Narrow%7CPrata%7CPreahvihear%7CPress+Start+2P%7CPridi%7CPrincess+Sofia%7CProciono%7CPrompt%7CProsto+One%7CProza+Libre%7CPuritan%7CPurple+Purse%7CQuando%7CQuantico%7CQuattrocento%7CQuattrocento+Sans%7CQuestrial%7CQuicksand%7CQuintessential%7CQwigley%7CRacing+Sans+One%7CRadley%7CRajdhani%7CRakkas%7CRaleway%7CRaleway+Dots%7CRamabhadra%7CRamaraja%7CRambla%7CRammetto+One%7CRanchers%7CRancho%7CRanga%7CRasa%7CRationale%7CRavi+Prakash%7CRedressed%7CReem+Kufi%7CReenie+Beanie%7CRevalia%7CRhodium+Libre%7CRibeye%7CRibeye+Marrow%7CRighteous%7CRisque%7CRoboto%7CRoboto+Condensed%7CRoboto+Mono%7CRoboto+Slab%7CRochester%7CRock+Salt%7CRokkitt%7CRomanesco%7CRopa+Sans%7CRosario%7CRosarivo%7CRouge+Script%7CRozha+One%7CRubik%7CRubik+Mono+One%7CRubik+One%7CRuda%7CRufina%7CRuge+Boogie%7CRuluko%7CRum+Raisin%7CRuslan+Display%7CRusso+One%7CRuthie%7CRye%7CSacramento%7CSahitya%7CSail%7CSalsa%7CSanchez%7CSancreek%7CSansita+One%7CSarala%7CSarina%7CSarpanch%7CSatisfy%7CScada%7CScheherazade%7CSchoolbell%7CScope+One%7CSeaweed+Script%7CSecular+One%7CSevillana%7CSeymour+One%7CShadows+Into+Light%7CShadows+Into+Light+Two%7CShanti%7CShare%7CShare+Tech%7CShare+Tech+Mono%7CShojumaru%7CShort+Stack%7CShrikhand%7CSiemreap%7CSigmar+One%7CSignika%7CSignika+Negative%7CSimonetta%7CSintony%7CSirin+Stencil%7CSix+Caps%7CSkranji%7CSlabo+13px%7CSlabo+27px%7CSlackey%7CSmokum%7CSmythe%7CSniglet%7CSnippet%7CSnowburst+One%7CSofadi+One%7CSofia%7CSonsie+One%7CSorts+Mill+Goudy%7CSource+Code+Pro%7CSource+Sans+Pro%7CSource+Serif+Pro%7CSpace+Mono%7CSpecial+Elite%7CSpicy+Rice%7CSpinnaker%7CSpirax%7CSquada+One%7CSree+Krushnadevaraya%7CSriracha%7CStalemate%7CStalinist+One%7CStardos+Stencil%7CStint+Ultra+Condensed%7CStint+Ultra+Expanded%7CStoke%7CStrait%7CSue+Ellen+Francisco%7CSuez+One%7CSumana%7CSunshiney%7CSupermercado+One%7CSura%7CSuranna%7CSuravaram%7CSuwannaphum%7CSwanky+and+Moo+Moo%7CSyncopate%7CTangerine%7CTaprom%7CTauri%7CTaviraj%7CTeko%7CTelex%7CTenali+Ramakrishna%7CTenor+Sans%7CText+Me+One%7CThe+Girl+Next+Door%7CTienne%7CTillana%7CTimmana%7CTinos%7CTitan+One%7CTitillium+Web%7CTrade+Winds%7CTrirong%7CTrocchi%7CTrochut%7CTrykker%7CTulpen+One%7CUbuntu%7CUbuntu+Condensed%7CUbuntu+Mono%7CUltra%7CUncial+Antiqua%7CUnderdog%7CUnica+One%7CUnifrakturCook%7CUnifrakturMaguntia%7CUnkempt%7CUnlock%7CUnna%7CVT323%7CVampiro+One%7CVarela%7CVarela+Round%7CVast+Shadow%7CVesper+Libre%7CVibur%7CVidaloka%7CViga%7CVoces%7CVolkhov%7CVollkorn%7CVoltaire%7CWaiting+for+the+Sunrise%7CWallpoet%7CWalter+Turncoat%7CWarnes%7CWellfleet%7CWendy+One%7CWire+One%7CWork+Sans%7CYanone+Kaffeesatz%7CYantramanav%7CYatra+One%7CYellowtail%7CYeseva+One%7CYesteryear%7CYrsa%7CZeyada&subset=latin%2Clatin-ext
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
126153be0049a26d623488bd25ebb9ba467057669a1d6c129af9b6e6b2dcf786
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 13:27:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 31 Aug 2022 13:44:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Aug 2022 13:44:31 GMT
wmac_single_ba80fc2dd04c0dc56e704a7dfc2f2458.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		157 KB
157 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_ba80fc2dd04c0dc56e704a7dfc2f2458.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
1a252ab44aea48932fabadc302800d16dce7195a44326b1bfe94fb5b3ab810f9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-27280"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
160384
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_eaf5f7af8290dfa1e86ddbf831d79efe.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		92 B
285 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_eaf5f7af8290dfa1e86ddbf831d79efe.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
af468a53ff8b21e58d333969b462d31f6d23e94d0f255e58b8c9242057d29c34

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-5c"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
92
expires
Thu, 01 Sep 2022 13:44:31 GMT
font-awesome.min.css
news8.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/ Frame DD31 		30 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Sun, 21 Mar 2021 04:33:46 GMT
server
nginx
etag
"6056ccaa-7917"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
30999
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_d49fbfc6c0444e7c67b2ee7ae284a293.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_d49fbfc6c0444e7c67b2ee7ae284a293.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
8156497af6e016c713379e4ecb3006cce8360d92d858eda6924aa40ba917c0fe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-4be"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
1214
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_6a1d72f2fa3f49ba4216abcb0b63815b.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_6a1d72f2fa3f49ba4216abcb0b63815b.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
b190bec40be9563df5802aa246508502691500f57eb9018a96c2fe7bf22381e3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-b12"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
2834
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_241421b5d09d0d375ed4ef120de787dc.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		36 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_241421b5d09d0d375ed4ef120de787dc.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
f18e4698b1282cf42ab3e3011e1027b7e2fab2afb339417e38a06449c5f10529

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-9030"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
36912
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_1e771bb438801107ae5a283f4b31bc89.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		111 KB
111 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_1e771bb438801107ae5a283f4b31bc89.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
6634563eec684020fbbbeebc71f8e2f7fd7782e057c6e722abd19116bf8701b2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-1baf7"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
113399
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_28d4882ebc1dba4a8328d08dc5200daf.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		34 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_28d4882ebc1dba4a8328d08dc5200daf.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
85e267b92c6a639a35e54f01bb3bede4ff1bc3ff715bea017e04cc8d3d304abb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-8824"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
34852
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_48ff9d03ab2419b1057dd3e29067436e.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		24 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_48ff9d03ab2419b1057dd3e29067436e.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
b5973c7b9e0fc3296016ea9c24884a4e84fbd9630fd9b4d88b697158d6a662e5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-5fb3"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
24499
expires
Thu, 01 Sep 2022 13:44:31 GMT
select2.min.css
news8.de/wp-content/plugins/ultimate-member/assets/css/select2/ Frame DD31 		15 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/plugins/ultimate-member/assets/css/select2/select2.min.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Tue, 20 Apr 2021 20:32:09 GMT
server
nginx
etag
"607f3a49-3a76"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
14966
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_59336521688d38bb8f1c5501c73ce211.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_59336521688d38bb8f1c5501c73ce211.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
cceaa58cfc7773b7f4864d26b8854e3deb386ab0372b6cc33d38e3e875437eb6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-c7a"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
3194
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_16a0a3ad09659fdcaa31be2bafd99926.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_16a0a3ad09659fdcaa31be2bafd99926.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
d93e8f042ec01770e430bf2b4822157f34589485e314bfe6a0ef9ee6297ffb31

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-c21"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
3105
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_fcfc6477f65df6f82da870fdd8f8129d.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		17 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_fcfc6477f65df6f82da870fdd8f8129d.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
958b76a1a9b936a90ad2d7d51dea619af19dd0feb3a79876ccf447993815bae4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-4362"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
17250
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_33e4b3d778de959e909ca05248b5a365.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_33e4b3d778de959e909ca05248b5a365.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
ffa6b63bbede30e4937217f9d17cddf1a55a97b9f2c226011ed7b7a8ee2d7536

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-1e76"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
7798
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_8552692e086f7ffdabd9c5ad23ec2314.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_8552692e086f7ffdabd9c5ad23ec2314.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
d71b1722a86feb175cf26b030003b5bff5c708e070bc72b2e4cc2d8492129460

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-dc6"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
3526
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_c77ae194cd5b025baa7c6fd1a24137d6.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_c77ae194cd5b025baa7c6fd1a24137d6.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
86bca6ce011493365eba131df592f31e72f7251d7dd6fa0f1b723d3f107f8f6f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-67d"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
1661
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_abc4e3c2f8c1400e944853a6f14b048a.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_abc4e3c2f8c1400e944853a6f14b048a.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
a327f98329c040b225029235f30448bf290256baa8f76a4c04cb45b2eb1bc6ae

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-b91"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
2961
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_afcb16d3ae878da9961ca53164e1f2aa.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_afcb16d3ae878da9961ca53164e1f2aa.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
193a04fa09b754cb1103c7518253baf873320c898ed831c9783e42fae488523e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-8ab"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
2219
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_fb1e35155d11a8c40e32f8be9351ee53.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_fb1e35155d11a8c40e32f8be9351ee53.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
c7672b1f8efbb532817e72b70aa9f39f4616b10e2e7f008b2975d305d0c2998c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-ec9"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
3785
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_a995f682910b091a3966acfb5857c52e.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_a995f682910b091a3966acfb5857c52e.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
d12eb44c7f6038966737af70549631d70bb252740d2ccabbcf78ec866869333b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-5b5"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
1461
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_d5d624b2b2d2d19b8d2a7dc1328b7d05.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_d5d624b2b2d2d19b8d2a7dc1328b7d05.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
6d65d818e5e9a949560b900fbf950d482e4bc95e15c7e8182ba9da491616ddb2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-49c"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
1180
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_e0681482aaf0007fd323a9da1ce7f675.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_e0681482aaf0007fd323a9da1ce7f675.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
ca41986254f8635bb72b990cd85b62f0f5b4e5f1b39cd7670c1b441b6b8e7d2b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-a26"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
2598
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_6fea8331ec95a566deb3fd8f2e5642e9.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_6fea8331ec95a566deb3fd8f2e5642e9.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
b304e59ed1d6399f00578b6053c731d259b5ad4ca1da7b4fc1a94d166eec7c30

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-7d6"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
2006
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_9898b4fbe7dab96d336d3ed7f6a91dea.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		10 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_9898b4fbe7dab96d336d3ed7f6a91dea.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
650ac99ee8a6ef50220f78053e21bcc2c96a8e1a91d3a849f96c358c121b1d84

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-277d"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
10109
expires
Thu, 01 Sep 2022 13:44:31 GMT
wmac_single_56f902a1b9086d69f7dbfe86f7a16e2d.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_56f902a1b9086d69f7dbfe86f7a16e2d.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
97589eaccfbe78ee0a2455024933ac3a5b79a9f6b753a5cda7e5c7010ec8b29d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-14a5"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
5285
expires
Thu, 01 Sep 2022 13:44:31 GMT
banner.js
consent.cookiefirst.com/ Frame DD31 		68 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner.js
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-731.bunnyinfra.net
Software
Cookie First CDN-AT-731 /
Resource Hash
dba24e8290d6647caa36a88fb43451b82b5a8a270dea84eab6482b6647c1ccef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
content-encoding
br
cdn-edgestorageid
731
cdn-fileserver
56
cdn-storageserver
DE-169
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cdn-cachedat
08/30/2022 22:28:41
cdn-pullzone
236985
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server
Cookie First CDN-AT-731
access-control-allow-origin
*
visitor-location
NL
last-modified
Tue, 30 Aug 2022 11:27:14 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"630df412-1112f"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cache-control
public, max-age=300
cdn-requestid
068c21aaa0af4ba3eb00bc7cf355c25e
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True
cropped-new8deheader-1024x288.png
news8.de/wp-content/uploads/2021/02/ Frame DD31 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2021/02/cropped-new8deheader-1024x288.png
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
c345540502d3b439812ff0feeda84b3eba4cc62c06af14831aad896746599940
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Wed, 03 Feb 2021 01:24:59 GMT
server
nginx
etag
"6019fb6b-17ea7"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
97959
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:31 GMT
default.css
as.ad4m.at/ad/style/0.1.22/one-ad/ Frame E67B 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200038%2C198961&b=XgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ%2CGD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7&f=e5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1%2CVQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ&c=160&d=600&e=&g=7ea91e771920b8b21b1bc32acf478e32%2F16387982739420500580&i=71725%2C22499%2C71690&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661953471132&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=197862%2C200038%2C198961&b=XgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ%2CGD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7&f=e5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1%2CVQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ&c=160&d=600&e=&g=7ea91e771920b8b21b1bc32acf478e32%2F16387982739420500580&i=71725%2C22499%2C71690&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661953471132&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
167750
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86775
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 29 Aug 2022 15:08:41 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
7436338b3b7c91dd-FRA
cf-bgj
minify
B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
assets.ad4m.at/logo/ Frame E67B 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200038%2C198961&b=XgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ%2CGD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7&f=e5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1%2CVQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ&c=160&d=600&e=&g=7ea91e771920b8b21b1bc32acf478e32%2F16387982739420500580&i=71725%2C22499%2C71690&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661953471132&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90cbcae2f75cbdcf2a00d82c83cb2926f1a4ad7ab38eb3d629f2e7d3ad72410e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590051
cf-polished
origFmt=png, origSize=53992
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26236
last-modified
Wed, 29 Jun 2022 14:47:26 GMT
server
cloudflare
etag
"e460905652d65e6a54a57da046f52d6c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dOD6r5bHy%2FlWiTtCF4JyHG5YmyNzfKYaF%2F6J0urL%2BKa2TZSKCLHs2xswJtKI9jAjox2JRTE93Atvt2H4lj5WZ8hdaJPrmnJMSoBBnQFLwquTCj0jOKC3MK5FmbQ7j7%2B001COoBcdllVIg%2Fy8"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b3b8091dd-FRA
cf-bgj
imgq:85,h2pri
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame E67B 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200038%2C198961&b=XgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ%2CGD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7&f=e5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1%2CVQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ&c=160&d=600&e=&g=7ea91e771920b8b21b1bc32acf478e32%2F16387982739420500580&i=71725%2C22499%2C71690&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661953471132&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
661426
cf-polished
origFmt=png, origSize=105738
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55798
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fDRcsd0V5ZdAZp4Nrhgn3iCIfZ%2BZI4fUUWg0HJFg1LsivzfHud4N8GpKTbr7L%2FhxaDxqzfH1gCI%2BW7W9ouJlTtMkP7kCUFyVoQmk2U4MK9qij3rdnlTNJwKro%2B3kY%2FwXjcimualellj%2BxSXN"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b3b8291dd-FRA
cf-bgj
imgq:85,h2pri
822734168B827B1A0E57FF53EC6CBFBBD002FC8D7460BA6B8DE6F46F0023BD74E50D9FBBA049A063AB16B30699CAF8E6582A3DFB3481ACA57EB03EB039D10995
assets.ad4m.at/logo/ Frame E67B 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/822734168B827B1A0E57FF53EC6CBFBBD002FC8D7460BA6B8DE6F46F0023BD74E50D9FBBA049A063AB16B30699CAF8E6582A3DFB3481ACA57EB03EB039D10995
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200038%2C198961&b=XgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ%2CGD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7&f=e5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1%2CVQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ&c=160&d=600&e=&g=7ea91e771920b8b21b1bc32acf478e32%2F16387982739420500580&i=71725%2C22499%2C71690&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661953471132&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5b58613de02a2628489f5253cbf992b173ce8a399697cb943ccf415375a9f4e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
670816
cf-polished
origFmt=png, origSize=48887
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33666
last-modified
Mon, 19 Oct 2020 12:32:26 GMT
server
cloudflare
etag
"4fe1ecb98ff38283cdb2ae157e399ba2"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8JdJTsapKiFtHPswFXyT6KATfdLsSM0ajm%2FiWJ0I6eVdy7VdTxM3Qce6KD94PgQqzS5N9uYoEXZcOS4ANN8vptvZ57CiMdphasSeHQs26cFfY04L9F12DNv93wrccY8ZCB1fzyERaFxKzGn"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b3b8591dd-FRA
cf-bgj
imgq:85,h2pri
FDC0EE75F4B2311BE701729B216D406C0411C7D7907D89093BEA0B0A5BB1014BACEF20E044DCCDCD3B16D829E6016F634887800BF4A4A53A7CEA85247B2186D8
assets.ad4m.at/product_image/ Frame E67B 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FDC0EE75F4B2311BE701729B216D406C0411C7D7907D89093BEA0B0A5BB1014BACEF20E044DCCDCD3B16D829E6016F634887800BF4A4A53A7CEA85247B2186D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200038%2C198961&b=XgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ%2CGD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7&f=e5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1%2CVQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ&c=160&d=600&e=&g=7ea91e771920b8b21b1bc32acf478e32%2F16387982739420500580&i=71725%2C22499%2C71690&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661953471132&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed54662d8d90a7019c364180d5260b0820e6e39dba28600f1f704c33943a1486

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2577871
cf-polished
qual=85, origFmt=jpeg, origSize=86273
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
81198
last-modified
Wed, 27 Jul 2022 12:26:16 GMT
server
cloudflare
etag
"255b597e80e22e9d856630ead83ab789"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ByxvIdYYjvRnvBL5Z4FoaV%2Fq4eH%2Bk8hRyUPQTebHdos%2BbqKbAmBiaPThzQPARodGQtI3F9ZtIQ3lJMJKumaTBlgsix4v04Omdo2Hj54KrQOAvSyjIaFhGt4WfxdQvRgUiAi%2Fl1AA63MEWQ0j"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b3b8a91dd-FRA
cf-bgj
imgq:85,h2pri
D79C954E206D0E4D62CE2FD6A790CCF3F307301C2B3749F53C1D942235F0DB56EC61BF133CCA8286AF0CB6184EAACC180FE6AE7DAF2C030A5FC4FB233DC1862E
assets.ad4m.at/logo/ Frame E67B 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D79C954E206D0E4D62CE2FD6A790CCF3F307301C2B3749F53C1D942235F0DB56EC61BF133CCA8286AF0CB6184EAACC180FE6AE7DAF2C030A5FC4FB233DC1862E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200038%2C198961&b=XgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ%2CGD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7&f=e5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1%2CVQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ&c=160&d=600&e=&g=7ea91e771920b8b21b1bc32acf478e32%2F16387982739420500580&i=71725%2C22499%2C71690&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661953471132&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6077d96b9bd1b7071f971ce7fb559e3e57af37df56ac67b9c2d64b2b8796fbd4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
662031
cf-polished
origFmt=png, origSize=67209
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44330
last-modified
Wed, 13 Jul 2022 10:30:32 GMT
server
cloudflare
etag
"8e0be36dfd6d499fc28a6f3e19920b0b"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IZvSm7VTqKCQapC3%2B2svmqjoQIyXGsNVXt4nDgIAZwf8CwGa9XPy0DUOfOzl0RlDhkXNSv2z4GHHz3ZN2MbXj0Lm1EmTuCWM0aEMRtDMVIzz9TFort8%2BbiXJCvYOAY7jxbVN2iRRboRF8gE"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b3b8c91dd-FRA
cf-bgj
imgq:85,h2pri
228AE3BC27B59997BB38FAE9B35BF19F78E1A83D3EEE4F366E97EB15815360D99C4F0AA46F2DFD8AB7A011602A783946A7F0B5421349CAC837964DFF6096C972
assets.ad4m.at/product_image/ Frame E67B 		201 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/228AE3BC27B59997BB38FAE9B35BF19F78E1A83D3EEE4F366E97EB15815360D99C4F0AA46F2DFD8AB7A011602A783946A7F0B5421349CAC837964DFF6096C972
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200038%2C198961&b=XgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ%2CGD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7&f=e5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1%2CVQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ&c=160&d=600&e=&g=7ea91e771920b8b21b1bc32acf478e32%2F16387982739420500580&i=71725%2C22499%2C71690&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661953471132&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50df5c94512b11c2f4c8357774f25d123c5a39c120796dcc5b1d9ec8df548e83

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
666486
cf-polished
origFmt=png, origSize=310324
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
205550
last-modified
Wed, 13 Jul 2022 10:46:44 GMT
server
cloudflare
etag
"ca68d721f16044ab0bd800156f6dd789"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2FJEGEN1bY2GrcYWFcGGvkCy%2Fu8r9MEjkxow2Vv0mHSzs1jWV7DDZ4OhoJ2SDBtOUi521rfC0PVf%2Bii2DPMusCfT4OrKSXmD0r64nNt%2BrESnMQobaL%2FbM9xv%2FWCcQdjwE4tW%2FIkNHsi08R2Z"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b3b8f91dd-FRA
cf-bgj
imgq:85,h2pri
default.css
as.ad4m.at/ad/style/0.1.22/one-ad/ Frame 9CCC 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C202438%2C183975&b=dpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=K783aRfZf5Gps5HMHktzCBX8u7Srt7eHq%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=600&e=&g=0bb93e021ccb1a459333b4d84bbb1e63%2F6572354349658930294&i=20430%2C82994%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471135&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=24673%2C202438%2C183975&b=dpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=K783aRfZf5Gps5HMHktzCBX8u7Srt7eHq%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=600&e=&g=0bb93e021ccb1a459333b4d84bbb1e63%2F6572354349658930294&i=20430%2C82994%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471135&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
167750
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86775
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 29 Aug 2022 15:08:41 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
7436338b3b9491dd-FRA
cf-bgj
minify
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 9CCC 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C202438%2C183975&b=dpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=K783aRfZf5Gps5HMHktzCBX8u7Srt7eHq%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=600&e=&g=0bb93e021ccb1a459333b4d84bbb1e63%2F6572354349658930294&i=20430%2C82994%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471135&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
591110
cf-polished
origFmt=png, origSize=77267
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHGvH6VMLy4viz8WymyXdBHpBgDtP%2FM28xC5%2FgBDt7%2FKyk9AVEkNZwitdChRCygrQRZpSGzQgMkwAcGX68hgVduUjS9%2FC0NdzVSGhljmOz3DH%2BKdHsDl7%2FD2G1ETPkrnS%2Fo84DubpHMVYrT0"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b3b9791dd-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 9CCC 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C202438%2C183975&b=dpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=K783aRfZf5Gps5HMHktzCBX8u7Srt7eHq%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=600&e=&g=0bb93e021ccb1a459333b4d84bbb1e63%2F6572354349658930294&i=20430%2C82994%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471135&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
101159
cf-polished
origSize=90165, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85727
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YiGtzpkGDwLkXG32NLH%2Fz5Kwk9bKwanOGFEC7DtG7H8i8RIQnPLk6j5mZwWKPaadN3%2Bg6C1ILSI2q3Za8oj7ZwEP0fZEvtR0IHMhfB5%2FMJ6Z9kWqc3MuXtt7nUs%2BsMnEHacvsHLxgng50QR%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b4bab91dd-FRA
cf-bgj
imgq:85,h2pri
CF7B8EFF626751741BD45BBA10B5F53598ABD124A9A97176DB246F891C46E0CCFF68E5AC396FA44F31E87AA5F2404A47D1A24B716215BB0CBA7CA3D7AC4F625C
assets.ad4m.at/logo/ Frame 9CCC 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/CF7B8EFF626751741BD45BBA10B5F53598ABD124A9A97176DB246F891C46E0CCFF68E5AC396FA44F31E87AA5F2404A47D1A24B716215BB0CBA7CA3D7AC4F625C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C202438%2C183975&b=dpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=K783aRfZf5Gps5HMHktzCBX8u7Srt7eHq%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=600&e=&g=0bb93e021ccb1a459333b4d84bbb1e63%2F6572354349658930294&i=20430%2C82994%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471135&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52231257689106bd0c1e85b5b0675f0eb01ab7c3492365d701827a07028d2df3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
503548
cf-polished
origFmt=png, origSize=9979
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2004
last-modified
Tue, 26 Jul 2022 13:59:04 GMT
server
cloudflare
etag
"d4ad24db9e3f0bd5b2d8146db2559b6c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKdARFFv8e0mgPAg8UuaksJnlrRKOsnBtn%2BVvedBxCePlEo8APHIK4NL7H9IBhg2BvlcdS6g1QMgCcoG%2FU3yjtj8lBc7TGuyYHFcwEzUh7igmFxUe8rz979il6d8K0L6NB2AMSA8aQfaKAsD"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b4bae91dd-FRA
cf-bgj
imgq:85,h2pri
149CB1C4FF60B52FF6B05CF9E021292EE41E76BE18D09E6E739E9FE972B362A8B6D7872AC13E5BF3F6BEA2C754B71DC63130E440CEB5DB8867DD855825F44A32
assets.ad4m.at/product_image/ Frame 9CCC 		258 KB
259 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/149CB1C4FF60B52FF6B05CF9E021292EE41E76BE18D09E6E739E9FE972B362A8B6D7872AC13E5BF3F6BEA2C754B71DC63130E440CEB5DB8867DD855825F44A32
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C202438%2C183975&b=dpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=K783aRfZf5Gps5HMHktzCBX8u7Srt7eHq%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=600&e=&g=0bb93e021ccb1a459333b4d84bbb1e63%2F6572354349658930294&i=20430%2C82994%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471135&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8275413d7059db1bf68ea3986e84410ba9df950693f6d5fe66404b69290895c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
503548
cf-polished
origFmt=png, origSize=443845
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
264466
last-modified
Mon, 22 Aug 2022 13:30:19 GMT
server
cloudflare
etag
"703cc90ac32bbaecfc9462ad00c6d831"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yW7lDbnjZ5CBDpAAtyNaXTu5x4DpgSlbdH9ZxfMYFYccSrdSp%2FMXs%2FaL3%2FP9WbDJR8oqgd%2B9JXzYzt1XgbeMnOJI4Fmj9Ejl2wpcDETGog3w2m2jtElyHQdxQOtK333ez6%2BlF%2B0o11s9iiNg"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b4bb091dd-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 9CCC 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3148286&v=30131&q=437766&r=412863&pv=1&pref3=oneidr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtdoneid__emmaglam_advancedad_300x600&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C202438%2C183975&b=dpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=K783aRfZf5Gps5HMHktzCBX8u7Srt7eHq%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=600&e=&g=0bb93e021ccb1a459333b4d84bbb1e63%2F6572354349658930294&i=20430%2C82994%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471135&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.17.141 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-17-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 13:44:31 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 9CCC 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C202438%2C183975&b=dpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=K783aRfZf5Gps5HMHktzCBX8u7Srt7eHq%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=600&e=&g=0bb93e021ccb1a459333b4d84bbb1e63%2F6572354349658930294&i=20430%2C82994%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471135&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
669049
cf-polished
origFmt=png, origSize=233620
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
130164
last-modified
Tue, 29 Mar 2022 07:10:51 GMT
server
cloudflare
etag
"d1d171dd651522f41a2fc0dba256a546"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2gP3rLCZghTMTTL37F7xRS1Z%2FdiiXc%2FWEL42XUiZSGk5cGPs61L%2Fh06Kr%2BCSJsvLBqZlLo75FLjeQFBCfC6V0At4S7lCmgDO5iAPdYyHmidBpgO3uJoPoGPgwyFIfGTamo%2BWmk2OMUk11j6"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b4bb291dd-FRA
cf-bgj
imgq:85,h2pri
1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 9CCC 		461 KB
461 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C202438%2C183975&b=dpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=K783aRfZf5Gps5HMHktzCBX8u7Srt7eHq%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=600&e=&g=0bb93e021ccb1a459333b4d84bbb1e63%2F6572354349658930294&i=20430%2C82994%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471135&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
667196
cf-polished
origFmt=png, origSize=731561
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
471752
last-modified
Tue, 29 Mar 2022 07:03:31 GMT
server
cloudflare
etag
"1b69278243c107df5b11186b1f6ca585"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7yhQu89XpmkIaogUIBOP2FOcijln9m4nMgxm6gRILjgRleSmazQxTcPLGRDeuK7PPZaxvelRUX0HwqocLJghI6PJ3vNIx7gq0IT0M3XBs24RFqKyggi4OxHFNEGVNCU7f8lr7FWx1YRmNr2"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b4bb491dd-FRA
cf-bgj
imgq:85,h2pri
default.css
as.ad4m.at/ad/style/0.1.22/one-ad/ Frame C838 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=600&e=&g=041ebb38454811a790791f204a1326bd%2F12281858215853902489&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471133&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=600&e=&g=041ebb38454811a790791f204a1326bd%2F12281858215853902489&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471133&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
167750
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86775
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 29 Aug 2022 15:08:41 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
7436338b4bb591dd-FRA
cf-bgj
minify
60FD20F1676D1F9A06186B287BEA963E2FA606953F8F76587C6A69AEED33F93312327919FFF9BFEAB8F1720429B5E57633ECC66386BA3D90DF72A2018B8A5D7A
assets.ad4m.at/logo/ Frame C838 		467 KB
467 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/60FD20F1676D1F9A06186B287BEA963E2FA606953F8F76587C6A69AEED33F93312327919FFF9BFEAB8F1720429B5E57633ECC66386BA3D90DF72A2018B8A5D7A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=600&e=&g=041ebb38454811a790791f204a1326bd%2F12281858215853902489&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471133&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caf8340f2513401c46bd6623b38cd091850da9664c2f87dc69b1e245824662a7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
666237
cf-polished
origFmt=png, origSize=706198
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
477790
last-modified
Tue, 03 Nov 2020 16:12:21 GMT
server
cloudflare
etag
"7818415cbdf9567ea6f508841c4fe2a7"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JuHtH0EArzLViBNfE2i0oBw0FsGTYFgXvlMtABXmk3WCuyvu%2Bl7kE4S7NrF67DMj3sGh%2FQlqbqT%2Fd18YncGl5ikZlON0G6tR7qwKnVsWI2e0H8BVm9b90oUtktcYoP5efsEFtAJUSvruDD7L"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b4bb891dd-FRA
cf-bgj
imgq:85,h2pri
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame C838 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=600&e=&g=041ebb38454811a790791f204a1326bd%2F12281858215853902489&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471133&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1180454
cf-polished
qual=85, origFmt=jpeg, origSize=133780
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28740
last-modified
Tue, 18 Feb 2020 10:22:01 GMT
server
cloudflare
etag
"d061ca155f758f490340e147604dc3ee"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Wk59oM1ELvZ6E09wMl7DMMS7seXJ%2BCQNZYhy%2Br31Im6W4BleWIe60f3pzjU4f3G3KH%2FNo2ibkaFHLAxCke2d4DE8gC%2BDSB1qGEa5yXGUVn0d2kNtFGQakKJEWh4cNnPO8zByYL%2Bz59qsO%2BS"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b6bf091dd-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame C838 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneid52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1oneid__emmaglam_advancedad_300x600&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=600&e=&g=041ebb38454811a790791f204a1326bd%2F12281858215853902489&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471133&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.17.141 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-17-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 13:44:31 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
assets.ad4m.at/logo/ Frame C838 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=600&e=&g=041ebb38454811a790791f204a1326bd%2F12281858215853902489&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471133&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15cc42ec2a3a08dc0566d2f71a13e462fa764a4390c7d96870b71fd2cf6ff513

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590289
cf-polished
origFmt=png, origSize=12956
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7692
last-modified
Tue, 29 Mar 2022 14:32:10 GMT
server
cloudflare
etag
"c6c297b07f296b60586b8613b6e9b5cd"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mwvzdTJUGBoYgyutxw7BE5vW%2BVIKuwjQM3vjHp4jEHh4l0YImnmCMjIfOspAvaoQMr41QhGMgLwHEuOhtROJz%2B8szpYeJ9FyBz5cfsKHiDaCF5zFQZYVvctqhBdooLcnZ33fBmhGdxhsEe9w"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b7c0091dd-FRA
cf-bgj
imgq:85,h2pri
A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
assets.ad4m.at/product_image/ Frame C838 		422 KB
423 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=600&e=&g=041ebb38454811a790791f204a1326bd%2F12281858215853902489&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471133&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d2cf79989a25b94d2694569e8a8372c34b3cfac8caf3f7c2ae6d97f7e9d02ae

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
670906
cf-polished
origFmt=png, origSize=632572
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
432334
last-modified
Wed, 29 Dec 2021 17:30:00 GMT
server
cloudflare
etag
"ee529fd62e145fb264303add5fb5a944"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BXwOhUQ8LT5YB6AXU18ptBZfmJsQFAxRTHFRlBE4uK6phAYI06xzyMPClesMglaBG3%2FL3FpgqVMewbAJZVT2AtPOKseEDVCZ2IPhuwexJ4x%2Bt8eEstjx5cHY0%2BdV6LQ4RQrYL7sKc82AXcBk"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b7c0191dd-FRA
cf-bgj
imgq:85,h2pri
4CF27F3A6A2F6D91C5A3622C8F01C9A26CFA811CA6347403820EFE1173CC3C68B9FBEA4FDD4B7737FA67797C095DA1E54C193B8458F430E3BCD6ACC6B33929DA
assets.ad4m.at/logo/ Frame C838 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/4CF27F3A6A2F6D91C5A3622C8F01C9A26CFA811CA6347403820EFE1173CC3C68B9FBEA4FDD4B7737FA67797C095DA1E54C193B8458F430E3BCD6ACC6B33929DA
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=600&e=&g=041ebb38454811a790791f204a1326bd%2F12281858215853902489&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471133&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf109a2d05e13d300f3c97cd9aa2b384992564695380c09a8f3a2e7e9cb0201e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
670218
cf-polished
origFmt=png, origSize=51102
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34016
last-modified
Fri, 11 Sep 2020 12:41:45 GMT
server
cloudflare
etag
"b72205dba9a8fc2d6ba54cb26ab2bce2"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvsT3yq6aBiaf8bMo8YA%2BmH82jqIDzwLxwIa%2F4YvvDKKifpZ%2B8B1TmT3aQsopZZuGYpQ0XE%2BqK%2FwjVfKEkrkOiRYC2mQBnT74lDilZlblWOEHxolIMr%2FKw%2BLUiQ3IDXAhzpqRwdRL4Q6%2BDal"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b7c0391dd-FRA
cf-bgj
imgq:85,h2pri
D0B9541CF4E773D41DBC4ABCC9F6E672B34430F49375E17E41F087E6D1C801229BC513C607F51A81B070BEEF036EED35D1C1A6EBC0C47606BF42647C16A34FCE
assets.ad4m.at/product_image/ Frame C838 		162 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/D0B9541CF4E773D41DBC4ABCC9F6E672B34430F49375E17E41F087E6D1C801229BC513C607F51A81B070BEEF036EED35D1C1A6EBC0C47606BF42647C16A34FCE
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=600&e=&g=041ebb38454811a790791f204a1326bd%2F12281858215853902489&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471133&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32b52bf758f52d20e796e3e41e7659aa55242f7cb2a1e67c3cec59ead1916572

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
669045
cf-polished
origFmt=png, origSize=247392
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
166070
last-modified
Thu, 17 Sep 2020 13:15:19 GMT
server
cloudflare
etag
"af15e6f9d7a2a43237c333b681f8c714"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSo2RgMuMQ9fMXG0Cd%2Fgw8V1qmcvrlCX3vFvuCDn68h8ymo0Jnz%2FX0Mmeegnqz9DCgsWCaPEuinMx%2BsoxBuTuFiT4f0phR3adTm0hMZAnZB1Bu5x1lBwT3%2Fz77SK3cy6w3ZcQrmbIwjZh1jK"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b7c0991dd-FRA
cf-bgj
imgq:85,h2pri
default.css
as.ad4m.at/ad/style/0.1.22/one-ad/ Frame 84C0 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=58783%2C182430%2C197862&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=728&d=90&e=&g=31769b53ae3ed83b5e9c7ed5919a74c7%2F6132780761417666784&i=28472%2C20378%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661953471138&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=58783%2C182430%2C197862&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=728&d=90&e=&g=31769b53ae3ed83b5e9c7ed5919a74c7%2F6132780761417666784&i=28472%2C20378%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661953471138&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
167750
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86775
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 29 Aug 2022 15:08:41 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
7436338b5be091dd-FRA
cf-bgj
minify
48731CBABD5EFF809BB0B6CFCC2EB8EB33964D5B485BE7F4D723F6B45BA451318B81C64658AA05BB43E48E2AAD1A9B073D5DEABF0AA97E956C1DF5F665A8B4C9
assets.ad4m.at/logo/ Frame 84C0 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/48731CBABD5EFF809BB0B6CFCC2EB8EB33964D5B485BE7F4D723F6B45BA451318B81C64658AA05BB43E48E2AAD1A9B073D5DEABF0AA97E956C1DF5F665A8B4C9
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=58783%2C182430%2C197862&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=728&d=90&e=&g=31769b53ae3ed83b5e9c7ed5919a74c7%2F6132780761417666784&i=28472%2C20378%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661953471138&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
455d3b555c487828f6ce2b9fac9015a92be6cefbf332adc3d6a13e48f80bd6f0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
668568
cf-polished
origFmt=png, origSize=13586
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2974
last-modified
Wed, 20 Jul 2022 06:39:30 GMT
server
cloudflare
etag
"80403ef2579edb83d2af1d99c6590561"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jivIFY15Ye28hrWkGrItPBtBJKZ8DzjTb%2BAXOJQYHKgLpuAX4OQZ5IfdWkxU7gULPwhY4cQe0nVGiyNnSbneIL%2BW2TZN65ezitsW0dVXiOyrYZvCz%2Bk7puUF8AjzYcnUR9Ehv9peWFaVhTaA"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b5be391dd-FRA
cf-bgj
imgq:85,h2pri
366F4BCC8AA7C1802B6C466A71C3A9456C86A95A87300672A565377D29F38FB722D334588B3617FA25190BA3FD7861CCD595BAB88D490F6CC67C93900613FD93
assets.ad4m.at/product_image/ Frame 84C0 		361 KB
362 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/366F4BCC8AA7C1802B6C466A71C3A9456C86A95A87300672A565377D29F38FB722D334588B3617FA25190BA3FD7861CCD595BAB88D490F6CC67C93900613FD93
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=58783%2C182430%2C197862&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=728&d=90&e=&g=31769b53ae3ed83b5e9c7ed5919a74c7%2F6132780761417666784&i=28472%2C20378%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661953471138&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b78c6aa96175d69ae56638aa814a628fe1f8936f8a4be89e9df0a6e72db4c664

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
586046
cf-polished
origFmt=png, origSize=573072
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
369660
last-modified
Fri, 12 Nov 2021 08:59:20 GMT
server
cloudflare
etag
"01454b80ae1cd73bee09138115bff101"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JG6fD1fvsw8fxpY7tGeTE%2FUqahVCpVi2fLITewkEdatNFFphOeM2SKRYmafupx3BkvYDmZOvo2RbU0k2TMJhbs1LV312k%2B8RjMm9c5%2FHsYPCcfZipMWLovXDoYwRRTKltUH0%2BadAAhBiTD78"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b7c0f91dd-FRA
cf-bgj
imgq:85,h2pri
DF3EBDB3FCE24FC834F2F85316014013F4E151206CAE18EA4C88354CF6C0153F3B7765160D5EA69387D699D6B5C5EB6A05EE7996390346CE5A95D3CAC49089B9
assets.ad4m.at/logo/ Frame 84C0 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF3EBDB3FCE24FC834F2F85316014013F4E151206CAE18EA4C88354CF6C0153F3B7765160D5EA69387D699D6B5C5EB6A05EE7996390346CE5A95D3CAC49089B9
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=58783%2C182430%2C197862&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=728&d=90&e=&g=31769b53ae3ed83b5e9c7ed5919a74c7%2F6132780761417666784&i=28472%2C20378%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661953471138&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf47258e6a4a33e59b9bf905dfdc7e4548112fb722468c0957995386cf30d721

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
667231
cf-polished
origFmt=png, origSize=16809
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5730
last-modified
Wed, 02 Mar 2022 14:20:53 GMT
server
cloudflare
etag
"73bee8dd95fb3c9bd65e83a2d5054e77"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBw0lLnPXBE%2F1s7YF7zsQyf6osohSTI1e68qOWZmtJfpHwucpYE5Ese44FScTvihWyX%2BdTTs04wIeefh8sCqs3GUNlgtY58IDBQpqPXctp88nzid8ct0x0mzCe2ycG%2FMxQBshhCPGs%2BC0Vu1"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b7c1091dd-FRA
cf-bgj
imgq:85,h2pri
F1005ACE378F0455F8FEE9354B7769A5733327C2D2DD1694BEB08A6BC910E8F24AEC52355CB335E4BB8E342664E73159D1E7FB4383ED97D6BE9C62A6CBE5763A
assets.ad4m.at/product_image/ Frame 84C0 		370 KB
370 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F1005ACE378F0455F8FEE9354B7769A5733327C2D2DD1694BEB08A6BC910E8F24AEC52355CB335E4BB8E342664E73159D1E7FB4383ED97D6BE9C62A6CBE5763A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=58783%2C182430%2C197862&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=728&d=90&e=&g=31769b53ae3ed83b5e9c7ed5919a74c7%2F6132780761417666784&i=28472%2C20378%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661953471138&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e002876e0dac7fef9dc879b0347e6c9561413ee8707799d584e21acc050a8a6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
667034
cf-polished
origFmt=png, origSize=591674
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
378518
last-modified
Wed, 02 Mar 2022 14:42:59 GMT
server
cloudflare
etag
"673cc3405650baf2cb9a0d65ecf3cfa5"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FPQn8sj%2BKKFfzeQnfjJE09qU6Eu7uD1BV2fcYdaVoxXB1RZIvWz7Z4K8GUPMWh7nqZ21sZsW33R%2FFB5U95JQjlTMv6QaTHIAnJjyOLEeB%2BKIEcm3rIFkMQofXmxSssznsVs9cvQacSQjHV1"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b7c1691dd-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 84C0 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2729971&v=14369&q=358397&r=412863&pv=1&pref3=oneidbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJoneid__emmaglam_advancedad_728x90&gdpr_consent=&gdpr=0&gdpr_pd={{IAB_CONSENT_PD}
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=58783%2C182430%2C197862&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=728&d=90&e=&g=31769b53ae3ed83b5e9c7ed5919a74c7%2F6132780761417666784&i=28472%2C20378%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661953471138&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.17.141 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-17-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 13:44:31 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
assets.ad4m.at/logo/ Frame 84C0 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=58783%2C182430%2C197862&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=728&d=90&e=&g=31769b53ae3ed83b5e9c7ed5919a74c7%2F6132780761417666784&i=28472%2C20378%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661953471138&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90cbcae2f75cbdcf2a00d82c83cb2926f1a4ad7ab38eb3d629f2e7d3ad72410e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590051
cf-polished
origFmt=png, origSize=53992
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26236
last-modified
Wed, 29 Jun 2022 14:47:26 GMT
server
cloudflare
etag
"e460905652d65e6a54a57da046f52d6c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2FtgM%2FXmYULj6NoF0XYCMsO9mGyM%2Blu0wMPP08zo5pnClo6vBIqpaqoVgYvsEGdbtHYGcOYjDashkdHYlzzXsTEB1ZYjSOzdgaDz76zjFIhw4YC7XVZ6wFudXC3cZTsAK7oCdVVLxHAf%2BUEH"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b7c1991dd-FRA
cf-bgj
imgq:85,h2pri
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 84C0 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=58783%2C182430%2C197862&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=728&d=90&e=&g=31769b53ae3ed83b5e9c7ed5919a74c7%2F6132780761417666784&i=28472%2C20378%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661953471138&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
661426
cf-polished
origFmt=png, origSize=105738
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55798
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3dmFzGYwYvobBLU%2BLJrLQrdwuznB3383t82zXOWGN8Q3JAIqvlefcpCNdK7etWICpvtpinayjHSmySiQ2JlRx1wLvFYxpzI23cyXCc113kPApVzQ%2B2FmpvOntKycIs3AxX4Py90qxuEYP3m"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b7c1b91dd-FRA
cf-bgj
imgq:85,h2pri
banner.php
view.webplexmedia.de/ Frame DD31 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/banner.php?uid=495573400&e=0&p=1&s=0&sid=929&size=5
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
7c522a6bf7e3c6263e27733d969f2387639d6f34dca3ffbb625f31b9f5419c7b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cache-control
no-cache
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
gzip
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
Facebook-1-150x150.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/Facebook-1-150x150.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
0ed40f4d2fbfd0fb9eb11c13ba0200defbd6bfa643134fe6ddfdf0002b81c0a9
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Wed, 31 Aug 2022 13:13:32 GMT
server
nginx
etag
"630f5e7c-23b2"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
9138
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:31 GMT
crosstraining-lizenz-ausbildung-academyofsports-150x150.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/crosstraining-lizenz-ausbildung-academyofsports-150x150.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
fcd36fb7f3ad13e6f2d84898a5b87926d7fa8b2273be6f5d9377e5e5c698b731
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Wed, 31 Aug 2022 13:10:04 GMT
server
nginx
etag
"630f5dac-1ff7"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
8183
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:31 GMT
Electrical-Steel-Sheet-Market-150x150.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/Electrical-Steel-Sheet-Market-150x150.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
e764961fbde84ea138e23879d3cb93f7fd96bccd31808c05c424bdeb5136e448
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Wed, 31 Aug 2022 13:03:16 GMT
server
nginx
etag
"630f5c14-2999"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
10649
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:31 GMT
Tracheostomy-Tube-Accessories-Market-150x150.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/Tracheostomy-Tube-Accessories-Market-150x150.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
35453e2e57b7dd89ebc45fc0387ed811b2a41f2d127f37da6e3084de36b6352c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Wed, 31 Aug 2022 12:41:04 GMT
server
nginx
etag
"630f56e0-227d"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
8829
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:31 GMT
109-150x150.jpg
news8.de/wp-content/uploads/2018/08/ Frame DD31 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2018/08/109-150x150.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
8f54026d94ef1734a1a29ea411fd5fb0b09f02b438b799bf1a088485c4ba045d
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Wed, 13 Jan 2021 03:02:47 GMT
server
nginx
etag
"5ffe62d7-2437"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
9271
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:31 GMT
Wer-manchmal-nachts-aufwacht-hat-nicht-gleich-eine-Schlafstoerung-150x150.jpg
news8.de/wp-content/uploads/2018/11/ Frame DD31 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2018/11/Wer-manchmal-nachts-aufwacht-hat-nicht-gleich-eine-Schlafstoerung-150x150.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
7cc57368a0c50a6797e74ba8a99e457997b7280e497630d249913b8e064bac3e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Wed, 13 Jan 2021 02:17:07 GMT
server
nginx
etag
"5ffe5823-19c0"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
6592
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:31 GMT
Cover-150x150.jpg
news8.de/wp-content/uploads/2020/12/ Frame DD31 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2020/12/Cover-150x150.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
f65fde2255ae7ee1aecf2ac52c2d97f0333bf55f8a2a3f6cb48e7da07cf7b044
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Tue, 12 Jan 2021 22:00:49 GMT
server
nginx
etag
"5ffe1c11-1c42"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
7234
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:31 GMT
banner.php
view.webplexmedia.de/ Frame DD31 		2 KB
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/banner.php?uid=495573400&e=0&p=0&s=0&sid=929&size=4
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
82d02e0d253d4b4aea093b74e3be064f44c6589798a93b8013ef7bfe0ca6a588
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cache-control
no-cache
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
gzip
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
wmac_single_ed352b40673263427125182f31ea6eca.css
news8.de/wp-content/cache/wmac/css/ Frame DD31 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/css/wmac_single_ed352b40673263427125182f31ea6eca.css
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
997c32003a6e783337a31a800313fe2ef5429c60a8a8a56ae51261ceb2380f14

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-1aa1"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
6817
expires
Thu, 01 Sep 2022 13:44:31 GMT
slider.php
view.webplexmedia.de/ Frame DD31 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/slider.php?uid=495573400&e=0&p=1&s=0&sid=929
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
2789e254620426294e85035888c1a4c9f391155c28921dd63053862c7592b75a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cache-control
no-cache
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
gzip
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
wmac_0e5d43f7f51799ce869ab0581ea01a63.js
news8.de/wp-content/cache/wmac/js/ Frame DD31 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/cache/wmac/js/wmac_0e5d43f7f51799ce869ab0581ea01a63.js
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
9d3f94088f77a589448abfffa4bfdddf23d695955b910306b0df53a112fb7f34

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 05 Aug 2021 12:04:06 GMT
server
nginx
etag
"610bd3b6-109f76"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
1089398
expires
Thu, 01 Sep 2022 13:44:31 GMT
default.css
as.ad4m.at/ad/style/0.1.22/one-ad/ Frame 834A 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=250&e=&g=2a12d80c20bafeab3c839a532ff90396%2F243427342487950804&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471133&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=250&e=&g=2a12d80c20bafeab3c839a532ff90396%2F243427342487950804&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471133&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
167750
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86775
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 29 Aug 2022 15:08:41 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
7436338b7c0a91dd-FRA
cf-bgj
minify
60FD20F1676D1F9A06186B287BEA963E2FA606953F8F76587C6A69AEED33F93312327919FFF9BFEAB8F1720429B5E57633ECC66386BA3D90DF72A2018B8A5D7A
assets.ad4m.at/logo/ Frame 834A 		467 KB
467 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/60FD20F1676D1F9A06186B287BEA963E2FA606953F8F76587C6A69AEED33F93312327919FFF9BFEAB8F1720429B5E57633ECC66386BA3D90DF72A2018B8A5D7A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=250&e=&g=2a12d80c20bafeab3c839a532ff90396%2F243427342487950804&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471133&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caf8340f2513401c46bd6623b38cd091850da9664c2f87dc69b1e245824662a7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
666237
cf-polished
origFmt=png, origSize=706198
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
477790
last-modified
Tue, 03 Nov 2020 16:12:21 GMT
server
cloudflare
etag
"7818415cbdf9567ea6f508841c4fe2a7"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHjPati6YuJX0sRNfv49iukfPb0DHbbUZ%2B0n%2B68gsewu8kKZwFYVTQeXBo%2Fdy2e9eglRoNw0QPOJaksYNV%2Fg7EJ7JaTZ6yd7n6iWbJc%2BYErd0zv%2BQs96uFyM0jNBjzGyElr6QLk4m8L%2BdrX1"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b7c0d91dd-FRA
cf-bgj
imgq:85,h2pri
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 834A 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=250&e=&g=2a12d80c20bafeab3c839a532ff90396%2F243427342487950804&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471133&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1180454
cf-polished
qual=85, origFmt=jpeg, origSize=133780
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28740
last-modified
Tue, 18 Feb 2020 10:22:01 GMT
server
cloudflare
etag
"d061ca155f758f490340e147604dc3ee"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ar66q%2BTCSjbLXBnePCzBYP5VUG%2BzlDbgTFfJFbCr1y%2Bd0JDLM%2FtmAbZ2%2B4oso871b7AF8DhK51auA%2FWz8HKBJaX3pzR7xtnoTVb%2B3cfXjcN%2Fa%2BfApdF%2F18uelFO%2BjLKazzLAd7e43ZPq11RQ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b7c1c91dd-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 834A 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneid52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1oneid__emmaglam_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=250&e=&g=2a12d80c20bafeab3c839a532ff90396%2F243427342487950804&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471133&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.17.141 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-17-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 13:44:31 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
assets.ad4m.at/logo/ Frame 834A 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=250&e=&g=2a12d80c20bafeab3c839a532ff90396%2F243427342487950804&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471133&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15cc42ec2a3a08dc0566d2f71a13e462fa764a4390c7d96870b71fd2cf6ff513

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590289
cf-polished
origFmt=png, origSize=12956
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7692
last-modified
Tue, 29 Mar 2022 14:32:10 GMT
server
cloudflare
etag
"c6c297b07f296b60586b8613b6e9b5cd"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXlL1b%2BmLI4%2B7MUNlEVeGA1jEZ%2FsMB6Z4j8hUxn4rdWicGzxbeNgf89DiFaXTKGyFQ04hLq4ZB8UZV5ajee8UcBG%2BC8fpdOFvAQQVQ7upllze%2BDXqmoGsPsZ1aq4zQIcnEKq1rjlH7IsdPhE"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b7c1f91dd-FRA
cf-bgj
imgq:85,h2pri
A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
assets.ad4m.at/product_image/ Frame 834A 		422 KB
423 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=250&e=&g=2a12d80c20bafeab3c839a532ff90396%2F243427342487950804&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471133&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d2cf79989a25b94d2694569e8a8372c34b3cfac8caf3f7c2ae6d97f7e9d02ae

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
670906
cf-polished
origFmt=png, origSize=632572
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
432334
last-modified
Wed, 29 Dec 2021 17:30:00 GMT
server
cloudflare
etag
"ee529fd62e145fb264303add5fb5a944"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMuWh8C7hkqQcpGv3%2FEljSFkZFYIYAWUDqUy1Yjiv%2BJh1yv91W0JUiipD%2F8Q4ss12iy%2FeLO9mYM3xLL%2BLcjfYfsoNr77J1dMPWGZLOzJo5FQI1nw2xLAfqfShjf6hV5uTPdBRKddVpIAoIEC"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b7c2091dd-FRA
cf-bgj
imgq:85,h2pri
4CF27F3A6A2F6D91C5A3622C8F01C9A26CFA811CA6347403820EFE1173CC3C68B9FBEA4FDD4B7737FA67797C095DA1E54C193B8458F430E3BCD6ACC6B33929DA
assets.ad4m.at/logo/ Frame 834A 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/4CF27F3A6A2F6D91C5A3622C8F01C9A26CFA811CA6347403820EFE1173CC3C68B9FBEA4FDD4B7737FA67797C095DA1E54C193B8458F430E3BCD6ACC6B33929DA
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=250&e=&g=2a12d80c20bafeab3c839a532ff90396%2F243427342487950804&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471133&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf109a2d05e13d300f3c97cd9aa2b384992564695380c09a8f3a2e7e9cb0201e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
670218
cf-polished
origFmt=png, origSize=51102
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34016
last-modified
Fri, 11 Sep 2020 12:41:45 GMT
server
cloudflare
etag
"b72205dba9a8fc2d6ba54cb26ab2bce2"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDcihmAY3G%2FzfQUr22JfQoebxMSKXl2AsIVIbrieL8k4W64LoHHS32IJ5ip4bkIb1MFONDkrwpE5Pouxf%2FTRUT1s6xpIQdPfBYQBFISuBk4ic%2FzJj%2BHzrZUmnMZIF9zShqza3QcM4Z9jvnVd"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b7c2291dd-FRA
cf-bgj
imgq:85,h2pri
D0B9541CF4E773D41DBC4ABCC9F6E672B34430F49375E17E41F087E6D1C801229BC513C607F51A81B070BEEF036EED35D1C1A6EBC0C47606BF42647C16A34FCE
assets.ad4m.at/product_image/ Frame 834A 		162 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/D0B9541CF4E773D41DBC4ABCC9F6E672B34430F49375E17E41F087E6D1C801229BC513C607F51A81B070BEEF036EED35D1C1A6EBC0C47606BF42647C16A34FCE
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=250&e=&g=2a12d80c20bafeab3c839a532ff90396%2F243427342487950804&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471133&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32b52bf758f52d20e796e3e41e7659aa55242f7cb2a1e67c3cec59ead1916572

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
669045
cf-polished
origFmt=png, origSize=247392
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
166070
last-modified
Thu, 17 Sep 2020 13:15:19 GMT
server
cloudflare
etag
"af15e6f9d7a2a43237c333b681f8c714"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3ZVOiBJNSaP4uF6zGMGCsepqiWPihW%2FovzCMO63HhWXPWx6E8Z8Y3%2FQ%2BPF6%2F0uN2SGaU95kFSdWA7vEkw5DNEO03mF7PWi3w1sOTBQ1dq%2FZJk8A6FrF%2FjMpxQwvwzTGPUhupadRm0dKqH3Y"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338b7c2391dd-FRA
cf-bgj
imgq:85,h2pri
wp-emoji-release.min.js
news8.de/wp-includes/js/ Frame DD31 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Thu, 04 Feb 2021 08:32:13 GMT
server
nginx
etag
"601bb10d-3795"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
14229
expires
Thu, 01 Sep 2022 13:44:31 GMT
jsapi
www.google.com/ Frame DD31 		0
0
syncframe
gum.criteo.com/ Frame 3EE0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=dragonball-tube.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ad4.adfarm1.adition.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 13:44:30 GMT
server-processing-duration-in-ticks
1965
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 2C6D 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d91c38797a4f40c02b517763adb6b8d25ca0d0af244856025ecc3543b8540679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 00:22:08 GMT
server
nginx
etag
W/"63041db0-15cdc"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 01 Sep 2022 13:44:31 GMT
id.html
st.chatango.com/h5/gz/r0817221641/ Frame DD4E 		681 KB
219 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://st.chatango.com/h5/gz/r0817221641/id.html
Requested by
Host: st.chatango.com
URL: https://st.chatango.com/js/gz/emb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.28 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
05cfeecca96c97e0d3f0106989942e329e2d69591925e0ca99fef0aee32ceee9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
224127
Content-Type
text/html
Date
Wed, 31 Aug 2022 13:44:31 GMT
Expires
Thu, 31 Aug 2023 13:44:31 GMT
Last-Modified
Wed, 17 Aug 2022 23:45:11 GMT
P3P
CP="Chatango does not have a P3P policy. Please see our privacy policy: http://chatango.com/page?full_privacy"
Server
nginx
r.json
st.chatango.com/cfg/nc/ 		20 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://st.chatango.com/cfg/nc/r.json?2613530020000181449632861
Requested by
Host: st.chatango.com
URL: https://st.chatango.com/js/gz/emb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.28 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
6eea499926669878dc267d25feeebbfd7826db0e55b82ce10db9e0004a3172b7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 13:44:32 GMT
Last-Modified
Wed, 17 Aug 2022 23:45:11 GMT
Server
nginx
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20
hit
news8.de/wp-json/wp-statistics/v2/ Frame DD31 		66 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-json/wp-statistics/v2/hit?_=1661953470&_wpnonce=0477f10b59&wp_statistics_hit_rest=yes&browser=Chrome&platform=Windows&version=10.0&referred=https://view.webplexmedia.de/&ip=95.211.199.155&exclusion_match=no&exclusion_reason&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/105.0.5195.52%20Safari/537.36&track_all=1&timestamp=1661960670&current_page_type=home&current_page_id=0&search_query&page_uri=/&user_id=0
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
b03bec9e9bb215c735a4323b2c71d906529b613498bc46eefa00fa0f1288ea8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://news8.de/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

vary
Origin
date
Wed, 31 Aug 2022 13:44:31 GMT
x-content-type-options
nosniff
server
nginx
link
<https://news8.de/wp-json/>; rel="https://api.w.org/"
allow
GET
content-type
application/json; charset=UTF-8
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=86400
x-robots-tag
noindex
x-wp-nonce
0477f10b59
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:31 GMT
sid
mug.criteo.com/ Frame 3EE0
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ad4.adfarm1.adition.com&sn=ChromeSyncframe&so=0&topUrl=dragonball-tube.com&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=ew9SSHxjRCszeWEyWUpBb1lETmVHNDloYnFrYnpwOTM3K1VoTDlRa2VXUVlwWTNqUVZBMnltSnFabnFYcFdWZU1uTUNRdlljTWdldDlIdDV4WWx4VTROUGh2V1hQNjRESmU1Wk95RlBUT0VYMUNUdUlhQjQ1SGxzUktUWE...
462 B
674 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ew9SSHxjRCszeWEyWUpBb1lETmVHNDloYnFrYnpwOTM3K1VoTDlRa2VXUVlwWTNqUVZBMnltSnFabnFYcFdWZU1uTUNRdlljTWdldDlIdDV4WWx4VTROUGh2V1hQNjRESmU1Wk95RlBUT0VYMUNUdUlhQjQ1SGxzUktUWEdXTHYxZ2M2Y0lmVTZUc1VqWUtuQlZRSlFBSHJtb0lVdWNNVGRnVlJVdHpOOGJBczNYVDQzdkV4ajZnU1g3d1pDaThGVFVLZXd2Wm5MK1lOZVYya1dmblByN2FFWHM5QlNDanp1ck1HOVZiRXRtKzFaemU2Z2pZb2R0OFp4cVlzR3BaQ0ttdXVRNW5ndkNodHM5cS8xcitLQk8yT1lzZjMweXpQUHhkc0YzQlRtdzVNZHo2YUNoOVdSejFOYzFRbGxRMll2TmMzOHw&cppv=2
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d25331f1455f29e2c4c97800b12dd968520098c4197e2bfc27ecb8eda36cc2c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 13:44:31 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2594838
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Aug 2022 13:44:30 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=ew9SSHxjRCszeWEyWUpBb1lETmVHNDloYnFrYnpwOTM3K1VoTDlRa2VXUVlwWTNqUVZBMnltSnFabnFYcFdWZU1uTUNRdlljTWdldDlIdDV4WWx4VTROUGh2V1hQNjRESmU1Wk95RlBUT0VYMUNUdUlhQjQ1SGxzUktUWEdXTHYxZ2M2Y0lmVTZUc1VqWUtuQlZRSlFBSHJtb0lVdWNNVGRnVlJVdHpOOGJBczNYVDQzdkV4ajZnU1g3d1pDaThGVFVLZXd2Wm5MK1lOZVYya1dmblByN2FFWHM5QlNDanp1ck1HOVZiRXRtKzFaemU2Z2pZb2R0OFp4cVlzR3BaQ0ttdXVRNW5ndkNodHM5cS8xcitLQk8yT1lzZjMweXpQUHhkc0YzQlRtdzVNZHo2YUNoOVdSejFOYzFRbGxRMll2TmMzOHw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1437
content-length
594
expires
0
link.html
track.webgains.com/ Frame E67B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h4ma4589gkypsrc5rphs8wz7ak0sheezdr7f04bk034thsjp06j6j85x9wrmm6vy54stx8v1v08kdzvpfkaeqaesjfn66dapdx2kkzfw63wnz93dg1r6f84gswmeztbqd5xxqw91ynh915fjxdqpv2xf3bb3q1gb7gvwx3xftw6k5mf4th5vxd6y0efq2r4b65r6hsn36w38c75dkqeht0fmgqth39sn6q8khf4p83yythevw09tst68jfe5pzfk1qfg%26a%3D&clickref=oneide5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1oneid__emmaglam_advancedad_160x600&viewref=oneidXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJoneid__emmaglam_advancedad_160x600
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200038%2C198961&b=XgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ%2CGD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7&f=e5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1%2CVQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ&c=160&d=600&e=&g=7ea91e771920b8b21b1bc32acf478e32%2F16387982739420500580&i=71725%2C22499%2C71690&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661953471132&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
07cfc76c479a977c2d7a65f3b1e0ce319ce56d01bdafd34ebbdd819083429f47

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Wed, 31 Aug 2022 13:44:31 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 13:45:31 GMT
default.css
as.ad4m.at/ad/style/0.1.22/one-ad/ Frame EDB5 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=200038%2C198961%2C19769&b=GD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=VQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=964718de9fa25e82662452021fb383c0%2F16559786827644174996&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471139&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=200038%2C198961%2C19769&b=GD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=VQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=964718de9fa25e82662452021fb383c0%2F16559786827644174996&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471139&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
167750
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86775
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 29 Aug 2022 15:08:41 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
7436338c4d5291dd-FRA
cf-bgj
minify
822734168B827B1A0E57FF53EC6CBFBBD002FC8D7460BA6B8DE6F46F0023BD74E50D9FBBA049A063AB16B30699CAF8E6582A3DFB3481ACA57EB03EB039D10995
assets.ad4m.at/logo/ Frame EDB5 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/822734168B827B1A0E57FF53EC6CBFBBD002FC8D7460BA6B8DE6F46F0023BD74E50D9FBBA049A063AB16B30699CAF8E6582A3DFB3481ACA57EB03EB039D10995
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=200038%2C198961%2C19769&b=GD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=VQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=964718de9fa25e82662452021fb383c0%2F16559786827644174996&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471139&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5b58613de02a2628489f5253cbf992b173ce8a399697cb943ccf415375a9f4e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
670816
cf-polished
origFmt=png, origSize=48887
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33666
last-modified
Mon, 19 Oct 2020 12:32:26 GMT
server
cloudflare
etag
"4fe1ecb98ff38283cdb2ae157e399ba2"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3rvzcpbCa%2B6D0uyFOCOrrrY96SpTUMdJKgvTUtltphKtNW%2FKWSMXf4s8Q%2FYlPFy91Rliu%2Flu06BLGg77R4Ky8FuunFoH3vroMF59eXdtL77JXylECXCNvG0v%2BmOFwGytknJFZr9Ks4T0DUN"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338c4d5491dd-FRA
cf-bgj
imgq:85,h2pri
FDC0EE75F4B2311BE701729B216D406C0411C7D7907D89093BEA0B0A5BB1014BACEF20E044DCCDCD3B16D829E6016F634887800BF4A4A53A7CEA85247B2186D8
assets.ad4m.at/product_image/ Frame EDB5 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FDC0EE75F4B2311BE701729B216D406C0411C7D7907D89093BEA0B0A5BB1014BACEF20E044DCCDCD3B16D829E6016F634887800BF4A4A53A7CEA85247B2186D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=200038%2C198961%2C19769&b=GD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=VQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=964718de9fa25e82662452021fb383c0%2F16559786827644174996&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471139&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed54662d8d90a7019c364180d5260b0820e6e39dba28600f1f704c33943a1486

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2577871
cf-polished
qual=85, origFmt=jpeg, origSize=86273
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
81198
last-modified
Wed, 27 Jul 2022 12:26:16 GMT
server
cloudflare
etag
"255b597e80e22e9d856630ead83ab789"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avSifFoP5nOPUPOx7zFEc1pvqFIf%2FXA5Mfv4aTa9JmKQI6HdMU4tF7vcqwhM0N%2F9LKL3MJQl2umOcrz3tHFEHyLQhjdbpDBOHkgp5egk1vGbehQP81kuccM0rRP1bsoJUH1THIbNzjPw96%2FN"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338c4d5e91dd-FRA
cf-bgj
imgq:85,h2pri
D79C954E206D0E4D62CE2FD6A790CCF3F307301C2B3749F53C1D942235F0DB56EC61BF133CCA8286AF0CB6184EAACC180FE6AE7DAF2C030A5FC4FB233DC1862E
assets.ad4m.at/logo/ Frame EDB5 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D79C954E206D0E4D62CE2FD6A790CCF3F307301C2B3749F53C1D942235F0DB56EC61BF133CCA8286AF0CB6184EAACC180FE6AE7DAF2C030A5FC4FB233DC1862E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=200038%2C198961%2C19769&b=GD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=VQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=964718de9fa25e82662452021fb383c0%2F16559786827644174996&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471139&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6077d96b9bd1b7071f971ce7fb559e3e57af37df56ac67b9c2d64b2b8796fbd4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
662031
cf-polished
origFmt=png, origSize=67209
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44330
last-modified
Wed, 13 Jul 2022 10:30:32 GMT
server
cloudflare
etag
"8e0be36dfd6d499fc28a6f3e19920b0b"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Glz1K47zBsk8sZv3Thlkuv6X%2F8X9JUPS3HnqkJoVITI%2F6m%2B61zVqNYB%2BqoNs85Istwgq7euQcSquOrnbz8%2FruoIINXyl64qvo0PK%2FF7E2Wavfqef2QP2puP5sbTddt6YoHlqCY8ygj2UsvYO"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338c4d6091dd-FRA
cf-bgj
imgq:85,h2pri
228AE3BC27B59997BB38FAE9B35BF19F78E1A83D3EEE4F366E97EB15815360D99C4F0AA46F2DFD8AB7A011602A783946A7F0B5421349CAC837964DFF6096C972
assets.ad4m.at/product_image/ Frame EDB5 		201 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/228AE3BC27B59997BB38FAE9B35BF19F78E1A83D3EEE4F366E97EB15815360D99C4F0AA46F2DFD8AB7A011602A783946A7F0B5421349CAC837964DFF6096C972
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=200038%2C198961%2C19769&b=GD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=VQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=964718de9fa25e82662452021fb383c0%2F16559786827644174996&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471139&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50df5c94512b11c2f4c8357774f25d123c5a39c120796dcc5b1d9ec8df548e83

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
666486
cf-polished
origFmt=png, origSize=310324
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
205550
last-modified
Wed, 13 Jul 2022 10:46:44 GMT
server
cloudflare
etag
"ca68d721f16044ab0bd800156f6dd789"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUDE9X5Jlum94AjVo1CesVVIw84iqce3C9E8HO0QYcNa9h9FlnqkWHISwcnBAqkzG6KsxmY4U508h7OUiGRE3PMt9m9JB%2B2eDPpE8xfzrrc9JNBRMZiswPMwMM6WafiERpMwx6sCeVYqKepq"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338c4d6191dd-FRA
cf-bgj
imgq:85,h2pri
60FD20F1676D1F9A06186B287BEA963E2FA606953F8F76587C6A69AEED33F93312327919FFF9BFEAB8F1720429B5E57633ECC66386BA3D90DF72A2018B8A5D7A
assets.ad4m.at/logo/ Frame EDB5 		467 KB
467 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/60FD20F1676D1F9A06186B287BEA963E2FA606953F8F76587C6A69AEED33F93312327919FFF9BFEAB8F1720429B5E57633ECC66386BA3D90DF72A2018B8A5D7A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=200038%2C198961%2C19769&b=GD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=VQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=964718de9fa25e82662452021fb383c0%2F16559786827644174996&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471139&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caf8340f2513401c46bd6623b38cd091850da9664c2f87dc69b1e245824662a7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
666237
cf-polished
origFmt=png, origSize=706198
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
477790
last-modified
Tue, 03 Nov 2020 16:12:21 GMT
server
cloudflare
etag
"7818415cbdf9567ea6f508841c4fe2a7"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryZiIcxyNppsaNts0PPGPX6hVzz5mnTQaa8NeDMzjy3SReUPX2rXcuXBLbdj3NeXh17KqL%2BzrAGiD16qdUSMq7IOoQy%2BNzv1wKHJHLFelOcZBzOa658Q7dgefvro3HIGjjgz10FZZWpFX8rg"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338c4d6291dd-FRA
cf-bgj
imgq:85,h2pri
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame EDB5 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=200038%2C198961%2C19769&b=GD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=VQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=964718de9fa25e82662452021fb383c0%2F16559786827644174996&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471139&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1180454
cf-polished
qual=85, origFmt=jpeg, origSize=133780
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28740
last-modified
Tue, 18 Feb 2020 10:22:01 GMT
server
cloudflare
etag
"d061ca155f758f490340e147604dc3ee"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWJGhaKa2bcIdOXSBsThAq8R%2FGGiwR8RtLOFFEfH9MtBDnhXg9H4VsUh3kpmEFvn2Nb20asOF2n%2B9gpkYFTyRNCqdvCXqa6l3p%2BogjmuhImk2y4mglZ0iKgw%2Fyjyqi%2F2pXAdkxpT%2BXgZXAp5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:31 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7436338c4d6491dd-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame EDB5 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneid52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1oneid__emmaglam_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=200038%2C198961%2C19769&b=GD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=VQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=964718de9fa25e82662452021fb383c0%2F16559786827644174996&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471139&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.17.141 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-17-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 13:44:31 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
link.html
track.webgains.com/ Frame E67B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3400951&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gt1r3gsw5wbdn98tryvn9v27ae4cmc6ve3y7pemg3g7g3rp00n4w165d4vnhgspt6m5yhvz43p4xtnwnyapf7c69qey11m6cpwjvx6twnr2yxtrefnhvp90y76yq17awxkye4gytgwwa85sn9kafpnehmz0eyjz1162t5kfh8pcwh330mq5c33p0v720b1axfkdx3jm2f34ayy5ybh5nc9229kqc3rd1972ts4mmn2hz3t53ap6mhbzw33y0s7hnav4w%26a%3D&clickref=oneidVQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQoneid__emmaglam_advancedad_160x600&viewref=oneidGD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtEoneid__emmaglam_advancedad_160x600
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200038%2C198961&b=XgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ%2CGD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7&f=e5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1%2CVQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ&c=160&d=600&e=&g=7ea91e771920b8b21b1bc32acf478e32%2F16387982739420500580&i=71725%2C22499%2C71690&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661953471132&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
d491b524fd9bd7333918701c6c039b2f5937ceabd2e23c1839f5c0d64a298432

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Wed, 31 Aug 2022 13:44:31 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 13:45:31 GMT
link.html
track.webgains.com/ Frame E67B 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3459435&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jm9acj5magrqwpgjw8dr60v14jeyps6sv01em5422jpxgh97ggg46rffcywj2ewzd2z588cd5219mnwkydr7tywq4h15r74ycktdf9sb4mvwvnka0kxx3fvnbb6vtrecx4vhp0v1kmgv20qs8try239pqvfvs7963h7accgk48sjjbnf41qq4gtt8nf08krrjm78axkmcx9pbkvzxegq21az5awes7n3153va3c4wj9swx6ey2n47fv16zfqzdnb6zw8%26a%3D&clickref=oneidXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJoneid__emmaglam_advancedad_160x600&viewref=oneid6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7oneid__emmaglam_advancedad_160x600
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200038%2C198961&b=XgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ%2CGD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7&f=e5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1%2CVQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ&c=160&d=600&e=&g=7ea91e771920b8b21b1bc32acf478e32%2F16387982739420500580&i=71725%2C22499%2C71690&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661953471132&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
a30e5e625ff14472418113ed08d6deeaf0e39daf7c78a677d071304c2a48ba81

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Wed, 31 Aug 2022 13:44:31 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 13:45:31 GMT
version.json
consent.cookiefirst.com/sites/news8.de-bb9377db-6a76-431a-8f04-e7675f72404e/ Frame DD31 		44 B
774 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/sites/news8.de-bb9377db-6a76-431a-8f04-e7675f72404e/version.json?v=1661953471422
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-731.bunnyinfra.net
Software
Cookie First CDN-AT-731 /
Resource Hash
a3157264639ee750d4f264e717ad00d0c1502d3d04e4f2ab6c7249cefd1bb13f

Request headers

Accept
application/json
Referer
https://news8.de/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
cdn-edgestorageid
731
cdn-fileserver
338
cdn-storageserver
DE-200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cdn-cachedat
08/31/2022 13:44:31
cdn-pullzone
236985
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length
44
server
Cookie First CDN-AT-731
access-control-allow-origin
*
visitor-location
NL
last-modified
Mon, 11 Apr 2022 20:51:53 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"625494e9-2c"
content-type
application/json
cdn-cache
BYPASS
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cache-control
public, max-age=15
cdn-requestid
e501b7bf09fc5b62a925e9ba5f5d02a3
accept-ranges
bytes
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True
link.html
track.webgains.com/ Frame 9CCC 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k1d29100sjvdmbgpqt1k7vt731wxgat3y3nkakq29p8nrk1rhv30x1dddmat9388q12344zz437rb31xzr7dsc6ypmkx1aw3td5qphxtrxxfq5ybjxj3xn1sp4cef5w017brytaf7azxr4qsp78rx79qbm7tgfk4rn2efexd6tx49zz19ppd6pfqa4v30mfqnshgwj66pg0cxs7kgkwed8kncj5s5kz54jm2j75wr02bvqyk86xyc10p4gqyvd11g%26a%3D&clickref=oneidK783aRfZf5Gps5HMHktzCBX8u7Srt7eHqoneid__emmaglam_advancedad_300x600&viewref=oneiddpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTjoneid__emmaglam_advancedad_300x600
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C202438%2C183975&b=dpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=K783aRfZf5Gps5HMHktzCBX8u7Srt7eHq%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=600&e=&g=0bb93e021ccb1a459333b4d84bbb1e63%2F6572354349658930294&i=20430%2C82994%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471135&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c3adf17d1e772530c629a8027fb51f2dd8170ec85d16d6797803287b7ba0f6ca

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Wed, 31 Aug 2022 13:44:31 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 13:45:31 GMT
link.html
track.webgains.com/ Frame 9CCC 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g0jjx8e3gj93qmz4ax2syv2ea89bdnwsy96nf9q4dsqkv154jvxjgkwq1n8vc6x0arwe1kaxv6srg1yxx122mgyb7tvxspjq4r8der8f0k30w4we1ezwaevxwrr5g7nwb1we9715pcre5mbgvfetfqzkyz6e75e2x9vzv80v1ppaf0me7dqcqy1swn11twam66tkfn0shtm0axpsgc8nj0bhten1934w3a78xjnxr0n9j0e8hp02mfg9szccyghs3kg%26a%3D&clickref=oneidr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtdoneid__emmaglam_advancedad_300x600&viewref=oneid4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsKoneid__emmaglam_advancedad_300x600
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C202438%2C183975&b=dpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=K783aRfZf5Gps5HMHktzCBX8u7Srt7eHq%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=600&e=&g=0bb93e021ccb1a459333b4d84bbb1e63%2F6572354349658930294&i=20430%2C82994%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471135&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
fc7a25365244602b9b9a5de42f997b09a6705a6fdb0de9f5a549f93e06079396

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Wed, 31 Aug 2022 13:44:31 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 13:45:31 GMT
bgone.png
news8.de/wp-content/themes/newsup-pro/images/bg-pattern/ Frame DD31 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/themes/newsup-pro/images/bg-pattern/bgone.png
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
672837f7c3468f78dc467f095815667f2d257ee045d320ed95a19232937e54ba
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Wed, 03 Feb 2021 00:20:08 GMT
server
nginx
etag
"6019ec38-c8d"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
3213
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:31 GMT
cropped-new8deheader-1.png
news8.de/wp-content/uploads/2021/02/ Frame DD31 		201 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2021/02/cropped-new8deheader-1.png
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
377f111f5b9b9a0f4b13fbd238493ecf98c07354de272b8558eb4cf8966714ee
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Wed, 03 Feb 2021 23:14:34 GMT
server
nginx
etag
"601b2e5a-32253"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
205395
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:31 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ Frame DD31 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=ABeeZee%7CAbel%7CAbril+Fatface%7CAclonica%7CAcme%7CActor%7CAdamina%7CAdvent+Pro%7CAguafina+Script%7CAkronim%7CAladin%7CAldrich%7CAlef%7CAlegreya%7CAlegreya+SC%7CAlegreya+Sans%7CAlegreya+Sans+SC%7CAlex+Brush%7CAlfa+Slab+One%7CAlice%7CAlike%7CAlike+Angular%7CAllan%7CAllerta%7CAllerta+Stencil%7CAllura%7CAlmendra%7CAlmendra+Display%7CAlmendra+SC%7CAmarante%7CAmaranth%7CAmatic+SC%7CAmatica+SC%7CAmethysta%7CAmiko%7CAmiri%7CAmita%7CAnaheim%7CAndada%7CAndika%7CAngkor%7CAnnie+Use+Your+Telescope%7CAnonymous+Pro%7CAntic%7CAntic+Didone%7CAntic+Slab%7CAnton%7CArapey%7CArbutus%7CArbutus+Slab%7CArchitects+Daughter%7CArchivo+Black%7CArchivo+Narrow%7CAref+Ruqaa%7CArima+Madurai%7CArimo%7CArizonia%7CArmata%7CArtifika%7CArvo%7CArya%7CAsap%7CAsar%7CAsset%7CAssistant%7CAstloch%7CAsul%7CAthiti%7CAtma%7CAtomic+Age%7CAubrey%7CAudiowide%7CAutour+One%7CAverage%7CAverage+Sans%7CAveria+Gruesa+Libre%7CAveria+Libre%7CAveria+Sans+Libre%7CAveria+Serif+Libre%7CBad+Script%7CBaloo%7CBaloo+Bhai%7CBaloo+Da%7CBaloo+Thambi%7CBalthazar%7CBangers%7CBasic%7CBattambang%7CBaumans%7CBayon%7CBelgrano%7CBelleza%7CBenchNine%7CBentham%7CBerkshire+Swash%7CBevan%7CBigelow+Rules%7CBigshot+One%7CBilbo%7CBilbo+Swash+Caps%7CBioRhyme%7CBioRhyme+Expanded%7CBiryani%7CBitter%7CBlack+Ops+One%7CBokor%7CBonbon%7CBoogaloo%7CBowlby+One%7CBowlby+One+SC%7CBrawler%7CBree+Serif%7CBubblegum+Sans%7CBubbler+One%7CBuda%7CBuenard%7CBungee%7CBungee+Hairline%7CBungee+Inline%7CBungee+Outline%7CBungee+Shade%7CButcherman%7CButterfly+Kids%7CCabin%7CCabin+Condensed%7CCabin+Sketch%7CCaesar+Dressing%7CCagliostro%7CCairo%7CCalligraffitti%7CCambay%7CCambo%7CCandal%7CCantarell%7CCantata+One%7CCantora+One%7CCapriola%7CCardo%7CCarme%7CCarrois+Gothic%7CCarrois+Gothic+SC%7CCarter+One%7CCatamaran%7CCaudex%7CCaveat%7CCaveat+Brush%7CCedarville+Cursive%7CCeviche+One%7CChanga%7CChanga+One%7CChango%7CChathura%7CChau+Philomene+One%7CChela+One%7CChelsea+Market%7CChenla%7CCherry+Cream+Soda%7CCherry+Swash%7CChewy%7CChicle%7CChivo%7CChonburi%7CCinzel%7CCinzel+Decorative%7CClicker+Script%7CCoda%7CCoda+Caption%7CCodystar%7CCoiny%7CCombo%7CComfortaa%7CComing+Soon%7CConcert+One%7CCondiment%7CContent%7CContrail+One%7CConvergence%7CCookie%7CCopse%7CCorben%7CCormorant%7CCormorant+Garamond%7CCormorant+Infant%7CCormorant+SC%7CCormorant+Unicase%7CCormorant+Upright%7CCourgette%7CCousine%7CCoustard%7CCovered+By+Your+Grace%7CCrafty+Girls%7CCreepster%7CCrete+Round%7CCrimson+Text%7CCroissant+One%7CCrushed%7CCuprum%7CCutive%7CCutive+Mono%7CDamion%7CDancing+Script%7CDangrek%7CDavid+Libre%7CDawning+of+a+New+Day%7CDays+One%7CDekko%7CDelius%7CDelius+Swash+Caps%7CDelius+Unicase%7CDella+Respira%7CDenk+One%7CDevonshire%7CDhurjati%7CDidact+Gothic%7CDiplomata%7CDiplomata+SC%7CDomine%7CDonegal+One%7CDoppio+One%7CDorsa%7CDosis%7CDr+Sugiyama%7CDroid+Sans%7CDroid+Sans+Mono%7CDroid+Serif%7CDuru+Sans%7CDynalight%7CEB+Garamond%7CEagle+Lake%7CEater%7CEconomica%7CEczar%7CEk+Mukta%7CEl+Messiri%7CElectrolize%7CElsie%7CElsie+Swash+Caps%7CEmblema+One%7CEmilys+Candy%7CEngagement%7CEnglebert%7CEnriqueta%7CErica+One%7CEsteban%7CEuphoria+Script%7CEwert%7CExo%7CExo+2%7CExpletus+Sans%7CFanwood+Text%7CFarsan%7CFascinate%7CFascinate+Inline%7CFaster+One%7CFasthand%7CFauna+One%7CFederant%7CFedero%7CFelipa%7CFenix%7CFinger+Paint%7CFira+Mono%7CFira+Sans%7CFjalla+One%7CFjord+One%7CFlamenco%7CFlavors%7CFondamento%7CFontdiner+Swanky%7CForum%7CFrancois+One%7CFrank+Ruhl+Libre%7CFreckle+Face%7CFredericka+the+Great%7CFredoka+One%7CFreehand%7CFresca%7CFrijole%7CFruktur%7CFugaz+One%7CGFS+Didot%7CGFS+Neohellenic%7CGabriela%7CGafata%7CGalada%7CGaldeano%7CGalindo%7CGentium+Basic%7CGentium+Book+Basic%7CGeo%7CGeostar%7CGeostar+Fill%7CGermania+One%7CGidugu%7CGilda+Display%7CGive+You+Glory%7CGlass+Antiqua%7CGlegoo%7CGloria+Hallelujah%7CGoblin+One%7CGochi+Hand%7CGorditas%7CGoudy+Bookletter+1911%7CGraduate%7CGrand+Hotel%7CGravitas+One%7CGreat+Vibes%7CGriffy%7CGruppo%7CGudea%7CGurajada%7CHabibi%7CHalant%7CHammersmith+One%7CHanalei%7CHanalei+Fill%7CHandlee%7CHanuman%7CHappy+Monkey%7CHarmattan%7CHeadland+One%7CHeebo%7CHenny+Penny%7CHerr+Von+Muellerhoff%7CHind%7CHind+Guntur%7CHind+Madurai%7CHind+Siliguri%7CHind+Vadodara%7CHoltwood+One+SC%7CHomemade+Apple%7CHomenaje%7CIM+Fell+DW+Pica%7CIM+Fell+DW+Pica+SC%7CIM+Fell+Double+Pica%7CIM+Fell+Double+Pica+SC%7CIM+Fell+English%7CIM+Fell+English+SC%7CIM+Fell+French+Canon%7CIM+Fell+French+Canon+SC%7CIM+Fell+Great+Primer%7CIM+Fell+Great+Primer+SC%7CIceberg%7CIceland%7CImprima%7CInconsolata%7CInder%7CIndie+Flower%7CInika%7CInknut+Antiqua%7CIrish+Grover%7CIstok+Web%7CItaliana%7CItalianno%7CItim%7CJacques+Francois%7CJacques+Francois+Shadow%7CJaldi%7CJim+Nightshade%7CJockey+One%7CJolly+Lodger%7CJomhuria%7CJosefin+Sans%7CJosefin+Slab%7CJoti+One%7CJudson%7CJulee%7CJulius+Sans+One%7CJunge%7CJura%7CJust+Another+Hand%7CJust+Me+Again+Down+Here%7CKadwa%7CKalam%7CKameron%7CKanit%7CKantumruy%7CKarla%7CKarma%7CKatibeh%7CKaushan+Script%7CKavivanar%7CKavoon%7CKdam+Thmor%7CKeania+One%7CKelly+Slab%7CKenia%7CKhand%7CKhmer%7CKhula%7CKite+One%7CKnewave%7CKotta+One%7CKoulen%7CKranky%7CKreon%7CKristi%7CKrona+One%7CKumar+One%7CKumar+One+Outline%7CKurale%7CLa+Belle+Aurore%7CLaila%7CLakki+Reddy%7CLalezar%7CLancelot%7CLateef%7CLato%7CLeague+Script%7CLeckerli+One%7CLedger%7CLekton%7CLemon%7CLemonada%7CLibre+Baskerville%7CLibre+Franklin%7CLife+Savers%7CLilita+One%7CLily+Script+One%7CLimelight%7CLinden+Hill%7CLobster%7CLobster+Two%7CLondrina+Outline%7CLondrina+Shadow%7CLondrina+Sketch%7CLondrina+Solid%7CLora%7CLove+Ya+Like+A+Sister%7CLoved+by+the+King%7CLovers+Quarrel%7CLuckiest+Guy%7CLusitana%7CLustria%7CMacondo%7CMacondo+Swash+Caps%7CMada%7CMagra%7CMaiden+Orange%7CMaitree%7CMako%7CMallanna%7CMandali%7CMarcellus%7CMarcellus+SC%7CMarck+Script%7CMargarine%7CMarko+One%7CMarmelad%7CMartel%7CMartel+Sans%7CMarvel%7CMate%7CMate+SC%7CMaven+Pro%7CMcLaren%7CMeddon%7CMedievalSharp%7CMedula+One%7CMeera+Inimai%7CMegrim%7CMeie+Script%7CMerienda%7CMerienda+One%7CMerriweather%7CMerriweather+Sans%7CMetal%7CMetal+Mania%7CMetamorphous%7CMetrophobic%7CMichroma%7CMilonga%7CMiltonian%7CMiltonian+Tattoo%7CMiniver%7CMiriam+Libre%7CMirza%7CMiss+Fajardose%7CMitr%7CModak%7CModern+Antiqua%7CMogra%7CMolengo%7CMolle%7CMonda%7CMonofett%7CMonoton%7CMonsieur+La+Doulaise%7CMontaga%7CMontez%7CMontserrat%7CMontserrat+Alternates%7CMontserrat+Subrayada%7CMoul%7CMoulpali%7CMountains+of+Christmas%7CMouse+Memoirs%7CMr+Bedfort%7CMr+Dafoe%7CMr+De+Haviland%7CMrs+Saint+Delafield%7CMrs+Sheppards%7CMukta+Vaani%7CMuli%7CMystery+Quest%7CNTR%7CNeucha%7CNeuton%7CNew+Rocker%7CNews+Cycle%7CNiconne%7CNixie+One%7CNobile%7CNokora%7CNorican%7CNosifer%7CNothing+You+Could+Do%7CNoticia+Text%7CNoto+Sans%7CNoto+Serif%7CNova+Cut%7CNova+Flat%7CNova+Mono%7CNova+Oval%7CNova+Round%7CNova+Script%7CNova+Slim%7CNova+Square%7CNumans%7CNunito%7COdor+Mean+Chey%7COffside%7COld+Standard+TT%7COldenburg%7COleo+Script%7COleo+Script+Swash+Caps%7COpen+Sans%7COpen+Sans+Condensed%7COranienbaum%7COrbitron%7COregano%7COrienta%7COriginal+Surfer%7COswald%7COver+the+Rainbow%7COverlock%7COverlock+SC%7COvo%7COxygen%7COxygen+Mono%7CPT+Mono%7CPT+Sans%7CPT+Sans+Caption%7CPT+Sans+Narrow%7CPT+Serif%7CPT+Serif+Caption%7CPacifico%7CPalanquin%7CPalanquin+Dark%7CPaprika%7CParisienne%7CPassero+One%7CPassion+One%7CPathway+Gothic+One%7CPatrick+Hand%7CPatrick+Hand+SC%7CPattaya%7CPatua+One%7CPavanam%7CPaytone+One%7CPeddana%7CPeralta%7CPermanent+Marker%7CPetit+Formal+Script%7CPetrona%7CPhilosopher%7CPiedra%7CPinyon+Script%7CPirata+One%7CPlaster%7CPlay%7CPlayball%7CPlayfair+Display%7CPlayfair+Display+SC%7CPodkova%7CPoiret+One%7CPoller+One%7CPoly%7CPompiere%7CPontano+Sans%7CPoppins%7CPort+Lligat+Sans%7CPort+Lligat+Slab%7CPragati+Narrow%7CPrata%7CPreahvihear%7CPress+Start+2P%7CPridi%7CPrincess+Sofia%7CProciono%7CPrompt%7CProsto+One%7CProza+Libre%7CPuritan%7CPurple+Purse%7CQuando%7CQuantico%7CQuattrocento%7CQuattrocento+Sans%7CQuestrial%7CQuicksand%7CQuintessential%7CQwigley%7CRacing+Sans+One%7CRadley%7CRajdhani%7CRakkas%7CRaleway%7CRaleway+Dots%7CRamabhadra%7CRamaraja%7CRambla%7CRammetto+One%7CRanchers%7CRancho%7CRanga%7CRasa%7CRationale%7CRavi+Prakash%7CRedressed%7CReem+Kufi%7CReenie+Beanie%7CRevalia%7CRhodium+Libre%7CRibeye%7CRibeye+Marrow%7CRighteous%7CRisque%7CRoboto%7CRoboto+Condensed%7CRoboto+Mono%7CRoboto+Slab%7CRochester%7CRock+Salt%7CRokkitt%7CRomanesco%7CRopa+Sans%7CRosario%7CRosarivo%7CRouge+Script%7CRozha+One%7CRubik%7CRubik+Mono+One%7CRubik+One%7CRuda%7CRufina%7CRuge+Boogie%7CRuluko%7CRum+Raisin%7CRuslan+Display%7CRusso+One%7CRuthie%7CRye%7CSacramento%7CSahitya%7CSail%7CSalsa%7CSanchez%7CSancreek%7CSansita+One%7CSarala%7CSarina%7CSarpanch%7CSatisfy%7CScada%7CScheherazade%7CSchoolbell%7CScope+One%7CSeaweed+Script%7CSecular+One%7CSevillana%7CSeymour+One%7CShadows+Into+Light%7CShadows+Into+Light+Two%7CShanti%7CShare%7CShare+Tech%7CShare+Tech+Mono%7CShojumaru%7CShort+Stack%7CShrikhand%7CSiemreap%7CSigmar+One%7CSignika%7CSignika+Negative%7CSimonetta%7CSintony%7CSirin+Stencil%7CSix+Caps%7CSkranji%7CSlabo+13px%7CSlabo+27px%7CSlackey%7CSmokum%7CSmythe%7CSniglet%7CSnippet%7CSnowburst+One%7CSofadi+One%7CSofia%7CSonsie+One%7CSorts+Mill+Goudy%7CSource+Code+Pro%7CSource+Sans+Pro%7CSource+Serif+Pro%7CSpace+Mono%7CSpecial+Elite%7CSpicy+Rice%7CSpinnaker%7CSpirax%7CSquada+One%7CSree+Krushnadevaraya%7CSriracha%7CStalemate%7CStalinist+One%7CStardos+Stencil%7CStint+Ultra+Condensed%7CStint+Ultra+Expanded%7CStoke%7CStrait%7CSue+Ellen+Francisco%7CSuez+One%7CSumana%7CSunshiney%7CSupermercado+One%7CSura%7CSuranna%7CSuravaram%7CSuwannaphum%7CSwanky+and+Moo+Moo%7CSyncopate%7CTangerine%7CTaprom%7CTauri%7CTaviraj%7CTeko%7CTelex%7CTenali+Ramakrishna%7CTenor+Sans%7CText+Me+One%7CThe+Girl+Next+Door%7CTienne%7CTillana%7CTimmana%7CTinos%7CTitan+One%7CTitillium+Web%7CTrade+Winds%7CTrirong%7CTrocchi%7CTrochut%7CTrykker%7CTulpen+One%7CUbuntu%7CUbuntu+Condensed%7CUbuntu+Mono%7CUltra%7CUncial+Antiqua%7CUnderdog%7CUnica+One%7CUnifrakturCook%7CUnifrakturMaguntia%7CUnkempt%7CUnlock%7CUnna%7CVT323%7CVampiro+One%7CVarela%7CVarela+Round%7CVast+Shadow%7CVesper+Libre%7CVibur%7CVidaloka%7CViga%7CVoces%7CVolkhov%7CVollkorn%7CVoltaire%7CWaiting+for+the+Sunrise%7CWallpoet%7CWalter+Turncoat%7CWarnes%7CWellfleet%7CWendy+One%7CWire+One%7CWork+Sans%7CYanone+Kaffeesatz%7CYantramanav%7CYatra+One%7CYellowtail%7CYeseva+One%7CYesteryear%7CYrsa%7CZeyada&subset=latin%2Clatin-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://news8.de
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 18:52:55 GMT
x-content-type-options
nosniff
age
154296
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16740
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 18:52:55 GMT
fontawesome-webfont.woff
news8.de/wp-content/plugins/ultimate-member/assets/font/ Frame DD31 		96 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/plugins/ultimate-member/assets/font/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: news8.de
URL: https://news8.de/wp-content/cache/wmac/css/wmac_single_48ff9d03ab2419b1057dd3e29067436e.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer
https://news8.de/wp-content/cache/wmac/css/wmac_single_48ff9d03ab2419b1057dd3e29067436e.css
Origin
https://news8.de
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Tue, 20 Apr 2021 20:32:09 GMT
server
nginx
etag
"607f3a49-17ee8"
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
98024
expires
Thu, 01 Sep 2022 13:44:31 GMT
b2.php
view.webplexmedia.de/ Frame 0379 		740 B
593 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/banner.php?uid=495573400&e=0&p=1&s=0&sid=929&size=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
8b6d4698f1d2782fc265615021e4ed826ae859c976dcb8bde5dcb6d85c9bc10a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://news8.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:31 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
webplvers.js
view.webplexmedia.de/js/ Frame DD31 		91 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/js/webplvers.js
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/banner.php?uid=495573400&e=0&p=1&s=0&sid=929&size=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
8c25ade0a1d20dfb962dbc265e60d98d90544f13ce586820e3c3dc2baae64e81
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
last-modified
Tue, 31 Aug 2021 15:27:16 GMT
server
nginx
etag
"612e4a54-16b34"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
application/javascript
accept-ranges
bytes
content-length
92980
x-xss-protection
1; mode=block
config.json
consent.cookiefirst.com/sites/news8.de-bb9377db-6a76-431a-8f04-e7675f72404e/ Frame DD31 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/sites/news8.de-bb9377db-6a76-431a-8f04-e7675f72404e/config.json?v=be8f28e9-37b6-404d-9d56-7970f0754f3c
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-731.bunnyinfra.net
Software
Cookie First CDN-AT-731 /
Resource Hash
a8b43a55f6ec6c8c41206b28c598ce97ea8c7eb279beda5ba68d565eba2413a9

Request headers

Accept
application/json
Referer
https://news8.de/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:31 GMT
content-encoding
br
cdn-edgestorageid
731
cdn-fileserver
303
cdn-storageserver
DE-169
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cdn-cachedat
08/31/2022 13:44:31
cdn-pullzone
236985
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server
Cookie First CDN-AT-731
access-control-allow-origin
*
visitor-location
NL
last-modified
Mon, 11 Apr 2022 20:51:52 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"625494e8-773"
vary
Accept-Encoding
content-type
application/json
cdn-cache
BYPASS
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cache-control
public, max-age=31919000
cdn-requestid
dd90e94d22e68c45a8d378617c7e6f3c
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True
link.html
track.webgains.com/ Frame C838 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gjpbh1mngf2abdy8tmeg8ddh81mvqabty4nw51mv8kxd87pjgkaeb0sjw7dv5fprw53jwatx0jntmd77vs6excrwx85fn1tn2js7y8hq3qtka828q2jhwdgbj7jm9x0k5j3sj6ers4cferpxpdt386c9wr3t9r318ewbx2e5raxj45nkfy6yn0bkvwcbayg4bdnew96at30vp4a9g635by1j5z5xc07abg6cn8g468nx67n7aa3fw6417pb840fy3nq8%26a%3D&clickref=oneidK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHqoneid__emmaglam_advancedad_300x600&viewref=oneiddpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTjoneid__emmaglam_advancedad_300x600
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=600&e=&g=041ebb38454811a790791f204a1326bd%2F12281858215853902489&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471133&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
6b463aba7f5eccf693919551bf83106c8990c446fb9fe811cbf5d7691936a200

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 13:44:31 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 13:45:31 GMT
link.html
track.webgains.com/ Frame 84C0 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3271135&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k8jsngkv96g478863szzv1k4vpe4cf6v9k7dqentqfjz20rsg8kcz64kwxggk55xfqcrjg9jzsgkzkcvpxezt6sgy0sjnvtbx1mtb509h5aeb3p2taamnm3ej1hx9cgbpx9x5d747k3hc1v92p81m4k4bk4b8t0bxdwmcp0m1rwz1qv5pe48s0pzge6d16j24gr55c0agemvts9c1dmhbbjm8qe3tq59xsbj76y8q4c32rng0vf6f1pxnbrkzad8w%26a%3D&clickref=oneidBdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFMoneid__emmaglam_advancedad_728x90&viewref=oneidgAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFeoneid__emmaglam_advancedad_728x90
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=58783%2C182430%2C197862&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=728&d=90&e=&g=31769b53ae3ed83b5e9c7ed5919a74c7%2F6132780761417666784&i=28472%2C20378%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661953471138&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
201bf4936ae235a53997b9388bbe0436c1de666785d726971a6588986af0ffee

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 13:45:32 GMT
link.html
track.webgains.com/ Frame 834A 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gsayq2t0c0gr0yrfgcj0j6hqxzvjpfrvt726wy9vw0zhqmt4yk8rmzyawx1ejehn88d969xk78sjx71cwqn7tnvcahecpjhfkazaecvgh9dy2yrn78ckbb7f263kft80m59fwws8x1205a500xgp5b9938vjf4z0h4036cn66cka38hheptbsprdbv558aecmy8txd4mc6sms9x9jjp0405k8eqze9bvxtp1pv8bfrygc9rehz0gst2kq5qmmpgmc%26a%3D&clickref=oneidK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHqoneid__emmaglam_advancedad_300x250&viewref=oneiddpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTjoneid__emmaglam_advancedad_300x250
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=250&e=&g=2a12d80c20bafeab3c839a532ff90396%2F243427342487950804&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471133&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
967884205fed6eb3e1c7b73f689527b70b4eba4bcf5cc43cbfada48194846bca

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 13:45:32 GMT
link.html
track.webgains.com/ Frame EDB5 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3400951&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j8kc54sef2ccknwddyat8ts6p3m0ae72ygha7hj7yg96aw2a8bjtdbratfyy7g59txqk0e87ke3c60a66pyfhbegvz8mnhf0kkq1sdv0sh54d02mfadactmg0hgj8vrwetc56rd4qgap4xkgg011pr7zetye6esmxxmt5247sdz6n49gdt7kfxg2g3rpe2yyze86g84sky6aqnzhnzvrg1g3r69jtj0sr395jkawnxqtj994xv3h6y9hbqe2p2ny7fkc%26a%3D&clickref=oneidVQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQoneid__emmaglam_advancedad_300x250&viewref=oneidGD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtEoneid__emmaglam_advancedad_300x250
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=200038%2C198961%2C19769&b=GD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=VQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=964718de9fa25e82662452021fb383c0%2F16559786827644174996&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471139&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
99a3260a9e2e7c516284706682be7761dde4c4c1f2544a16776db9657da5536f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 13:45:32 GMT
link.html
track.webgains.com/ Frame C838 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3118461&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j0938gdaa0qgk21c1w2ge3gsxvmp1yx9jbc8tkmztc27x8xxznmxzyv4akjj27dn5wqw0hbhk8nejwzxt3sgz9101hrmnvkd8zz42fqbbwp1n3m5bj1497wekcvb8tnnyhgdya6faw3s2g495kx4qfjtc2etj5en4477bqkd4nyeyw8b2haptmyjrmr5wgsjhn6frnrysnmwt5n31qy19sdcfn8c7v6wnx1936y1bp0g68e4kqxekfjpgqzhf7cc64g%26a%3D&clickref=oneid9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTdoneid__emmaglam_advancedad_300x600&viewref=oneidZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJoneid__emmaglam_advancedad_300x600
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=600&e=&g=041ebb38454811a790791f204a1326bd%2F12281858215853902489&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471133&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
1d7cf49cf488eaa5e5ea28d2e550b90946a63878fbb3c9be3cad0e727b7d364c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 13:45:32 GMT
pvClk.min.js
analytics.webgains.io/ Frame E67B 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3400951&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gt1r3gsw5wbdn98tryvn9v27ae4cmc6ve3y7pemg3g7g3rp00n4w165d4vnhgspt6m5yhvz43p4xtnwnyapf7c69qey11m6cpwjvx6twnr2yxtrefnhvp90y76yq17awxkye4gytgwwa85sn9kafpnehmz0eyjz1162t5kfh8pcwh330mq5c33p0v720b1axfkdx3jm2f34ayy5ybh5nc9229kqc3rd1972ts4mmn2hz3t53ap6mhbzw33y0s7hnav4w%26a%3D&clickref=oneidVQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQoneid__emmaglam_advancedad_160x600&viewref=oneidGD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtEoneid__emmaglam_advancedad_160x600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 05:03:56 GMT
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 13:40:24 GMT
server
AmazonS3
age
31237
etag
"42f12532a1be9c2d028e26e9b82a99a2"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
FRA60-P4
content-length
86537
x-amz-cf-id
1ItiAVbFtFCRJCS_4cO2ESUQQ6moDALyL4Q_70k4FMi-9sztrgnouA==
1660906791_A2LI6LlUV4B8wFzhBEgCX8gAf3vOrow2.jpg
cdn.track.production.webgains.team/268155/ Frame E67B 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/268155/1660906791_A2LI6LlUV4B8wFzhBEgCX8gAf3vOrow2.jpg?Expires=1661953771&Signature=j~TEpyt8B~r5eV8VofMC~CEaT2smBQqykH46VCrr0QrOu3f0v8JHrrsrGw9V7tzmMLyoZZtTpZHbBiH2qb0Fdn5EUYdofK0DZxFdiO4qUKpt~lT5NVFxtWUUIiIFP6NEr1Jll3627ovMBPEWvzAfyr6pmqGHa1YMAjv8iqF7QXcvwyo7glPJSRkKhqlMJYyIrGjVcEiY5FtjvHb8YrMjpNlFYH6HzRt4t597XVaa3SAYPlgDjfCuBjLhasPz~S6TUUwqBMXVv4oHWHNGrW5zBia1LQ1e6TySlHKRzVKQ5jtAVHxttqOIiS8SHIMNvBqowpJcsXZai3Zv6kE546GlrQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200038%2C198961&b=XgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ%2CGD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7&f=e5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1%2CVQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ&c=160&d=600&e=&g=7ea91e771920b8b21b1bc32acf478e32%2F16387982739420500580&i=71725%2C22499%2C71690&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661953471132&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2afb94ec849c8c855a08d80a9f77b3e20ca1945b279e4cce8e909aa1b18316a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:59:52 GMT
server
AmazonS3
age
26080
etag
"d21df69800100d634bc36f84ad27c3be"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
date
Wed, 31 Aug 2022 06:29:53 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
77427
x-amz-cf-id
V0167Tk8wmDcuDp8ExiWTuE3TLz6v28NzqUxOkgRqvKHr4yyVZqXcA==
link.html
track.webgains.com/ Frame 84C0 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k1ftdvm7ngendzx6cwv0bwst2wze9bnztce75gebpv0mk86v22sybvvg4x8jsytw1yb75rs236b5xge6p54ac33k45xrqxesx7n4hqy8793bpycyx9kyfpmzgjv5pzkb2w5jchk3f8kr4n9qabjj3hfx7hta0y7j657f3knpq43d1sxv30p7xqx70ey16afz01gkzn1m5krvgqfkk81c01sypa469hkfs52jjb5etvajc86zc4jsjt042zxffww1fa0%26a%3D&clickref=oneide5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1oneid__emmaglam_advancedad_728x90&viewref=oneidXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJoneid__emmaglam_advancedad_728x90
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=58783%2C182430%2C197862&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=728&d=90&e=&g=31769b53ae3ed83b5e9c7ed5919a74c7%2F6132780761417666784&i=28472%2C20378%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661953471138&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
b5bf19127d5963d508986f22cd6d926905e0984497c0689bbd6dcf78779f4ea4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 13:45:32 GMT
link.html
track.webgains.com/ Frame E67B 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneid6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7oneid__emmaglam_advancedad_160x600&wglinkid=3459435
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200038%2C198961&b=XgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ%2CGD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7&f=e5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1%2CVQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ&c=160&d=600&e=&g=7ea91e771920b8b21b1bc32acf478e32%2F16387982739420500580&i=71725%2C22499%2C71690&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661953471132&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
08da0846fcb1f65a2ead9d380eeb1285d7920fc0ce2d68cd394afe52af059ad2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 13:45:32 GMT
link.html
track.webgains.com/ Frame 834A 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3118461&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gadyn6895k5026qsgqps1tr9t8mhsd0k1hpemnd28hpfxhzprxgx5ppdqserc3ax5t0qpyrkxkhd1mtn33sqntgen84097xbxjetvxk66qkbjha9zds9v0ntwh9nw93xwqthqrx5p6qdvqb3xvg9mcj95z6wevtycxjc56dv43qbdbkg7kn600b2zzjfww6hrfrcxkk2vb0rt3n0sxyzpgc8ws447c5rz323nnmddk6v9fvyfxv1f2vrt0es3q5%26a%3D&clickref=oneid9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTdoneid__emmaglam_advancedad_300x250&viewref=oneidZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJoneid__emmaglam_advancedad_300x250
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=250&e=&g=2a12d80c20bafeab3c839a532ff90396%2F243427342487950804&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471133&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
021fd5d08c1e5aefdf2738b4124c7a3edf64fff418e9f1f26b090f9c8e1cb2fa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 13:45:32 GMT
pvClk.min.js
analytics.webgains.io/ Frame 9CCC 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k1d29100sjvdmbgpqt1k7vt731wxgat3y3nkakq29p8nrk1rhv30x1dddmat9388q12344zz437rb31xzr7dsc6ypmkx1aw3td5qphxtrxxfq5ybjxj3xn1sp4cef5w017brytaf7azxr4qsp78rx79qbm7tgfk4rn2efexd6tx49zz19ppd6pfqa4v30mfqnshgwj66pg0cxs7kgkwed8kncj5s5kz54jm2j75wr02bvqyk86xyc10p4gqyvd11g%26a%3D&clickref=oneidK783aRfZf5Gps5HMHktzCBX8u7Srt7eHqoneid__emmaglam_advancedad_300x600&viewref=oneiddpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTjoneid__emmaglam_advancedad_300x600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 05:03:56 GMT
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 13:40:24 GMT
server
AmazonS3
age
31237
etag
"42f12532a1be9c2d028e26e9b82a99a2"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
FRA60-P4
content-length
86537
x-amz-cf-id
aVlJkQAlCgs9xkCy6lRcIFROjlCpkwcF6YK_TkDnx4_PsMuM7TT3Kw==
Logo%20RGB.png
cdn.track.production.webgains.team/12607/ Frame 9CCC 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/12607/Logo%20RGB.png?Expires=1661953771&Signature=RYApqrOKXRxEwHuMuHNnnTT5h5RKpPTZnWLqwJjN0pYqKghxvIRlkM0D9RHJAgNiurJzvUDZt51bWpzdrFXpQfB6Bq1B7cVVFjkGpxl2SgWAwrXWziOdIj2rAzR1L4QoHBfGhjp0yMVKan62cperSuwUUcsudA9gUtlLAUP4LmeLxftGHteXHRD9v5Usb4EINqtq9Nko1SQ7iwNmhJfUQ9K2reruREgXFxjsz5hOQIG0gsmg8kJWtFfZn0sNcS6c8PloEH51nMlcaSRCjTva4dpCpxdKYTCkT-cZ~Kpq5rrds0-bE~2Xm3IQHCvRfki50VobEB4Z4mAZWA6uQQSqtw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C202438%2C183975&b=dpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=K783aRfZf5Gps5HMHktzCBX8u7Srt7eHq%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=600&e=&g=0bb93e021ccb1a459333b4d84bbb1e63%2F6572354349658930294&i=20430%2C82994%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471135&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 09:41:36 GMT
server
AmazonS3
age
22464
etag
"92f323c42d6018008b4cf82e90ac9639"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Wed, 31 Aug 2022 07:30:09 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
86991
x-amz-cf-id
GfAzy6tfFTNsmNFnYz34iU4-z9B9PgpheYcjyu-ZXNivB2Y6h7OV6A==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame E67B 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1661953771&Signature=KcedJKUstY2cEenoIT1~oQWv9BI-LWmW8kGBrsd5bvrG4~o3~lZ~6GvPTMPK4oFXidEJ-k-jpg99b~pyaiMuOwT4uATcYTxU-iwomM7tM-ZqyEgpGiG-aWqxU-mCh93VkUS8HuOfyTLCm0mcKqR4IHx-pB~~k-5GDdzhik51jjwfwtZCrLc7rAdGBjHN16bnmcUPkiWvwlrLt3WO7kMCg66MWGyFuoJBolTfENqJC~Xky~2cLgiB~ahw7DZhK5k13VjYvNNzhupxDSmUFHfhNKeGa1P~dBZZ1mGtwSbP9IgSF8dQ9TujNzMp~0kDEmppgZ9MizTW9i5tB8TwhKrlxA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200038%2C198961&b=XgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ%2CGD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7&f=e5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1%2CVQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ&c=160&d=600&e=&g=7ea91e771920b8b21b1bc32acf478e32%2F16387982739420500580&i=71725%2C22499%2C71690&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_160x600&r=1661953471132&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
age
34497
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Wed, 31 Aug 2022 04:09:36 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
15054
x-amz-cf-id
VWHI_6_4X9uy5v0HOY2AUTZJHLv5xAADndeXEwoa4NwcNpqhxlZkww==
lg0.jpg
view.webplexmedia.de/ Frame 0379 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://view.webplexmedia.de/lg0.jpg
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Fri, 04 Dec 2020 00:56:23 GMT
server
nginx
etag
"5fc98937-5de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
loader.js
cdn.taboola.com/libtrc/chatango-network/ Frame DD4E 		77 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/chatango-network/loader.js
Requested by
Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r0817221641/id.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fcc1c7f84067e55e0b64873d2314b7ba662561cbbc21381a4374bac8abf8eb37

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
GKSNRriQocC0v_bxONN86VugeBu5e5XH
content-encoding
gzip
etag
"d52b5c0fd51efc73ce763388d2e3e00b"
age
16336
x-cache
HIT
content-length
20896
x-amz-id-2
ELiYXtvMWh2xA3Er61bsgCmiyihhIq8nv/697qup0ekfqzpuk/Xkwm4fTOihHHyKmxVF3zQLvTc=
x-served-by
cache-ams21080-AMS
last-modified
Wed, 31 Aug 2022 09:12:13 GMT
server
AmazonS3
x-timer
S1661953472.276988,VS0,VE0
date
Wed, 31 Aug 2022 13:44:32 GMT
vary
Accept-Encoding
x-amz-request-id
PQTE160Z7K2E9YJM
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
34
x-cache-hits
76
analytics.js
www.google-analytics.com/ Frame DD4E 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r0817221641/id.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
7006
date
Wed, 31 Aug 2022 11:47:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 31 Aug 2022 13:47:46 GMT
link.html
track.webgains.com/ Frame 9CCC 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneid4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsKoneid__emmaglam_advancedad_300x600&wglinkid=2194035
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C202438%2C183975&b=dpDmUEfkfRpXhEHjHwtEtbAdfeSRt8BTj%2Cr5mEuQf9f3VgzsAH7HjtqtVgrEUYSJtDqtd%2C4gGmHEf5fA2eRcGH9HdtAtm9MSbSZtpJsK&f=K783aRfZf5Gps5HMHktzCBX8u7Srt7eHq%2CP241aBfbfbrWxU9HjHbtgCArKkHJSgtBeup%2Cr5mEuQf9f3XBdaAH7HjtJCBXVaYSJtDqtd&c=300&d=600&e=&g=0bb93e021ccb1a459333b4d84bbb1e63%2F6572354349658930294&i=20430%2C82994%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471135&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 13:45:32 GMT
link.html
track.webgains.com/ Frame EDB5 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3459435&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jx6cw6r4pgtan0as1ge58f2he50pa9k3v14cjmep10smq5nxq8efnax5mn9yg65pkbw0a2ydcfn05mgdrdtvn8p4d9xjxz930xyrvp56atxzknvh50m37mywjjdrcxtq3m2xqx5srxrnmar07etjretw9a5x32465dv1w60bkf1k2cg1v5ftzwngbqys586055t69eeegaemwvmq975rpkzqqe0baf90qcqd8nq2y2y62kf1t1qmyrghsa02k5nag5ep%26a%3D&clickref=oneidXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJoneid__emmaglam_advancedad_300x250&viewref=oneid6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7oneid__emmaglam_advancedad_300x250
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=200038%2C198961%2C19769&b=GD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=VQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=964718de9fa25e82662452021fb383c0%2F16559786827644174996&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471139&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
86b87c6ffa01cbdb1bf025d141ee6dae755cec5169dd0561fcc089b46eb6d088

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 13:45:32 GMT
14.0047.c.js
consent.cookiefirst.com/banner/v2.2.3/static-main/ Frame DD31 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner/v2.2.3/static-main/14.0047.c.js
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-731.bunnyinfra.net
Software
Cookie First CDN-AT-731 /
Resource Hash
84aff2355b6de3a0a2388db5ecfd27cc8a980e6f52fed932fb61b49f93a275b3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
content-encoding
br
cdn-edgestorageid
731
cdn-fileserver
313
cdn-storageserver
DE-197
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cdn-cachedat
08/30/2022 12:10:16
cdn-pullzone
236985
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server
Cookie First CDN-AT-731
access-control-allow-origin
*
visitor-location
NL
last-modified
Tue, 30 Aug 2022 11:27:13 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"630df411-4f84"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cache-control
public, max-age=31919000
cdn-requestid
17bf41fb60156eea553f257e11789e09
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True
app.fb6d.c.css
consent.cookiefirst.com/banner/v2.2.3/static-main/ Frame DD31 		42 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner/v2.2.3/static-main/app.fb6d.c.css
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-731.bunnyinfra.net
Software
Cookie First CDN-AT-731 /
Resource Hash
be6bff0e539b40d29e833aedbfa5580ba8230a025138d3805bfe4a553e7c6a8a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
content-encoding
br
cdn-edgestorageid
731
cdn-fileserver
364
cdn-storageserver
DE-164
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cdn-cachedat
08/30/2022 12:10:16
cdn-pullzone
236985
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server
Cookie First CDN-AT-731
access-control-allow-origin
*
visitor-location
NL
last-modified
Tue, 30 Aug 2022 11:27:12 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"630df410-a7e2"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cache-control
public, max-age=31919000
cdn-requestid
03de1356a32a51fb1cccb5b40534daa9
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True
app.c3b9.c.js
consent.cookiefirst.com/banner/v2.2.3/static-main/ Frame DD31 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner/v2.2.3/static-main/app.c3b9.c.js
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-731.bunnyinfra.net
Software
Cookie First CDN-AT-731 /
Resource Hash
d73d5638ad3d660cdbc2c1114ea844928b00c871ca4b4f86eb12525cb1a17994

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
content-encoding
br
cdn-edgestorageid
731
cdn-fileserver
433
cdn-storageserver
DE-167
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cdn-cachedat
08/30/2022 12:10:16
cdn-pullzone
236985
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server
Cookie First CDN-AT-731
access-control-allow-origin
*
visitor-location
NL
last-modified
Tue, 30 Aug 2022 11:27:12 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"630df410-d06c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cache-control
public, max-age=31919000
cdn-requestid
9afa4c1b0ce41f545106e4e0ab6ab5ab
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True
in4.php
view.webplexmedia.de/ Frame C8FD 		655 B
592 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
88adaed5566048e5f37b28e021e0db68f743f23be696c0ffd3878cea87d432b4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 8697 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
gprofile.xml
ust.chatango.com/groupinfo/d/r/dragonball-tube/ Frame DD4E 		46 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ust.chatango.com/groupinfo/d/r/dragonball-tube/gprofile.xml
Requested by
Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r0817221641/id.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
2bf0b59a7518f8b73db880ecb0e510763231b2a8ef3a789504c9ab98e549904a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 13:44:33 GMT
Last-Modified
Wed, 07 Mar 2018 21:32:30 GMT
Server
nginx
Content-Type
text/xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46
Expires
Wed, 31 Aug 2022 13:44:33 GMT
pvClk.min.js
analytics.webgains.io/ Frame C838 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gjpbh1mngf2abdy8tmeg8ddh81mvqabty4nw51mv8kxd87pjgkaeb0sjw7dv5fprw53jwatx0jntmd77vs6excrwx85fn1tn2js7y8hq3qtka828q2jhwdgbj7jm9x0k5j3sj6ers4cferpxpdt386c9wr3t9r318ewbx2e5raxj45nkfy6yn0bkvwcbayg4bdnew96at30vp4a9g635by1j5z5xc07abg6cn8g468nx67n7aa3fw6417pb840fy3nq8%26a%3D&clickref=oneidK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHqoneid__emmaglam_advancedad_300x600&viewref=oneiddpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTjoneid__emmaglam_advancedad_300x600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 05:03:56 GMT
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 13:40:24 GMT
server
AmazonS3
age
31237
etag
"42f12532a1be9c2d028e26e9b82a99a2"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
FRA60-P4
content-length
86537
x-amz-cf-id
VKtHVuIDUC_0zg1GqqUn6H0qx2lJi0sXDsisM2g_uC3S14A5naYOMg==
1580727847_JJZV3RgLFGD9GCdCHmP2fyWcN2HYaIE7.png
cdn.track.production.webgains.team/278155/ Frame C838 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/278155/1580727847_JJZV3RgLFGD9GCdCHmP2fyWcN2HYaIE7.png?Expires=1661953772&Signature=k0GZsvvcYBo7m4E4BEiMZ-TJAccjBDX4ocbqUI5zmFW2ZgMRrVWiQxEullfHnQpnF0fSWm~N-Hw2Bd9OvWbQsT9OWqILO4sYjE0n9lVD3MRDOrPN1UcLHt6UbpsPOTDL0yAj4LHuiisl1HXF1Xlwu91eRtctNAti2wegCUhaaUKqHyLNEukR82mTlaJ93M~ujaDP4JlA1ETSsPDO~pCDK-WE1TrqDdO36jZpyYRrXo3fpxO9g6Ss9QULH6ON5vUC2Zbbh~q4Vo1yI2QFeTVcO1ChBWT8mZLPgGOA~8BMG~cT4OatzSwDyuS9~VBfuTK4~AhJ-FvHKgZhE8GggVvVvg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=600&e=&g=041ebb38454811a790791f204a1326bd%2F12281858215853902489&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x600&r=1661953471133&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17deb20c6f6ec3f074a2633c5c1706ae28e6def4c605c81c268dcd6161ad008e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:31:16 GMT
server
AmazonS3
age
43103
etag
"90a67412ed0b25c3e4ca2ad17658d5e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Wed, 31 Aug 2022 01:46:10 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
2545
x-amz-cf-id
wTE-fq9IE2BYDR__RmyIKFlTRqnbU2YacXOM8_3tf0gggiX2Y_GHFg==
pvClk.min.js
analytics.webgains.io/ Frame 84C0 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3271135&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k8jsngkv96g478863szzv1k4vpe4cf6v9k7dqentqfjz20rsg8kcz64kwxggk55xfqcrjg9jzsgkzkcvpxezt6sgy0sjnvtbx1mtb509h5aeb3p2taamnm3ej1hx9cgbpx9x5d747k3hc1v92p81m4k4bk4b8t0bxdwmcp0m1rwz1qv5pe48s0pzge6d16j24gr55c0agemvts9c1dmhbbjm8qe3tq59xsbj76y8q4c32rng0vf6f1pxnbrkzad8w%26a%3D&clickref=oneidBdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFMoneid__emmaglam_advancedad_728x90&viewref=oneidgAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFeoneid__emmaglam_advancedad_728x90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 05:03:56 GMT
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 13:40:24 GMT
server
AmazonS3
age
31237
etag
"42f12532a1be9c2d028e26e9b82a99a2"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
FRA60-P4
content-length
86537
x-amz-cf-id
4v1X8hRWVjmgiT1EIJnO8NBSLCOsSDrGZl0tPCCoHc420Kaj5YbsXw==
link.html
track.webgains.com/ Frame 84C0 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidgAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFeoneid__emmaglam_advancedad_728x90&wglinkid=3271135
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=58783%2C182430%2C197862&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=728&d=90&e=&g=31769b53ae3ed83b5e9c7ed5919a74c7%2F6132780761417666784&i=28472%2C20378%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661953471138&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
f13311204beda3ce95b4047bfdca1579d115cbe7ccca1f145862d08e75edf6d2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 13:45:32 GMT
pvClk.min.js
analytics.webgains.io/ Frame 834A 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gsayq2t0c0gr0yrfgcj0j6hqxzvjpfrvt726wy9vw0zhqmt4yk8rmzyawx1ejehn88d969xk78sjx71cwqn7tnvcahecpjhfkazaecvgh9dy2yrn78ckbb7f263kft80m59fwws8x1205a500xgp5b9938vjf4z0h4036cn66cka38hheptbsprdbv558aecmy8txd4mc6sms9x9jjp0405k8eqze9bvxtp1pv8bfrygc9rehz0gst2kq5qmmpgmc%26a%3D&clickref=oneidK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHqoneid__emmaglam_advancedad_300x250&viewref=oneiddpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTjoneid__emmaglam_advancedad_300x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 05:03:56 GMT
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 13:40:24 GMT
server
AmazonS3
age
31237
etag
"42f12532a1be9c2d028e26e9b82a99a2"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
FRA60-P4
content-length
86537
x-amz-cf-id
ydA-f9QcBCzJIeJN7t9isnFAmOSSD7O3btSJydSFQImEApHnH8mFWg==
1580727847_JJZV3RgLFGD9GCdCHmP2fyWcN2HYaIE7.png
cdn.track.production.webgains.team/278155/ Frame 834A 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/278155/1580727847_JJZV3RgLFGD9GCdCHmP2fyWcN2HYaIE7.png?Expires=1661953772&Signature=k0GZsvvcYBo7m4E4BEiMZ-TJAccjBDX4ocbqUI5zmFW2ZgMRrVWiQxEullfHnQpnF0fSWm~N-Hw2Bd9OvWbQsT9OWqILO4sYjE0n9lVD3MRDOrPN1UcLHt6UbpsPOTDL0yAj4LHuiisl1HXF1Xlwu91eRtctNAti2wegCUhaaUKqHyLNEukR82mTlaJ93M~ujaDP4JlA1ETSsPDO~pCDK-WE1TrqDdO36jZpyYRrXo3fpxO9g6Ss9QULH6ON5vUC2Zbbh~q4Vo1yI2QFeTVcO1ChBWT8mZLPgGOA~8BMG~cT4OatzSwDyuS9~VBfuTK4~AhJ-FvHKgZhE8GggVvVvg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gsayq2t0c0gr0yrfgcj0j6hqxzvjpfrvt726wy9vw0zhqmt4yk8rmzyawx1ejehn88d969xk78sjx71cwqn7tnvcahecpjhfkazaecvgh9dy2yrn78ckbb7f263kft80m59fwws8x1205a500xgp5b9938vjf4z0h4036cn66cka38hheptbsprdbv558aecmy8txd4mc6sms9x9jjp0405k8eqze9bvxtp1pv8bfrygc9rehz0gst2kq5qmmpgmc%26a%3D&clickref=oneidK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHqoneid__emmaglam_advancedad_300x250&viewref=oneiddpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTjoneid__emmaglam_advancedad_300x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17deb20c6f6ec3f074a2633c5c1706ae28e6def4c605c81c268dcd6161ad008e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:31:16 GMT
server
AmazonS3
age
43103
etag
"90a67412ed0b25c3e4ca2ad17658d5e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Wed, 31 Aug 2022 01:46:10 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
2545
x-amz-cf-id
1UI_u1AlocGXemTnBZdKB0U8gPnkSTRFuVLXGFidHsahikvQOhixiw==
pvClk.min.js
analytics.webgains.io/ Frame EDB5 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3400951&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j8kc54sef2ccknwddyat8ts6p3m0ae72ygha7hj7yg96aw2a8bjtdbratfyy7g59txqk0e87ke3c60a66pyfhbegvz8mnhf0kkq1sdv0sh54d02mfadactmg0hgj8vrwetc56rd4qgap4xkgg011pr7zetye6esmxxmt5247sdz6n49gdt7kfxg2g3rpe2yyze86g84sky6aqnzhnzvrg1g3r69jtj0sr395jkawnxqtj994xv3h6y9hbqe2p2ny7fkc%26a%3D&clickref=oneidVQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQoneid__emmaglam_advancedad_300x250&viewref=oneidGD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtEoneid__emmaglam_advancedad_300x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 05:03:56 GMT
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 13:40:24 GMT
server
AmazonS3
age
31237
etag
"42f12532a1be9c2d028e26e9b82a99a2"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
FRA60-P4
content-length
86537
x-amz-cf-id
TCKFjNASEGQ_0L0HvFCZ_NdN6uC_hFGsUntponyO0vkL_wVpWWuVaw==
1660906791_A2LI6LlUV4B8wFzhBEgCX8gAf3vOrow2.jpg
cdn.track.production.webgains.team/268155/ Frame EDB5 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/268155/1660906791_A2LI6LlUV4B8wFzhBEgCX8gAf3vOrow2.jpg?Expires=1661953772&Signature=KTihOwaNRgj2ceZbdz7rQL0bgbiEtncIsD~JbWAFlB2vAJngKBco6zmx96yG6N2knxkwBrFeOOkBM-4OFW~zHSOsrmvSffxarZFmZBoVq~pmCbpofkKTaWdWI4~0vYUXW5PXb8bNSDgY-ecmINfYgwt6lShPz48uJRKY-QIJr303BaAJ2WoTWfwaXD-D3l6HnAIDSZxIPWxn9FU09~OJfYj56kBNEmwIrqoCwYFtsUa9~RsXs~PQPk8UXlDsJPbaPTUK3nxKkGSk2l6EeA0MLU55WTb7Ffz3cMkLuo3BPqL~ZQqglQcoTm97SrEGJmDCeGSMW73V6--7D2pBaZkk-Q__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=200038%2C198961%2C19769&b=GD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=VQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=964718de9fa25e82662452021fb383c0%2F16559786827644174996&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471139&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2afb94ec849c8c855a08d80a9f77b3e20ca1945b279e4cce8e909aa1b18316a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:59:52 GMT
server
AmazonS3
age
26080
etag
"d21df69800100d634bc36f84ad27c3be"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
date
Wed, 31 Aug 2022 06:29:53 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
77427
x-amz-cf-id
vsJIUPJFfuuPVqzxyMJhzdnDDjMfRc5SQDbfuAY4KVDB1cL5ziqmBg==
impl.20220831-3-RELEASE.js
cdn.taboola.com/libtrc/ Frame DD4E 		680 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220831-3-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/chatango-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
c9640eb2befb4938a64076908c70b3e3b72c1af042b031026e8a981d186ccff7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
1JDvz_ZoSnAjRGhNysmH_XrtoAgjywOs
content-encoding
br
etag
"d755a28c23177ed7593de1487c2c097b"
age
17374
x-cache
HIT
content-length
143823
x-amz-id-2
Eth0eNoOwxrp3JSrtPpGveSKyQYuu6QVA4lp/+hS/Hoj/U0kfL7bPH6+ILclOvMNYk3MVw5ECBw=
x-served-by
cache-ams21080-AMS
last-modified
Wed, 31 Aug 2022 08:46:36 GMT
server
AmazonS3-br
x-timer
S1661953472.457119,VS0,VE0
date
Wed, 31 Aug 2022 13:44:32 GMT
vary
Accept-Encoding
x-amz-request-id
VA0H1EFG6YMSE6G8
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
73
x-cache-hits
5568
beacon.js
sb.scorecardresearch.com/ Frame DD4E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/chatango-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 04:29:58 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
33274
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
jRm0ZiM-bQzhfoDQv5Za7kBLu35KlXuFVTLJuhHmcQhNDKXujyQTUA==
b2.php
view.webplexmedia.de/ Frame A32B 		740 B
592 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/banner.php?uid=495573400&e=0&p=0&s=0&sid=929&size=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
99308092280fbb41913fd20a39ba3ff572a8bc24e62a169327357b84957dcb6f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://news8.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
Facebook-1-720x380.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/Facebook-1-720x380.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
e4eb4de6890122eb3345d67f787fa78844fd2c86f315be3b1d20ae15de34c7c2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 13:13:33 GMT
server
nginx
etag
"630f5e7d-85a5"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
34213
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
crosstraining-lizenz-ausbildung-academyofsports-665x380.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/crosstraining-lizenz-ausbildung-academyofsports-665x380.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
000e6cf8ede83b41f4cc4e128ec06dd7f9674c80f3e808a2e8de45a7d220828e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 13:10:04 GMT
server
nginx
etag
"630f5dac-e63a"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
58938
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
Electrical-Steel-Sheet-Market-720x380.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/Electrical-Steel-Sheet-Market-720x380.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
4ac7d4f3a8256fa10b20dee7956b42b0b46fa380a8adeb3b0d482b878e6cf3e9
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 13:03:17 GMT
server
nginx
etag
"630f5c15-10bca"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
68554
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
Tracheostomy-Tube-Accessories-Market-720x380.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/Tracheostomy-Tube-Accessories-Market-720x380.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
1f98f28389d6e1e4e182cda1b7e61ce411924514c59d8a16befa241302ca9e25
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 12:41:04 GMT
server
nginx
etag
"630f56e0-9d29"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
40233
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
HydrogenBEVHEV-Powertrain-Market-720x380.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/HydrogenBEVHEV-Powertrain-Market-720x380.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
31b6fadc0a0b6b6313ebe22cbc6cc824cdfea9e4338de57b50c6979df72468cb
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 12:20:04 GMT
server
nginx
etag
"630f51f4-df84"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
57220
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
MalspassTolleGeschichtenIndie-689x380.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/MalspassTolleGeschichtenIndie-689x380.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
9517f1c9d7954c44a3999ca345447f3d5afd18256a1b3c44fe0620c83b430539
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 12:03:46 GMT
server
nginx
etag
"630f4e22-edc2"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
60866
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
1111-720x380.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/1111-720x380.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
8cc38bd1ad73b7001b1b4b331e5049dee6b025733dff772319ff98364f338363
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 12:01:24 GMT
server
nginx
etag
"630f4d94-8993"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
35219
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
AI-Powered-Storage-Market-720x380.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/AI-Powered-Storage-Market-720x380.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
feac2132f1efc440bca59ad2c6dd33500e757e5e6096b369fdc7b04f81ea149e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 11:58:38 GMT
server
nginx
etag
"630f4cee-d51a"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
54554
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
Automated-Guided-Vehicle-Market-720x380.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/Automated-Guided-Vehicle-Market-720x380.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
75290b038a915258cda4e6f2092f80ffddcf6d8fb9d8aa92bfffa34575db0349
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 11:33:25 GMT
server
nginx
etag
"630f4705-118ba"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
71866
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
Cloud-Gaming-Market-720x380.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/Cloud-Gaming-Market-720x380.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
6ba44a26c65949d928fa4930797db4d274f105a9acd23e8c9b98d3e46be1b261
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 11:06:52 GMT
server
nginx
etag
"630f40cc-de9c"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
56988
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
BuchtippEngelsTraumKarina-400x380.jpeg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/BuchtippEngelsTraumKarina-400x380.jpeg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
03dd1e02408eb0d44b07302841c14c315590d988638e4db94c6861f671d8a938
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 11:01:41 GMT
server
nginx
etag
"630f3f95-d4b6"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
54454
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
India-Edible-Oil-Market.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/India-Edible-Oil-Market.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
a20e5d03eaf22ec1750835efce979b366149eede6cf4c7ddb853443feb281a3e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 10:37:39 GMT
server
nginx
etag
"630f39f3-2457"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
9303
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
screenshots23-720x380.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/screenshots23-720x380.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
f426dd362e7d55ea96be5391bb1af0ff36f122175ca0aa44aa4008c5b04af426
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 10:36:51 GMT
server
nginx
etag
"630f39c3-102a4"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
66212
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
Brazil-Organic-Food-Market.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/Brazil-Organic-Food-Market.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
ce335a9abb4111b27e4592548da35884a158ff050832f11595824dc97508f1c1
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 10:25:36 GMT
server
nginx
etag
"630f3720-429e"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
17054
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
Eggshell-Membrane-Market-720x380.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/Eggshell-Membrane-Market-720x380.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
0fa60c13bcea4273c2928250a6d7cda2039b83377ca098e0011ccb0adb2aec6e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 10:17:14 GMT
server
nginx
etag
"630f352a-b271"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
45681
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
Butterpudding_AYTIN-1-480x380.jpeg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/Butterpudding_AYTIN-1-480x380.jpeg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
d95fd6444b0227447fb555d0d26da10f52939657dc29d4620fc962f62ae99fe2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 10:14:27 GMT
server
nginx
etag
"630f3483-990c"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
39180
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
China-Pollution-Mask-Market.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/China-Pollution-Mask-Market.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
ef8a27703cc8657747ed7196c52caf00df3b3f11d9a7e9c0a9674c773004ecbd
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 10:10:42 GMT
server
nginx
etag
"630f33a2-b32a"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
45866
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
South-Africa-Water-Purifiers-Market-720x380.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/South-Africa-Water-Purifiers-Market-720x380.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
3b9bbabb9bc1e756c5e4618fa0274f97f640490b5cdd34123012998e2d78d974
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 09:59:34 GMT
server
nginx
etag
"630f3106-7eb6"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
32438
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
Saudi-Arabia-Spare-Parts-720x380.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/Saudi-Arabia-Spare-Parts-720x380.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
41d35eeaef7e5365fd00f00a6ca80b44d1108708d61c82fd3f92d1f3390be875
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 09:58:42 GMT
server
nginx
etag
"630f30d2-11ac4"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
72388
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
b2.php
view.webplexmedia.de/ Frame C622 		740 B
592 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/banner.php?uid=495573400&e=0&p=0&s=0&sid=929&size=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
99308092280fbb41913fd20a39ba3ff572a8bc24e62a169327357b84957dcb6f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://news8.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
USA-Erster-Patient-mit-Affenpocken-gestorben.jpg
www.fesch.tv/wp-content/uploads/2022/08/ Frame DD31 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fesch.tv/wp-content/uploads/2022/08/USA-Erster-Patient-mit-Affenpocken-gestorben.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
eb522d165e917238e8a4946d98794ecd5b25dca69ec3f1392d8df54f59fc0d7a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 08:11:13 GMT
server
nginx
etag
"630f17a1-1cb5e"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
117598
x-xss-protection
1; mode=block
Britney-Spears-Kritik-an-ihrer-Familie.jpg
www.fesch.tv/wp-content/uploads/2022/08/ Frame DD31 		172 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fesch.tv/wp-content/uploads/2022/08/Britney-Spears-Kritik-an-ihrer-Familie.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
2fbcd1bc2d92c05ebd7ac6400b9700a10c3b522bc785b89d08ea94c9b72c15fc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 08:11:42 GMT
server
nginx
etag
"630f17be-2b15e"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
176478
x-xss-protection
1; mode=block
Kylie-Jenner-Sie-weinte-drei-Wochen-lang.jpg
www.fesch.tv/wp-content/uploads/2022/08/ Frame DD31 		137 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fesch.tv/wp-content/uploads/2022/08/Kylie-Jenner-Sie-weinte-drei-Wochen-lang.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
6c2123d9ddde52411b964e7dc36c56aeab308244e03a22ecf479a821d5e1e62e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 07:11:41 GMT
server
nginx
etag
"630f09ad-223b5"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
140213
x-xss-protection
1; mode=block
Selten-offene-Worte-Heidi-Klum-spricht-ueber-Scheidung-von-Seal.jpg
www.fesch.tv/wp-content/uploads/2022/08/ Frame DD31 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fesch.tv/wp-content/uploads/2022/08/Selten-offene-Worte-Heidi-Klum-spricht-ueber-Scheidung-von-Seal.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
e8d217f8a77a3b7c389b29b0ddc0169d38747408e1673075645610293a8b3606
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Tue, 30 Aug 2022 22:11:41 GMT
server
nginx
etag
"630e8b1d-df34"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
57140
x-xss-protection
1; mode=block
Sturm-der-Liebe-Wie-bitte-SIE-kehrt-zurueck-aber-mit-neuer-Schauspielerin.jpg
www.fesch.tv/wp-content/uploads/2022/08/ Frame DD31 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fesch.tv/wp-content/uploads/2022/08/Sturm-der-Liebe-Wie-bitte-SIE-kehrt-zurueck-aber-mit-neuer-Schauspielerin.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
2130552ccb70ffd4c8b39437384f4003956678bf43819e63c545b4453f970cc1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Tue, 30 Aug 2022 22:11:45 GMT
server
nginx
etag
"630e8b21-12598"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
75160
x-xss-protection
1; mode=block
1582620939_hyJLsMcTw9BzW5wi63bmu5EBCIosJqdB.jpeg
cdn.track.production.webgains.team/273165/ Frame 834A 		210 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/273165/1582620939_hyJLsMcTw9BzW5wi63bmu5EBCIosJqdB.jpeg?Expires=1661953772&Signature=C0yy7iQefr8-ZdjB~cpapb0hdlmuGIh0F1G7f4N-U0s~56LwqvtSnfmWyR8Xd2MfxIV5R3uNIGkfKiQIAoQFyrAmjQMPL0SjoM~G31A~TusvGFLvB93mY09I29MsHmZ2I1epGJxZrWjbLy-Jik6cvvdzcWdXzxtI~N5W7WIpVguOh7M-mhRJeHFh1KgAEt4mRq5XwNEdsxjqaGaljnCHFg0lEkDNKPa5f~SXAEzHtd~MBmz4-AA9V8pJu40eKcLaTX44H3FrWHljUN4HkPC2n8Et3cnsEoYdjXCVGMQHVEqi8eKP4COofvO6SlNWqVF5bZzaQFXr0pbP1vUY9yaVzg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C177100%2C43766&b=52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1%2CdpDmUEfkfpAk6fEHjHwtEt54J1ueSRt8BTj%2CZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJ&f=pqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE%2CK783aRfZfGXkZS5HMHktzCKdp3C7Srt7eHq%2C9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTd&c=300&d=250&e=&g=2a12d80c20bafeab3c839a532ff90396%2F243427342487950804&i=21630%2C65803%2C24891&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471133&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3f5311847d8fbac94a3d572938dea0a268ca1ff1fc18f6dad8b5bb9ff16a243

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:25:34 GMT
server
AmazonS3
age
43896
etag
"a30de301a2e6a272912783c9da549a13"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
date
Wed, 31 Aug 2022 01:32:57 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
214933
x-amz-cf-id
QUcPdkGe6zJnY_Z8gdONU91ogrzcPFSqundWp9pkKl_ztyjlh9SxWw==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 84C0 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1661953772&Signature=eQfYl1NwCkA0sVpBMGpNlhQ0WE3QIUJztQRuf~q2U7lTgIUgA~ksljtYvrEkTEWMqdmZv0zf9DSXtb3J5f0VZaG9piTIGLkd2IlUqlq6yn8ZLzkIwxAWWyifz~Ai1Ykt678lMeG-TGDRz19-sHgh46S87zqJkkpR6PbRRo6oI1Z6TcTp7cnkwh1JbSm2Y~bgFqo0~cjfxXXDg--5E5mbsRshEVxIsbadNfXsWIucGvP~3xvywZnW5I4OsNhiXM3WoYvNPJ~4~5qR4Q8ev8sfz~nMQ3-hJzE-iQUfN3QP4wSTam5mtCdq-psurieb-92vlsYf1I0VaLQKlRbsxFw8Hg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=58783%2C182430%2C197862&b=gAdJF8frfk4A6TPHbH8t5t2e1fmSjtjqFe%2CbGqEtQfZf5jjMaYHbHztKtw64ubS3tE7UJ%2CXgdZHzfrfKEe1C6H4HetqtwJZYuQSMtZBtJ&f=BdZEhgfPfMrpgFxH6H3tgCmRwCjSdtjDFM%2C3rg7Hpf4fXrrDH7HrHAtXC9WZsPSztwpFd%2Ce5qVu3fVfreQGCjHZHet2CXpEZfwSbtBeu1&c=728&d=90&e=&g=31769b53ae3ed83b5e9c7ed5919a74c7%2F6132780761417666784&i=28472%2C20378%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_728x90&r=1661953471138&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
age
34497
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Wed, 31 Aug 2022 04:09:36 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
15054
x-amz-cf-id
NHlE9i9UnlURgL16FLJLXEVqXRT7Q5Q9QZ6RC-ACqys74rpzMmSK9w==
1582620939_hyJLsMcTw9BzW5wi63bmu5EBCIosJqdB.jpeg
cdn.track.production.webgains.team/273165/ Frame C838 		210 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/273165/1582620939_hyJLsMcTw9BzW5wi63bmu5EBCIosJqdB.jpeg?Expires=1661953772&Signature=C0yy7iQefr8-ZdjB~cpapb0hdlmuGIh0F1G7f4N-U0s~56LwqvtSnfmWyR8Xd2MfxIV5R3uNIGkfKiQIAoQFyrAmjQMPL0SjoM~G31A~TusvGFLvB93mY09I29MsHmZ2I1epGJxZrWjbLy-Jik6cvvdzcWdXzxtI~N5W7WIpVguOh7M-mhRJeHFh1KgAEt4mRq5XwNEdsxjqaGaljnCHFg0lEkDNKPa5f~SXAEzHtd~MBmz4-AA9V8pJu40eKcLaTX44H3FrWHljUN4HkPC2n8Et3cnsEoYdjXCVGMQHVEqi8eKP4COofvO6SlNWqVF5bZzaQFXr0pbP1vUY9yaVzg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3118461&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j0938gdaa0qgk21c1w2ge3gsxvmp1yx9jbc8tkmztc27x8xxznmxzyv4akjj27dn5wqw0hbhk8nejwzxt3sgz9101hrmnvkd8zz42fqbbwp1n3m5bj1497wekcvb8tnnyhgdya6faw3s2g495kx4qfjtc2etj5en4477bqkd4nyeyw8b2haptmyjrmr5wgsjhn6frnrysnmwt5n31qy19sdcfn8c7v6wnx1936y1bp0g68e4kqxekfjpgqzhf7cc64g%26a%3D&clickref=oneid9dx5hMfmfQ8PCKHBH2tzCVpPh9SRtQwTdoneid__emmaglam_advancedad_300x600&viewref=oneidZZ41twfBfr97UmHDHDt3t6Y1t6SJtKjsJoneid__emmaglam_advancedad_300x600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3f5311847d8fbac94a3d572938dea0a268ca1ff1fc18f6dad8b5bb9ff16a243

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:25:34 GMT
server
AmazonS3
age
43896
etag
"a30de301a2e6a272912783c9da549a13"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
date
Wed, 31 Aug 2022 01:32:57 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
214933
x-amz-cf-id
WO94EXInyPWaD0qMymO5gDbbfk3Ks5DTbxebSWMmlWDJeXNHqR6DFQ==
link.html
track.webgains.com/ Frame EDB5 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneid6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7oneid__emmaglam_advancedad_300x250&wglinkid=3459435
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=200038%2C198961%2C19769&b=GD9JTBfpfXdmWsKHeHGtPtkj2cZSjtZmtE%2C6RrGcef3fMzY3HeHmHYtkt92ZdUYSBtWEU7%2C52eVaXfEfmPMSpH7HMt3tEJMSYSkt5JU1&f=VQr1twfmfDwxWSVHbHAtXCD5GtBSDtBAuQ%2CXgdZHzfrfKEDJc6H4Het1CwJA4hQSMtZBtJ%2CpqEMC1fgfpAwfkH4HmtJCQJjt9S7t4JSE&c=300&d=250&e=&g=964718de9fa25e82662452021fb383c0%2F16559786827644174996&i=22499%2C71690%2C21630&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=emmaglam_advancedad_300x250&r=1661953471139&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
08da0846fcb1f65a2ead9d380eeb1285d7920fc0ce2d68cd394afe52af059ad2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 13:45:32 GMT
b2.php
view.webplexmedia.de/ Frame C51B 		740 B
593 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/banner.php?uid=495573400&e=0&p=1&s=0&sid=929&size=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
8b6d4698f1d2782fc265615021e4ed826ae859c976dcb8bde5dcb6d85c9bc10a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://news8.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
Desktop433.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/Desktop433.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
3955297f287664a552e76449cd964596fd0fac5b4ed29e6c3ea8a3b0c1de72c0
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 07:58:34 GMT
server
nginx
etag
"630f14aa-13aff"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
80639
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
Desktop432-608x380.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/Desktop432-608x380.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
1d4857ecc19d6247ae5012c8b1af05dbf4d5c72547645481d7220e585f3092e1
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 07:10:00 GMT
server
nginx
etag
"630f0948-114ef"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
70895
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
Nepomuck-Finn-Mission-Umweltschutz27.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/Nepomuck-Finn-Mission-Umweltschutz27.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
b8c1144d7765f25858dabd3f744c6e13e5349a454cd8b0354cf600016c8c158f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Tue, 30 Aug 2022 07:34:45 GMT
server
nginx
etag
"630dbd95-118f5"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
71925
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
Facebook-1-1024x538.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/Facebook-1-1024x538.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
998a493e3fe5cf9d5848e085b80f7cc29cf371651ed85c26376556a0dbd31c86
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 13:13:33 GMT
server
nginx
etag
"630f5e7d-cdc6"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
52678
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
crosstraining-lizenz-ausbildung-academyofsports.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/crosstraining-lizenz-ausbildung-academyofsports.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
e634c6f7bbfd05283cd3adb4a0eacff47028f1c741925e131a41164541e873e5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 13:10:04 GMT
server
nginx
etag
"630f5dac-ac9c"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
44188
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
Electrical-Steel-Sheet-Market-1024x575.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		118 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/Electrical-Steel-Sheet-Market-1024x575.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
de666f9cf797fd3f24862538f446cc993597d8df630b1d342ebf891f1f49dd54
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 13:03:16 GMT
server
nginx
etag
"630f5c14-1d97d"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
121213
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
Tracheostomy-Tube-Accessories-Market-1024x575.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/Tracheostomy-Tube-Accessories-Market-1024x575.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
d32518f7f68825d7470b8364d11e5e933a1c5149724355e1d290e6e7eb1a6b21
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 12:41:04 GMT
server
nginx
etag
"630f56e0-f905"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
63749
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
b2.php
view.webplexmedia.de/ Frame 38E1 		740 B
592 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/banner.php?uid=495573400&e=0&p=0&s=0&sid=929&size=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
99308092280fbb41913fd20a39ba3ff572a8bc24e62a169327357b84957dcb6f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://news8.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
silver-right.png
news8.de/wp-content/plugins/cool-tag-cloud/inc/images/ Frame DD31 		843 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/plugins/cool-tag-cloud/inc/images/silver-right.png
Requested by
Host: news8.de
URL: https://news8.de/wp-content/cache/wmac/css/wmac_single_b535dfee3f63967537c8e39bf85c8a0c.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
2d27c29095dea63352f123ae16072ffbc141969fd70133b3b7c8cef75f0bcb47
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/wp-content/cache/wmac/css/wmac_single_b535dfee3f63967537c8e39bf85c8a0c.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Thu, 22 Apr 2021 22:23:53 GMT
server
nginx
etag
"6081f779-34b"
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
843
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
57fgjj6v.js
ad4m.at/ Frame C8FD 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/57fgjj6v.js
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a2b3e41cf4d6b16ef89a098a6f72bc2a54a76ab63c02e14e617cba05cc4a38

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://view.webplexmedia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
96845
cf-polished
origSize=51099
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 10:41:11 GMT
server
cloudflare
etag
W/"d5f2cf8e554d28884c63541e94f6f7b9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccdfs0Urhlbubw65oKlhol%2F271wvjQYB1AMwmCiochI4XNboJKVeMYkLPSWvVd4uEoph2pgZrVo%2B6Kp81OTX3rvat%2B2knkG1qZX5m4QyhSFcv2baQE6Y4VTugXoQ%2Bz8aWWHowzE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
expires
Tue, 23 Aug 2022 11:04:14 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
74363393796891dd-FRA
cf-bgj
minify
banner.php
media.news8.de/ Frame C8FD 		215 B
340 B 		Script
General
Check archive.org
Download Go to
Full URL
https://media.news8.de/banner.php?uid=495573400&e=0&p=0&s=0&sid=929&size=5
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
50e320947b091c667a70658580f5fe7eb27e1e5e9edd177f4f19bcd1896a07b9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://view.webplexmedia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
gzip
server
nginx
date
Wed, 31 Aug 2022 13:44:32 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
Eine-funktionierende-TOILETTE-in-Minecraft-KACKA-Mod.jpg
www.fesch.tv/wp-content/uploads/2022/08/ Frame DD31 		150 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fesch.tv/wp-content/uploads/2022/08/Eine-funktionierende-TOILETTE-in-Minecraft-KACKA-Mod.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
bb5e27f34ba5ea447a148b28c7c6f633a846bb4d8a7e5dd3cbc2e04274899154
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 12:10:07 GMT
server
nginx
etag
"630f4f9f-256e4"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
153316
x-xss-protection
1; mode=block
Das-Versteck-Trailer-Deutsch-HD.jpg
www.fesch.tv/wp-content/uploads/2022/08/ Frame DD31 		334 KB
335 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fesch.tv/wp-content/uploads/2022/08/Das-Versteck-Trailer-Deutsch-HD.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
e6be69d99846159c43f20ee5e25d4ca83b462b90a46521fbf49f6030b92d4af7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Wed, 31 Aug 2022 11:10:33 GMT
server
nginx
etag
"630f41a9-53804"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
342020
x-xss-protection
1; mode=block
base.js
g.cash-ads.com/js/ Frame DD31 		91 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/js/base.js
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/slider.php?uid=495573400&e=0&p=1&s=0&sid=929
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
8c25ade0a1d20dfb962dbc265e60d98d90544f13ce586820e3c3dc2baae64e81

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
content-encoding
gzip
last-modified
Tue, 31 Aug 2021 15:27:16 GMT
server
nginx
etag
W/"612e4a54-16b34"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Wed, 07 Sep 2022 13:44:32 GMT
lg0.jpg
view.webplexmedia.de/ Frame A32B 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://view.webplexmedia.de/lg0.jpg
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Fri, 04 Dec 2020 00:56:23 GMT
server
nginx
etag
"5fc98937-5de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
lg0.jpg
view.webplexmedia.de/ Frame C622 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://view.webplexmedia.de/lg0.jpg
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Fri, 04 Dec 2020 00:56:23 GMT
server
nginx
etag
"5fc98937-5de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
in4.php
view.webplexmedia.de/ Frame CABC 		443 B
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
eb08bdbd007609495b67b3709c5dae15b718376b9638d87481fcaf3b92af36b4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
lg0.jpg
view.webplexmedia.de/ Frame C51B 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://view.webplexmedia.de/lg0.jpg
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Fri, 04 Dec 2020 00:56:23 GMT
server
nginx
etag
"5fc98937-5de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
in4.php
view.webplexmedia.de/ Frame 003F 		443 B
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
eb08bdbd007609495b67b3709c5dae15b718376b9638d87481fcaf3b92af36b4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
lg0.jpg
view.webplexmedia.de/ Frame 38E1 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://view.webplexmedia.de/lg0.jpg
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Fri, 04 Dec 2020 00:56:23 GMT
server
nginx
etag
"5fc98937-5de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
lang-widget-de.json
consent.cookiefirst.com/sites/news8.de-bb9377db-6a76-431a-8f04-e7675f72404e/ Frame DD31 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/sites/news8.de-bb9377db-6a76-431a-8f04-e7675f72404e/lang-widget-de.json?v=be8f28e9-37b6-404d-9d56-7970f0754f3c
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-731.bunnyinfra.net
Software
Cookie First CDN-AT-731 /
Resource Hash
65ac6cc05d7933437081474bbbc2b72e0a1a340281837480bbc6bdef0b997267

Request headers

Accept
application/json
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
content-encoding
br
cdn-edgestorageid
731
cdn-fileserver
308
cdn-storageserver
DE-164
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cdn-cachedat
06/28/2022 19:11:24
cdn-pullzone
236985
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server
Cookie First CDN-AT-731
access-control-allow-origin
*
visitor-location
NL
last-modified
Mon, 11 Apr 2022 20:51:53 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"625494e9-25f5"
vary
Accept-Encoding
content-type
application/json
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cache-control
public, max-age=31919000
cdn-requestid
0dc3b3c83cc4d144a595f1de2547aee0
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True
lg0.jpg
view.webplexmedia.de/ Frame A32B 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://view.webplexmedia.de/lg0.jpg
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Fri, 04 Dec 2020 00:56:23 GMT
server
nginx
etag
"5fc98937-5de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
lg0.jpg
view.webplexmedia.de/ Frame C622 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://view.webplexmedia.de/lg0.jpg
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Fri, 04 Dec 2020 00:56:23 GMT
server
nginx
etag
"5fc98937-5de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
in4.php
view.webplexmedia.de/ Frame BBFD 		469 B
454 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
693fcd2c97a0aa26464a8a87d2dc78db0870793e6d8dab054d60081ade5e2db0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
b
sb.scorecardresearch.com/ Frame DD4E 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1661953472617&ns_c=windows-1252&ns_if=1&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0817221641%2Fid.html&c8=&c9=
Requested by
Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r0817221641/id.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-21.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
ZZJ1J-nw09mRqtgIzOi6IozJ-L1fzBryzasuS2ok5IwcWuQhyzTUNQ==
x-cache
Miss from cloudfront
in4.php
view.webplexmedia.de/ Frame 50DC 		443 B
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
eb08bdbd007609495b67b3709c5dae15b718376b9638d87481fcaf3b92af36b4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
lg0.jpg
view.webplexmedia.de/ Frame C51B 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://view.webplexmedia.de/lg0.jpg
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Fri, 04 Dec 2020 00:56:23 GMT
server
nginx
etag
"5fc98937-5de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 8697 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
lg0.jpg
view.webplexmedia.de/ Frame 38E1 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://view.webplexmedia.de/lg0.jpg
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Fri, 04 Dec 2020 00:56:23 GMT
server
nginx
etag
"5fc98937-5de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4B1C 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220829&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4176752718986875&plah=emmaglam.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25aa226b11eacdde779256279b5de6966d2e9a3c3d1965691dc14ca3f484f2f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Aug 2022 13:44:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11079
x-xss-protection
0
ui.7ac7.c.css
consent.cookiefirst.com/banner/v2.2.3/static-main/ Frame DD31 		10 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner/v2.2.3/static-main/ui.7ac7.c.css
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-731.bunnyinfra.net
Software
Cookie First CDN-AT-731 /
Resource Hash
12967dfbe83712c6c8ce1910ad29b33880a6311935c236d2ff632c9dae7db8c7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
content-encoding
br
cdn-edgestorageid
731
cdn-fileserver
313
cdn-storageserver
DE-199
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cdn-cachedat
08/30/2022 12:10:16
cdn-pullzone
236985
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server
Cookie First CDN-AT-731
access-control-allow-origin
*
visitor-location
NL
last-modified
Tue, 30 Aug 2022 11:27:10 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"630df40e-29cb"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cache-control
public, max-age=31919000
cdn-requestid
bf83720c58f71e82bbec56031beea542
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True
ui.ea80.c.js
consent.cookiefirst.com/banner/v2.2.3/static-main/ Frame DD31 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner/v2.2.3/static-main/ui.ea80.c.js
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-731.bunnyinfra.net
Software
Cookie First CDN-AT-731 /
Resource Hash
e25ce990aba8b6de45d83381762b446ae12fa65038a4cc2048d4f7e02ff18979

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
content-encoding
br
cdn-edgestorageid
731
cdn-fileserver
433
cdn-storageserver
DE-167
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cdn-cachedat
08/30/2022 12:10:16
cdn-pullzone
236985
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server
Cookie First CDN-AT-731
access-control-allow-origin
*
visitor-location
NL
last-modified
Tue, 30 Aug 2022 11:27:10 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"630df40e-640b"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cache-control
public, max-age=31919000
cdn-requestid
1104b01811a3f0aab59613138383656f
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True
b2.php
media.news8.de/ Frame 95FD 		816 B
619 B 		Document
General
Check archive.org
Download Go to
Full URL
https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5
Requested by
Host: media.news8.de
URL: https://media.news8.de/banner.php?uid=495573400&e=0&p=0&s=0&sid=929&size=5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
f95326e83a21ccb544105ca897dfee22936335d62c055f45514ee05f865f06a7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://view.webplexmedia.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
frame.html
ad4m.at/ Frame 1A4E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://view.webplexmedia.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
495561
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
743633946ae291dd-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 31 Aug 2022 13:44:32 GMT
expires
Thu, 25 Aug 2022 20:10:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hETJ84oi4YfmgmFJrN3rUm%2FrZsbM4uceCQxOlBOrbLf7PxHyw8PrR1%2Fy1QGD1e%2BuClRW3TWf8HFC784Pbzq%2BLEsN8NC1Dq5rys5%2B6TtlFBeBWAXorqvYFq41nD3K912OxqtKK%2BU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
styles.css
consent.cookiefirst.com/sites/news8.de-bb9377db-6a76-431a-8f04-e7675f72404e/ Frame DD31 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/sites/news8.de-bb9377db-6a76-431a-8f04-e7675f72404e/styles.css?v=be8f28e9-37b6-404d-9d56-7970f0754f3c
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-731.bunnyinfra.net
Software
Cookie First CDN-AT-731 /
Resource Hash
f7543013448a42e1b07bc53b29226c43a784e357a52d97796b66dff9e2c8a6b0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
content-encoding
br
cdn-edgestorageid
731
cdn-fileserver
303
cdn-storageserver
DE-164
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cdn-cachedat
06/28/2022 19:11:27
cdn-pullzone
236985
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server
Cookie First CDN-AT-731
access-control-allow-origin
*
visitor-location
NL
last-modified
Mon, 11 Apr 2022 20:51:53 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"625494e9-645"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cache-control
public, max-age=31919000
cdn-requestid
dd6d34d04ed0ce27aa2f915ee888b7b2
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True
lg0.jpg
media.news8.de/ Frame 95FD 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.news8.de/lg0.jpg
Requested by
Host: media.news8.de
URL: https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Thu, 21 Jan 2021 21:22:13 GMT
server
nginx
etag
"6009f085-5de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
in4.php
media.news8.de/ Frame 6C4F 		310 B
367 B 		Document
General
Check archive.org
Download Go to
Full URL
https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=https://fohlenfive.de
Requested by
Host: media.news8.de
URL: https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
b0e587092ca1126e5ead23734ff18340f126edcf6ee6c1460a223d56a3598497
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
banner.php
media.news8.de/ Frame CABC 		215 B
338 B 		Script
General
Check archive.org
Download Go to
Full URL
https://media.news8.de/banner.php?uid=495573400&e=0&p=0&s=0&sid=929&size=4
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
3fd510b1d61c187e90d8f8ef3ffe21c05c0f64f10c6add0c2f9e5d817fb277b8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://view.webplexmedia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
gzip
server
nginx
date
Wed, 31 Aug 2022 13:44:32 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
api.php
view.webplexmedia.de/ Frame 4ECC 		222 B
354 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/api.php?size=2
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
231645e192c14002a3c17176280d8398d54d2b0688e6f44c4eaa2637d0f4e732
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
banner.php
media.news8.de/ Frame 003F 		215 B
338 B 		Script
General
Check archive.org
Download Go to
Full URL
https://media.news8.de/banner.php?uid=495573400&e=0&p=0&s=0&sid=929&size=4
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
3fd510b1d61c187e90d8f8ef3ffe21c05c0f64f10c6add0c2f9e5d817fb277b8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://view.webplexmedia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
gzip
server
nginx
date
Wed, 31 Aug 2022 13:44:32 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4B1C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4176752718986875&plah=emmaglam.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 31 Aug 2022 13:44:32 GMT
adition.js
imagesrv.adition.com/js/ Frame BBFD 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://view.webplexmedia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad4.adfarm1.adition.com/ Frame BBFD 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=3974826
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
14b30612570f753e6804af047af73c3fcf1469687713c65c7a515919844688e4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://view.webplexmedia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 15:44:32 +0200
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
cache-control
max-age=600
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires
Sat, 01 Jan 2000 00:00:00 GMT
banner.php
media.news8.de/ Frame BBFD 		215 B
339 B 		Script
General
Check archive.org
Download Go to
Full URL
https://media.news8.de/banner.php?uid=495573400&e=0&p=0&s=0&sid=929&size=5
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
50e320947b091c667a70658580f5fe7eb27e1e5e9edd177f4f19bcd1896a07b9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://view.webplexmedia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
gzip
server
nginx
date
Wed, 31 Aug 2022 13:44:32 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
banner.php
media.news8.de/ Frame 50DC 		215 B
338 B 		Script
General
Check archive.org
Download Go to
Full URL
https://media.news8.de/banner.php?uid=495573400&e=0&p=0&s=0&sid=929&size=4
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
3fd510b1d61c187e90d8f8ef3ffe21c05c0f64f10c6add0c2f9e5d817fb277b8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://view.webplexmedia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
gzip
server
nginx
date
Wed, 31 Aug 2022 13:44:32 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
api.php
view.webplexmedia.de/ Frame AF4C 		222 B
354 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/api.php?size=2
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
231645e192c14002a3c17176280d8398d54d2b0688e6f44c4eaa2637d0f4e732
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
cookiefirst.png
consent.cookiefirst.com/branding/ Frame DD31 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.cookiefirst.com/branding/cookiefirst.png
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-731.bunnyinfra.net
Software
Cookie First CDN-AT-731 /
Resource Hash
c907449e77649b7251526ef8a042c6f0b2e1518c9bca69728f5a6f37d4f92a0e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
cdn-edgestorageid
731
cdn-fileserver
181
cdn-storageserver
DE-197
cdn-cachedat
08/31/2022 13:44:32
cdn-pullzone
236985
content-length
14774
server
Cookie First CDN-AT-731
visitor-location
NL
last-modified
Mon, 11 Apr 2022 15:49:59 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"62544e27-39b6"
content-type
image/png
cdn-cache
BYPASS
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cache-control
public, max-age=31919000
cdn-requestid
b96cc4f462a861b1de39b947065dc7b4
accept-ranges
bytes
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True
api.php
view.webplexmedia.de/ Frame CF8F 		222 B
354 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/api.php?size=2
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
231645e192c14002a3c17176280d8398d54d2b0688e6f44c4eaa2637d0f4e732
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
b2.php
media.news8.de/ Frame 891B 		813 B
615 B 		Document
General
Check archive.org
Download Go to
Full URL
https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Requested by
Host: media.news8.de
URL: https://media.news8.de/banner.php?uid=495573400&e=0&p=0&s=0&sid=929&size=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
eb9593cd7ae32b92fb30a92f84dd357bd2c5c58b3b45ec182f45baf3a8851458
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://view.webplexmedia.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
Carnival-Luminosa-0021.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/Carnival-Luminosa-0021.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
10e65bf9b164e3e02c541cdb54ddf6f7d670c4aa9b5d212147de42a57403bcf7
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Tue, 30 Aug 2022 08:48:40 GMT
server
nginx
etag
"630dcee8-f09b"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
61595
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
news8-bild-1280x720.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		174 KB
174 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/news8-bild-1280x720.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
9f5f18a43547bbe0a7a73f8322a2649c44dae857802d6b04b3087480730c8479
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Mon, 29 Aug 2022 09:28:14 GMT
server
nginx
etag
"630c86ae-2b861"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
178273
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
luggage-gf12bb2332_640.jpg
news8.de/wp-content/uploads/2022/08/ Frame DD31 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/wp-content/uploads/2022/08/luggage-gf12bb2332_640.jpg
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
e9f20108fc117afb0b35d17bf5c22de16bc9201c5a644cf6cf99e720a3915daf
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
last-modified
Thu, 18 Aug 2022 13:09:40 GMT
server
nginx
etag
"62fe3a14-7d6c"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
32108
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
/
news8.de/ Frame DD31 		160 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news8.de/
Requested by
Host: news8.de
URL: https://news8.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:33 GMT
last-modified
Wed, 31 Aug 2022 13:13:31 GMT
server
nginx
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
link
<https://news8.de/wp-json/>; rel="https://api.w.org/"
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:33 GMT
ajax-handler.php
news8.de/wp-content/ Frame DD31 		2 B
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news8.de/wp-content/ajax-handler.php
Requested by
Host: news8.de
URL: https://news8.de/wp-content/cache/wmac/js/wmac_0e5d43f7f51799ce869ab0581ea01a63.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmd55357.contaboserver.net
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 31 Aug 2022 13:44:32 GMT
x-content-type-options
nosniff
server
nginx
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-robots-tag
noindex
x-xss-protection
1; mode=block
expires
Thu, 01 Sep 2022 13:44:32 GMT
gen.js
ads.themoneytizer.com/s/ Frame 6C4F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=31
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=https://fohlenfive.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-77-nzt
AZySIRkzm/f/7ocAAA
x-accel-expires
@1662005074
date
Wed, 31 Aug 2022 13:44:32 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
jaKRM0Y5Dl4
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
34798
x-77-pop
frankfurtDE
requestform.js
ads.themoneytizer.com/s/ Frame 6C4F 		160 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=https://fohlenfive.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9d5fa41af7cdd9ba2e17cbcbe3e784560230667f6eb0c0dd40f478220e7d59c9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-77-nzt
AZySIRkSRvz/6VEAAA
x-accel-expires
@1662018903
date
Wed, 31 Aug 2022 13:44:32 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
YRpGuHE+yjE
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
public, max-age=86400
x-cache
HIT
x-age
20969
x-77-pop
frankfurtDE
b2.php
media.news8.de/ Frame 73C3 		817 B
620 B 		Document
General
Check archive.org
Download Go to
Full URL
https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Requested by
Host: media.news8.de
URL: https://media.news8.de/banner.php?uid=495573400&e=0&p=0&s=0&sid=929&size=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
f4612bb14195057916e896ac37087b1cabb18650978550a3bc4e27eee62020e6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://view.webplexmedia.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
b2.php
media.news8.de/ Frame C832 		811 B
615 B 		Document
General
Check archive.org
Download Go to
Full URL
https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Requested by
Host: media.news8.de
URL: https://media.news8.de/banner.php?uid=495573400&e=0&p=0&s=0&sid=929&size=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
2266a3a875952ddb16453e3d49b1fabd825728176d76976d8a9454fe717f9898
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://view.webplexmedia.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:32 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
970.jpg
media.news8.de/assets/ Frame 6C4F 		548 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.news8.de/assets/970.jpg
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=https://fohlenfive.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=https://fohlenfive.de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
gzip
server
nginx
date
Wed, 31 Aug 2022 13:44:32 GMT
content-type
text/html
lg0.jpg
media.news8.de/ Frame 891B 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.news8.de/lg0.jpg
Requested by
Host: media.news8.de
URL: https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:33 GMT
last-modified
Thu, 21 Jan 2021 21:22:13 GMT
server
nginx
etag
"6009f085-5de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
lg0.jpg
media.news8.de/ Frame 73C3 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.news8.de/lg0.jpg
Requested by
Host: media.news8.de
URL: https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
last-modified
Thu, 21 Jan 2021 21:22:13 GMT
server
nginx
etag
"6009f085-5de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
in4.php
media.news8.de/ Frame 87FC 		283 B
351 B 		Document
General
Check archive.org
Download Go to
Full URL
https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://enamora.de
Requested by
Host: media.news8.de
URL: https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
01985555d5eb4407b14db290c3a1c71a8a58a9351bccb70326c7665f6d1dee20
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:34 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
banner
ad4.adfarm1.adition.com/ Frame C4D7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=3974826&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=7138035801138921830&wi=819798388&ac=1&screen_res=6&wpt=H&clickurl=
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=3974826
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
bd52bb27c0db8081835c4162463d48085f62dec9752cae922d41503085963e82

Request headers

Referer
https://view.webplexmedia.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 31 Aug 2022 15:44:34 +0200
expires
Sat, 01 Jan 2000 00:00:00 GMT
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma
no-cache
server
ADITIONSERVER v1.0
b2.php
media.news8.de/ Frame 66CC 		816 B
619 B 		Document
General
Check archive.org
Download Go to
Full URL
https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5
Requested by
Host: media.news8.de
URL: https://media.news8.de/banner.php?uid=495573400&e=0&p=0&s=0&sid=929&size=5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
8a282d829567d5169b2f6dbcd8a62ecdaf24fffffd07730bdab6a2719c7b164b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://view.webplexmedia.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:34 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
lg0.jpg
media.news8.de/ Frame C832 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.news8.de/lg0.jpg
Requested by
Host: media.news8.de
URL: https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
last-modified
Thu, 21 Jan 2021 21:22:13 GMT
server
nginx
etag
"6009f085-5de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DAC5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://emmaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
253
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 13:40:21 GMT
expires
Thu, 31 Aug 2023 13:40:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4033 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
71f48a0b0b2d51a7083106e74b77afd7d2a73345c1deea097c1e667504187c39
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FTFieiLWlzYdeK1-hUMYWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://emmaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-FTFieiLWlzYdeK1-hUMYWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 13:44:34 GMT
expires
Wed, 31 Aug 2022 13:44:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
view.webplexmedia.de/ Frame 4ECC 		484 B
445 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/?sess=QFSjhmoeI%2F0ErruT%2F91CPrqPhvTRgIaStwJPRGiTrRq%2F%2Bh4cn1EMgsMvah8KFOYk
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
ed4446368946cdd67b6a4eea5136b7c6c02e004934eb865e41f6fa168431dd32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:34 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
rs
ad4m.at/ Frame C8FD 		461 B
854 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daee4c40a40971197a93d788d6df4eb52b14299162feb5a2c5a70d963f7dadb2

Request headers

Referer
https://view.webplexmedia.de/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7436339f3de4903d-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vO7W%2FwV%2FbPC%2Bno2SYhfg985FNAvnJbU91l2gYIvkEe8dyJzbGS8%2BemUGk7RRs7tVkVm%2FF5GaxlNWNePxGq1rQwdVBf%2FELvUG7zGkQ5Ejzm962vrRWYfLfI5y2uVpvGDlP37zPpA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://view.webplexmedia.de
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://view.webplexmedia.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://view.webplexmedia.de
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7436339edd53903d-FRA
content-length
24
content-type
text/plain
date
Wed, 31 Aug 2022 13:44:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anW3fy16WFlUChROdD8GZ4SIO%2BQQYsfT2s9lrIjBPDBX5yGmbPiy2rYFlSTZravop57aiT3oLt7JofyPSxAasxgtvSn2mfkMXdIzLeas9n6N21MqOGfUvI5qOZxfSwtpgOJtENU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-h8v1
moneybile.js
ads.themoneytizer.com/ Frame 6C4F 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=31
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-77-nzt
AZySIRkOCr7/8IcAAA
pragma
public
date
Wed, 31 Aug 2022 13:44:34 GMT
content-encoding
br
etag
W/"604b9fc7-981e"
last-modified
Fri, 12 Mar 2021 17:07:19 GMT
server
CDN77-Turbo
x-77-nzt-ray
z9q/xZpc+jg
x-77-cache
HIT
content-type
application/javascript
x-cache
HIT
x-age
34800
x-77-pop
frankfurtDE
x-accel-expires
@1662955474
lg0.jpg
media.news8.de/ Frame 891B 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.news8.de/lg0.jpg
Requested by
Host: media.news8.de
URL: https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
last-modified
Thu, 21 Jan 2021 21:22:13 GMT
server
nginx
etag
"6009f085-5de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame E67B 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 31 Aug 2022 13:44:34 GMT
server
nginx
in4.php
media.news8.de/ Frame 4B5B 		280 B
350 B 		Document
General
Check archive.org
Download Go to
Full URL
https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://stadt-koeln.de
Requested by
Host: media.news8.de
URL: https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
2a0813d7fcc340ef99a50adeff2e7c26d952cb077fafb8718d0a8aae9d69295a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:34 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame E67B 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 31 Aug 2022 13:44:34 GMT
server
nginx
lg0.jpg
media.news8.de/ Frame 73C3 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.news8.de/lg0.jpg
Requested by
Host: media.news8.de
URL: https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
last-modified
Thu, 21 Jan 2021 21:22:13 GMT
server
nginx
etag
"6009f085-5de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame E67B 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 31 Aug 2022 13:44:34 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 9CCC 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 31 Aug 2022 13:44:34 GMT
server
nginx
/
view.webplexmedia.de/ Frame AF4C 		484 B
445 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/?sess=QFSjhmoeI%2F0ErruT%2F91CPrqPhvTRgIaStwJPRGiTrRq%2F%2Bh4cn1EMgsMvah8KFOYk
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
ed4446368946cdd67b6a4eea5136b7c6c02e004934eb865e41f6fa168431dd32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:34 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
in4.php
media.news8.de/ Frame B105 		280 B
350 B 		Document
General
Check archive.org
Download Go to
Full URL
https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://klamm.de
Requested by
Host: media.news8.de
URL: https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
2a0813d7fcc340ef99a50adeff2e7c26d952cb077fafb8718d0a8aae9d69295a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:34 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
/
view.webplexmedia.de/ Frame CF8F 		484 B
445 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/?sess=QFSjhmoeI%2F0ErruT%2F91CPrqPhvTRgIaStwJPRGiTrRq%2F%2Bh4cn1EMgsMvah8KFOYk
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
ed4446368946cdd67b6a4eea5136b7c6c02e004934eb865e41f6fa168431dd32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:34 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
/
c.tmyzer.com/c/ Frame 6C4F 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=18763&f=31&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 31 Aug 2022 13:43:05 GMT
Server
nginx
X-IPLB-Request-ID
5FD3C79B:9FAA_36264064:01BB_630F65C2_1044CFD1:F1E4
X-IPLB-Instance
38431
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
smart.js
ced.sascdn.com/tag/1097/ Frame 6C4F 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.133 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-133.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
153c40cc72d76cbaca5faf30ddf657cbcc9694141606c3b1a30ce4a2c47b61c9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 13:44:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=900
Connection
keep-alive
Content-Length
32364
Expires
Wed, 31 Aug 2022 13:59:34 GMT
sync
gum.criteo.com/ Frame 6C4F 		49 B
372 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
3332
strict-transport-security
max-age=31536000; preload;
content-length
165
expires
60
mapper.js
spl.zeotap.com/ Frame 6C4F 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
743633a1eb739b43-FRA
date
Wed, 31 Aug 2022 13:44:34 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://media.news8.de
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
libJsLP.js
tag.leadplace.fr/ Frame 6C4F 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 13:44:34 GMT
Last-Modified
Thu, 14 Oct 2021 07:27:52 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
5FD3C79B:929E_91EFC133:01BB_630F65C2_5B9E28EC:17AA7
ETag
"6167dbf8-15ab"
X-IPLB-Instance
29922
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5547
/
onetag-sys.com/usync/ Frame B3E2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1661953474799
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://media.news8.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
quant.js
secure.quantserve.com/ Frame 6C4F 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8bac9c023fad9d6721b69f7fe5cfbd0da812fd66ec2c428ae4a141cc44f2e4e9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
content-encoding
gzip
etag
"TFjIU174W8I7nbu1DVEZpA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 07 Sep 2022 13:44:34 GMT
px.js
p.cpx.to/p/12763/ Frame 6C4F 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12763/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.196.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-196-234.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6e7ec1538f64f09356d095457fa3387b84619a8f32db7708a4a21957e7d33a3d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 13:44:34 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1990
Content-Type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame 6C4F 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.2.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-2-52.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 19:56:38 GMT
Via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
64076
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-P6
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
hkYwP04khui9JKpeGRwlARdJNqXkgDtlskSjjOT4aB6WwvJAw2QXCQ==
prebid.js
ads.themoneytizer.com/moneybid7_10/build_noconsent/dist/ Frame 6C4F 		631 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid7_10/build_noconsent/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
006d63d16dc7d6ba19a7ac5f10ee7bfe0de74f4a7bae1606c75101a5ce83f91a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-77-nzt
AZySIRl64uD/6YcAAA
pragma
public
date
Wed, 31 Aug 2022 13:44:34 GMT
content-encoding
br
etag
W/"630cdb6b-9ddca"
last-modified
Mon, 29 Aug 2022 15:29:47 GMT
server
CDN77-Turbo
x-77-nzt-ray
WGQDsu3RuPY
x-77-cache
HIT
content-type
application/javascript
x-cache
HIT
x-age
34793
x-77-pop
frankfurtDE
x-accel-expires
@1662955481
tracking-event
api.webgains.io/ Frame C838 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 31 Aug 2022 13:44:34 GMT
server
nginx
lg0.jpg
media.news8.de/ Frame C832 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.news8.de/lg0.jpg
Requested by
Host: media.news8.de
URL: https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
last-modified
Thu, 21 Jan 2021 21:22:13 GMT
server
nginx
etag
"6009f085-5de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame AB6B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=13957%2C197100%2C15573&b=zxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsW%2CMVzUzfrfjepBCWHEHGtDt661tBS9tb4Vs3%2CbWPSQfZfeDVaYHbHztKt1d8fbS3t5AjTJ&f=8MzFDf8fZxWsgHJHEtqCkkYcGS5t8Y7Uk%2C6dzhef3fMWZgUeHmHYtECWWRFYSBt2QZU7%2C391Fpf4fkY2F7HrHAtXC1E7fPSztA3Psd&c=970&d=250&e=&g=9988ac34699aeb29756238388a5ec6ee%2F5214816783953817931&i=20774%2C20773%2C26474&j=14%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&r=1661953474453&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ba184595336942188e368221da6ae51f8eacebbf4f4a320d51899b6f593cd72
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://view.webplexmedia.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
743633a20b6e91dd-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 13:44:34 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame C838 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 31 Aug 2022 13:44:34 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 834A 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 31 Aug 2022 13:44:34 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 834A 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 31 Aug 2022 13:44:34 GMT
server
nginx
tracking-event
api.webgains.io/ Frame EDB5 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 31 Aug 2022 13:44:34 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 84C0 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 31 Aug 2022 13:44:34 GMT
server
nginx
9.gif
id5-sync.com/i/12/ Frame 6C4F 		0
0
lg0.jpg
media.news8.de/ Frame 66CC 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.news8.de/lg0.jpg
Requested by
Host: media.news8.de
URL: https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
last-modified
Thu, 21 Jan 2021 21:22:13 GMT
server
nginx
etag
"6009f085-5de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
pahb_n.prod.js
imagesrv.adition.com/banners/268/xml/pa_static/pb/native/ Frame C4D7 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=3974826&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=7138035801138921830&wi=819798388&ac=1&screen_res=6&wpt=H&clickurl=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
c8a971105c9d001834b7d079ca4367c9084cda1a380a1cd1bac3a7444d668a95

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
content-encoding
br
last-modified
Sun, 10 Apr 2022 07:06:34 GMT
etag
"2466592594-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8271
gen.js
ads.themoneytizer.com/s/ Frame 87FC 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=19
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://enamora.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-77-nzt
AZySIRnboET/8IcAAA
x-accel-expires
@1662005075
date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
OTI/qEyZI1Y
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
public, max-age=86400
x-cache
HIT
x-age
34800
x-77-pop
frankfurtDE
requestform.js
ads.themoneytizer.com/s/ Frame 87FC 		160 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=19
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://enamora.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5803c3940f4808efcc4e5115a016862e0b366862c607c9dbfefe6432dd573f62

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-77-nzt
AZySIRka32D/YWYAAA
x-accel-expires
@1662013666
date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
4BuY/xApJJA
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
26209
x-77-pop
frankfurtDE
gen.js
ads.themoneytizer.com/s/ Frame 4B5B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=2
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://stadt-koeln.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-77-nzt
AZySIRls147/8YcAAA
x-accel-expires
@1662005074
date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
3NN5On5GxnU
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
34801
x-77-pop
frankfurtDE
requestform.js
ads.themoneytizer.com/s/ Frame 4B5B 		160 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://stadt-koeln.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9f3e7b3b36a699ce6ab2a79b9343479e262486bbbcacef8ecd76bcdfe9d621ce

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-77-nzt
AZySIRlHK+b/Nl0AAA
x-accel-expires
@1662016013
date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
NxuAOai9y4U
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
23862
x-77-pop
frankfurtDE
in4.php
media.news8.de/ Frame C6A7 		310 B
367 B 		Document
General
Check archive.org
Download Go to
Full URL
https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=https://wunderweib.de
Requested by
Host: media.news8.de
URL: https://media.news8.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
b0e587092ca1126e5ead23734ff18340f126edcf6ee6c1460a223d56a3598497
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:35 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
gen.js
ads.themoneytizer.com/s/ Frame B105 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=2
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://klamm.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-77-nzt
AZySIRmGa8r/8YcAAA
x-accel-expires
@1662005074
date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
8kTyRtjxkkY
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
34801
x-77-pop
frankfurtDE
requestform.js
ads.themoneytizer.com/s/ Frame B105 		160 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://klamm.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9f3e7b3b36a699ce6ab2a79b9343479e262486bbbcacef8ecd76bcdfe9d621ce

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-77-nzt
AZySIRlgV1P/Nl0AAA
x-accel-expires
@1662016013
date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
QIaIUWqB2Ns
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
23862
x-77-pop
frankfurtDE
/
view.webplexmedia.de/ Frame 4ECC 		303 B
375 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/?sess=mX7OxuHl8WYe2f1OMhzf95JekUWOUiJUWSHQkPIRw8nGi%2BawF9ddE8Y%2Fv0zFyAbT
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/?sess=QFSjhmoeI%2F0ErruT%2F91CPrqPhvTRgIaStwJPRGiTrRq%2F%2Bh4cn1EMgsMvah8KFOYk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
1931a9737f2fa7694f57f02de955f274850fef4910e412f4f6c18090cc3ec90f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:35 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.22/one-ad/ Frame AB6B 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C197100%2C15573&b=zxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsW%2CMVzUzfrfjepBCWHEHGtDt661tBS9tb4Vs3%2CbWPSQfZfeDVaYHbHztKt1d8fbS3t5AjTJ&f=8MzFDf8fZxWsgHJHEtqCkkYcGS5t8Y7Uk%2C6dzhef3fMWZgUeHmHYtECWWRFYSBt2QZU7%2C391Fpf4fkY2F7HrHAtXC1E7fPSztA3Psd&c=970&d=250&e=&g=9988ac34699aeb29756238388a5ec6ee%2F5214816783953817931&i=20774%2C20773%2C26474&j=14%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&r=1661953474453&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=13957%2C197100%2C15573&b=zxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsW%2CMVzUzfrfjepBCWHEHGtDt661tBS9tb4Vs3%2CbWPSQfZfeDVaYHbHztKt1d8fbS3t5AjTJ&f=8MzFDf8fZxWsgHJHEtqCkkYcGS5t8Y7Uk%2C6dzhef3fMWZgUeHmHYtECWWRFYSBt2QZU7%2C391Fpf4fkY2F7HrHAtXC1E7fPSztA3Psd&c=970&d=250&e=&g=9988ac34699aeb29756238388a5ec6ee%2F5214816783953817931&i=20774%2C20773%2C26474&j=14%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&r=1661953474453&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
167754
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86775
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 29 Aug 2022 15:08:41 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
743633a2fccf91dd-FRA
cf-bgj
minify
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame AB6B 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C197100%2C15573&b=zxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsW%2CMVzUzfrfjepBCWHEHGtDt661tBS9tb4Vs3%2CbWPSQfZfeDVaYHbHztKt1d8fbS3t5AjTJ&f=8MzFDf8fZxWsgHJHEtqCkkYcGS5t8Y7Uk%2C6dzhef3fMWZgUeHmHYtECWWRFYSBt2QZU7%2C391Fpf4fkY2F7HrHAtXC1E7fPSztA3Psd&c=970&d=250&e=&g=9988ac34699aeb29756238388a5ec6ee%2F5214816783953817931&i=20774%2C20773%2C26474&j=14%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&r=1661953474453&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
668859
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UImzp%2BAsomf932KsMjcwZxSU9LoA3XNIm4NUaaMgAeRsnNVNn4l7zB6oBzbKgl%2F7DolmAUZ9K8F%2BHeI8MVIY0QzL0ThtEdGCxR%2F29V1B9eF4XYgEURL9ClGUcGwt29%2BgI%2FLvM%2BM7bLxdSkHA"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:35 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
743633a2fcd091dd-FRA
cf-bgj
imgq:85,h2pri
AC141A5CBB54977B2534F8C53AC3663BEDFA436FAE3ACD4988B6899C9BB97ACFAD4B76B4BA1B0B0E1691596C153E31B849811DF48CAC56F53701C63564F90B6A
assets.ad4m.at/product_image/ Frame AB6B 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/AC141A5CBB54977B2534F8C53AC3663BEDFA436FAE3ACD4988B6899C9BB97ACFAD4B76B4BA1B0B0E1691596C153E31B849811DF48CAC56F53701C63564F90B6A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C197100%2C15573&b=zxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsW%2CMVzUzfrfjepBCWHEHGtDt661tBS9tb4Vs3%2CbWPSQfZfeDVaYHbHztKt1d8fbS3t5AjTJ&f=8MzFDf8fZxWsgHJHEtqCkkYcGS5t8Y7Uk%2C6dzhef3fMWZgUeHmHYtECWWRFYSBt2QZU7%2C391Fpf4fkY2F7HrHAtXC1E7fPSztA3Psd&c=970&d=250&e=&g=9988ac34699aeb29756238388a5ec6ee%2F5214816783953817931&i=20774%2C20773%2C26474&j=14%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&r=1661953474453&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e71afd53d34b1a32c15ee776f34aa51869e45820afcc130ee01477b7e9e275e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
666640
cf-polished
qual=85, origFmt=jpeg, origSize=156576
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34068
last-modified
Tue, 19 Oct 2021 12:48:35 GMT
server
cloudflare
etag
"451fa9b02ae7953b9311aefac697be7e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NNIdsvCGyafNiKdp%2BADdMncU5w2M3CG%2Ba9Z4bB7sztBeA7cORw78ZNL3tHRWW8bMx9BH9Y%2BmY%2Fn4BXrk7Pt88zphYfKTyZLqP1%2BFo8RWc%2B%2FI%2BVVikOHeTSFE2CyQ7BohiRoRMvECTPxzRdd"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:35 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
743633a31d0a91dd-FRA
cf-bgj
imgq:85,h2pri
/
partner.o2online.de/a/ Frame AB6B
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117683V1226132702M&subid=oneidzxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsWoneid__webplexmedia_advancedad_970x250&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117683V1226132702M&subid=oneidzxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsWoneid__webplexmedia_advancedad_970x250&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2022083115443575789011365X117683V1226132702MSoneidzxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsWoneid__webplexmedia...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2022083115443575789011365X117683V1226132702MSoneidzxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsWoneid__webplexmedia_advancedad_970x250&gdpr_consent=&gdpr=0&cons=0&spid=2022083115443575789011365X117683V1226132702MSoneidzxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsWoneid__webplexmedia_advancedad_970x250&wfid=117683&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C197100%2C15573&b=zxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsW%2CMVzUzfrfjepBCWHEHGtDt661tBS9tb4Vs3%2CbWPSQfZfeDVaYHbHztKt1d8fbS3t5AjTJ&f=8MzFDf8fZxWsgHJHEtqCkkYcGS5t8Y7Uk%2C6dzhef3fMWZgUeHmHYtECWWRFYSBt2QZU7%2C391Fpf4fkY2F7HrHAtXC1E7fPSztA3Psd&c=970&d=250&e=&g=9988ac34699aeb29756238388a5ec6ee%2F5214816783953817931&i=20774%2C20773%2C26474&j=14%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&r=1661953474453&y=1&s=&z=0
Protocol
HTTP/1.1
Server
46.4.62.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads4.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 13:44:35 GMT
X-NODEIP
46.4.62.19
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2022083115443575789011365X117683V1226132702MSoneidzxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsWoneid__webplexmedia_advancedad_970x250&gdpr_consent=&gdpr=0&cons=0&spid=2022083115443575789011365X117683V1226132702MSoneidzxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsWoneid__webplexmedia_advancedad_970x250&wfid=117683&partnerid=12218
date
Wed, 31 Aug 2022 13:44:35 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame AB6B 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C197100%2C15573&b=zxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsW%2CMVzUzfrfjepBCWHEHGtDt661tBS9tb4Vs3%2CbWPSQfZfeDVaYHbHztKt1d8fbS3t5AjTJ&f=8MzFDf8fZxWsgHJHEtqCkkYcGS5t8Y7Uk%2C6dzhef3fMWZgUeHmHYtECWWRFYSBt2QZU7%2C391Fpf4fkY2F7HrHAtXC1E7fPSztA3Psd&c=970&d=250&e=&g=9988ac34699aeb29756238388a5ec6ee%2F5214816783953817931&i=20774%2C20773%2C26474&j=14%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&r=1661953474453&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
662056
cf-polished
origFmt=png, origSize=24833
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJ821QJsv1C3XzXt34AgEqY6eEbyJGk6ZVo3byGzV8sosijF%2BCLqdx2FszXlLudPqWBD2r8OjTVnvqF%2FnasNthADzbJNdQaY77lhByJQm1N%2F1PPVXf6j1l2n9Vrqx6XHRrID9heoZrzQlfCh"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:35 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
743633a31d0c91dd-FRA
cf-bgj
imgq:85,h2pri
E9D375C72282EE56D8DA5AD27266D69B7BFE40E40C948577C3783C3219F98DD01F9931DC8CCF9B67D3492B05912CD4E83AC0FF6D46D2312F3BB13A1DCC095909
assets.ad4m.at/product_image/ Frame AB6B 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/E9D375C72282EE56D8DA5AD27266D69B7BFE40E40C948577C3783C3219F98DD01F9931DC8CCF9B67D3492B05912CD4E83AC0FF6D46D2312F3BB13A1DCC095909
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C197100%2C15573&b=zxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsW%2CMVzUzfrfjepBCWHEHGtDt661tBS9tb4Vs3%2CbWPSQfZfeDVaYHbHztKt1d8fbS3t5AjTJ&f=8MzFDf8fZxWsgHJHEtqCkkYcGS5t8Y7Uk%2C6dzhef3fMWZgUeHmHYtECWWRFYSBt2QZU7%2C391Fpf4fkY2F7HrHAtXC1E7fPSztA3Psd&c=970&d=250&e=&g=9988ac34699aeb29756238388a5ec6ee%2F5214816783953817931&i=20774%2C20773%2C26474&j=14%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&r=1661953474453&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f52afbdc9b50ea83386ec3f01d5b7f960c612515f6904541b370334f8d9676c0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
666255
cf-polished
qual=85, origFmt=jpeg, origSize=63020
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17696
last-modified
Tue, 07 Jun 2022 13:12:55 GMT
server
cloudflare
etag
"d0374826c2da26747cdba3111108f584"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmo7CtASwNUbtLjJ9aZICX7arWlCAHfE2OGe5b8zsEE96mU8MV4QJcuG%2FIgjkCr%2FmrQeM9wP%2BFrXjC8U8ae3M%2FG4oC5mDEUJScX%2BRwDbHudwGrBmnr4qI7L5W8thDu7HJAAIHwav%2FTXe9YoO"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:35 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
743633a31d1091dd-FRA
cf-bgj
imgq:85,h2pri
/
partner.blau.de/a/ Frame AB6B
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022083115443575789011363X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022083115443575789011363X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C197100%2C15573&b=zxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsW%2CMVzUzfrfjepBCWHEHGtDt661tBS9tb4Vs3%2CbWPSQfZfeDVaYHbHztKt1d8fbS3t5AjTJ&f=8MzFDf8fZxWsgHJHEtqCkkYcGS5t8Y7Uk%2C6dzhef3fMWZgUeHmHYtECWWRFYSBt2QZU7%2C391Fpf4fkY2F7HrHAtXC1E7fPSztA3Psd&c=970&d=250&e=&g=9988ac34699aeb29756238388a5ec6ee%2F5214816783953817931&i=20774%2C20773%2C26474&j=14%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&r=1661953474453&y=1&s=&z=0
Protocol
HTTP/1.1
Server
46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads2.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 13:44:35 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022083115443575789011363X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
date
Wed, 31 Aug 2022 13:44:35 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame AB6B 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C197100%2C15573&b=zxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsW%2CMVzUzfrfjepBCWHEHGtDt661tBS9tb4Vs3%2CbWPSQfZfeDVaYHbHztKt1d8fbS3t5AjTJ&f=8MzFDf8fZxWsgHJHEtqCkkYcGS5t8Y7Uk%2C6dzhef3fMWZgUeHmHYtECWWRFYSBt2QZU7%2C391Fpf4fkY2F7HrHAtXC1E7fPSztA3Psd&c=970&d=250&e=&g=9988ac34699aeb29756238388a5ec6ee%2F5214816783953817931&i=20774%2C20773%2C26474&j=14%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&r=1661953474453&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
667214
cf-polished
qual=85, origFmt=jpeg, origSize=58124
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9782
last-modified
Fri, 08 Jul 2022 10:19:52 GMT
server
cloudflare
etag
"b4342e277c43aad9c5020a04564bfd1e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecewp3TMl6J3SiYGuLjM5tygiDYNfcWLxIwIlkBxgcCTPr59mhNU04BuAM7XlXEPK6EbWx52hFu0nKHU6TAgT6MXsKNgw6ybVKg2J72FiSQzVDLin30vSRagskG9btSAep9bgBap4WHrQy9j"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:35 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
743633a31d1291dd-FRA
cf-bgj
imgq:85,h2pri
7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
assets.ad4m.at/product_image/ Frame AB6B 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C197100%2C15573&b=zxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsW%2CMVzUzfrfjepBCWHEHGtDt661tBS9tb4Vs3%2CbWPSQfZfeDVaYHbHztKt1d8fbS3t5AjTJ&f=8MzFDf8fZxWsgHJHEtqCkkYcGS5t8Y7Uk%2C6dzhef3fMWZgUeHmHYtECWWRFYSBt2QZU7%2C391Fpf4fkY2F7HrHAtXC1E7fPSztA3Psd&c=970&d=250&e=&g=9988ac34699aeb29756238388a5ec6ee%2F5214816783953817931&i=20774%2C20773%2C26474&j=14%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&r=1661953474453&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a7f4c8a9af17cac4c92d0fad28e07cc781825be9dd19da205c028b2a49e634a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
668832
cf-polished
qual=85, origFmt=jpeg, origSize=128978
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
52014
last-modified
Tue, 31 May 2022 12:16:42 GMT
server
cloudflare
etag
"aa8c145ca1b6cb2be4e511f8f6f2685d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MK3puJFogjGx8h6hj1R1JB0MK%2F3VFrgP0%2BriMvJGi1QfDK0kjyxUOLDV0ROnEd5rXt17SllmsZFKjWDaS5PmetixgvD5JsMPECQ4gtv2DT0qS5RBawWQqes7l7%2BYumnSlK%2B5TPMt44zVhWPm"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:35 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
743633a31d1591dd-FRA
cf-bgj
imgq:85,h2pri
view.aspx
pb.media01.eu/ Frame AB6B
Redirect Chain
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidbWPSQfZfeDVaYHbHztKt1d8fbS3t5AjTJoneid__webplexmedia_advancedad_970x250&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidbWPSQfZfeDVaYHbHztKt1d8fbS3t5AjTJoneid__webplexmedia_advancedad_970x250&actionid=981741&produ...
0
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidbWPSQfZfeDVaYHbHztKt1d8fbS3t5AjTJoneid__webplexmedia_advancedad_970x250&actionid=981741&produktid=&dt_url=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C197100%2C15573&b=zxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsW%2CMVzUzfrfjepBCWHEHGtDt661tBS9tb4Vs3%2CbWPSQfZfeDVaYHbHztKt1d8fbS3t5AjTJ&f=8MzFDf8fZxWsgHJHEtqCkkYcGS5t8Y7Uk%2C6dzhef3fMWZgUeHmHYtECWWRFYSBt2QZU7%2C391Fpf4fkY2F7HrHAtXC1E7fPSztA3Psd&c=970&d=250&e=&g=9988ac34699aeb29756238388a5ec6ee%2F5214816783953817931&i=20774%2C20773%2C26474&j=14%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&r=1661953474453&y=1&s=&z=0
Protocol
H2
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 31 Aug 2022 03:44:35 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET,POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 31 Aug 2022 13:44:35 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
5FD3C79B:8506_91EFC182:01BB_630F65C3_67E4DB2:1F22C
X-IPLB-Instance
40028
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidbWPSQfZfeDVaYHbHztKt1d8fbS3t5AjTJoneid__webplexmedia_advancedad_970x250&actionid=981741&produktid=&dt_url=
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
tracking-event
api.webgains.io/ Frame EDB5 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 31 Aug 2022 13:44:35 GMT
server
nginx
/
view.webplexmedia.de/ Frame AF4C 		303 B
375 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/?sess=mX7OxuHl8WYe2f1OMhzf95JekUWOUiJUWSHQkPIRw8nGi%2BawF9ddE8Y%2Fv0zFyAbT
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/?sess=QFSjhmoeI%2F0ErruT%2F91CPrqPhvTRgIaStwJPRGiTrRq%2F%2Bh4cn1EMgsMvah8KFOYk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
1931a9737f2fa7694f57f02de955f274850fef4910e412f4f6c18090cc3ec90f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:35 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
/
view.webplexmedia.de/ Frame CF8F 		303 B
375 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/?sess=mX7OxuHl8WYe2f1OMhzf95JekUWOUiJUWSHQkPIRw8nGi%2BawF9ddE8Y%2Fv0zFyAbT
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/?sess=QFSjhmoeI%2F0ErruT%2F91CPrqPhvTRgIaStwJPRGiTrRq%2F%2Bh4cn1EMgsMvah8KFOYk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
1931a9737f2fa7694f57f02de955f274850fef4910e412f4f6c18090cc3ec90f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:35 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
wckr.php
tag.leadplace.fr/ Frame 98A0 		0
247 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referrer%3Dhttps%3A%2F%2Ffohlenfive.de&id=MTIZ
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://media.news8.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Aug 2022 13:44:35 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
X-IPLB-Instance
29922
X-IPLB-Request-ID
5FD3C79B:929E_91EFC133:01BB_630F65C2_5B9E28F2:17AA7
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ Frame 6C4F 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:ba00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1a51f921893ae45dfba49e5799f1d8c21b5a1449592bfe3c04cae8d69d093a8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:28:05 GMT
content-encoding
gzip
age
991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Sat, 27 Aug 2022 14:06:59 GMT
server
AmazonS3
etag
W/"552289573698eb75389ce036af4dd98e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
rQIR52R4NYObIUP-U70pwBcNvIr4Fuqq8xqLIrZGSBxAi34maFpBxw==
300.jpg
media.news8.de/assets/ Frame 87FC 		548 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.news8.de/assets/300.jpg
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://enamora.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://enamora.de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
gzip
server
nginx
date
Wed, 31 Aug 2022 13:44:35 GMT
content-type
text/html
300.jpg
media.news8.de/assets/ Frame 4B5B 		548 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.news8.de/assets/300.jpg
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://stadt-koeln.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://stadt-koeln.de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
gzip
server
nginx
date
Wed, 31 Aug 2022 13:44:35 GMT
content-type
text/html
300.jpg
media.news8.de/assets/ Frame B105 		548 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.news8.de/assets/300.jpg
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://klamm.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://klamm.de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
gzip
server
nginx
date
Wed, 31 Aug 2022 13:44:35 GMT
content-type
text/html
102.json
id5-sync.com/g/v2/ Frame 6C4F 		216 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/102.json
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216577.ip-141-95-98.eu
Software
/
Resource Hash
7e8be04cfefb213251aab28078169e5486db704ef75ecaa27ce922f177eaebdd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://media.news8.de/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://media.news8.de
date
Wed, 31 Aug 2022 13:44:34 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
fire.js
s.cpx.to/ Frame 6C4F 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12763&ref=&url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referrer%3Dhttps%3A%2F%2Ffohlenfive.de&hn_ver=40&fid=c1496395-a9f5-4f3b-bd12-4b95fa968613
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12763/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.27.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-27-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 4033 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220829&jk=1293389133885865&rc=
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
main.css
imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/ Frame C4D7 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/main.css
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
17c3d6c6eebe77883a37c8f031de1595950b60c3696674867c541b2f30e00c99

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
last-modified
Sun, 10 Apr 2022 06:57:40 GMT
etag
"3884677435-br"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
1337
prebid2.1.0.js
imagesrv.adition.com/banners/268/xml/pa_static/pb/prebid/ Frame C4D7 		174 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/xml/pa_static/pb/prebid/prebid2.1.0.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
568dd1d03aaa979a84f4bb146bc456de281b39b3877dc0a5763d77fabc6fc34a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
last-modified
Sun, 10 Apr 2022 06:55:37 GMT
etag
"2555188002-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
48224
moneybile.js
ads.themoneytizer.com/ Frame 87FC 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-77-nzt
AZySIRn129f/8YcAAA
pragma
public
date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
etag
W/"604b9fc7-981e"
last-modified
Fri, 12 Mar 2021 17:07:19 GMT
server
CDN77-Turbo
x-77-nzt-ray
bjtJV4BCA50
x-77-cache
HIT
content-type
application/javascript
x-cache
HIT
x-age
34801
x-77-pop
frankfurtDE
x-accel-expires
@1662955474
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ Frame 6C4F 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 03:02:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 03:02:37 GMT
moneybile.js
ads.themoneytizer.com/ Frame 4B5B 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-77-nzt
AZySIRnHpbH/8YcAAA
pragma
public
date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
etag
W/"604b9fc7-981e"
last-modified
Fri, 12 Mar 2021 17:07:19 GMT
server
CDN77-Turbo
x-77-nzt-ray
wompEewounI
x-77-cache
HIT
content-type
application/javascript
x-cache
HIT
x-age
34801
x-77-pop
frankfurtDE
x-accel-expires
@1662955474
moneybile.js
ads.themoneytizer.com/ Frame B105 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-77-nzt
AZySIRkzq1D/8YcAAA
pragma
public
date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
etag
W/"604b9fc7-981e"
last-modified
Fri, 12 Mar 2021 17:07:19 GMT
server
CDN77-Turbo
x-77-nzt-ray
wuGkCTO3rew
x-77-cache
HIT
content-type
application/javascript
x-cache
HIT
x-age
34801
x-77-pop
frankfurtDE
x-accel-expires
@1662955474
gen.js
ads.themoneytizer.com/s/ Frame C6A7 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=31
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=https://wunderweib.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-77-nzt
AZySIRmsWN7/8YcAAA
x-accel-expires
@1662005074
date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
WAHDWGjjLRk
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
34801
x-77-pop
frankfurtDE
requestform.js
ads.themoneytizer.com/s/ Frame C6A7 		160 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=https://wunderweib.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9d5fa41af7cdd9ba2e17cbcbe3e784560230667f6eb0c0dd40f478220e7d59c9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-77-nzt
AZySIRk7aRL/7FEAAA
x-accel-expires
@1662018903
date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
+kShmU4v7Ig
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
public, max-age=86400
x-cache
HIT
x-age
20972
x-77-pop
frankfurtDE
/
c.tmyzer.com/c/ Frame 87FC 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=18763&f=19&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 31 Aug 2022 13:43:05 GMT
Server
nginx
X-IPLB-Request-ID
5FD3C79B:9FAA_36264064:01BB_630F65C2_1044CFD2:F1E4
X-IPLB-Instance
38431
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
smart.js
ced.sascdn.com/tag/1097/ Frame 87FC 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.133 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-133.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
153c40cc72d76cbaca5faf30ddf657cbcc9694141606c3b1a30ce4a2c47b61c9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 13:44:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=900
Connection
keep-alive
Content-Length
32364
Expires
Wed, 31 Aug 2022 13:59:35 GMT
sync
gum.criteo.com/ Frame 87FC 		49 B
372 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
3231
strict-transport-security
max-age=31536000; preload;
content-length
165
expires
60
mapper.js
spl.zeotap.com/ Frame 87FC 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
743633a3df0d9b43-FRA
date
Wed, 31 Aug 2022 13:44:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://media.news8.de
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
libJsLP.js
tag.leadplace.fr/ Frame 87FC 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 13:44:35 GMT
Last-Modified
Thu, 07 Oct 2021 11:26:48 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
5FD3C79B:929E_91EFC133:01BB_630F65C3_5B9E2923:17AA7
ETag
"615ed978-15ab"
X-IPLB-Instance
29922
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5547
/
onetag-sys.com/usync/ Frame 771A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1661953475168
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://media.news8.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
quant.js
secure.quantserve.com/ Frame 87FC 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8bac9c023fad9d6721b69f7fe5cfbd0da812fd66ec2c428ae4a141cc44f2e4e9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
gzip
etag
"TFjIU174W8I7nbu1DVEZpA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 07 Sep 2022 13:44:35 GMT
px.js
p.cpx.to/p/12763/ Frame 87FC 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12763/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.196.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-196-234.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6e7ec1538f64f09356d095457fa3387b84619a8f32db7708a4a21957e7d33a3d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 13:44:34 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1990
Content-Type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame 87FC 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.2.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-2-52.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 19:56:38 GMT
Via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
64077
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-P6
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
8xkfDb8T_FA6_IXcBCrHw-E07Fgod2x_3XvI-oAStyz3gikFX7OhFw==
prebid.js
ads.themoneytizer.com/moneybid7_10/build_noconsent/dist/ Frame 87FC 		631 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid7_10/build_noconsent/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
006d63d16dc7d6ba19a7ac5f10ee7bfe0de74f4a7bae1606c75101a5ce83f91a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-77-nzt
AZySIRnAeT3/6ocAAA
pragma
public
date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
etag
W/"630cdb6b-9ddca"
last-modified
Mon, 29 Aug 2022 15:29:47 GMT
server
CDN77-Turbo
x-77-nzt-ray
3HnfFR5i9vo
x-77-cache
HIT
content-type
application/javascript
x-cache
HIT
x-age
34794
x-77-pop
frankfurtDE
x-accel-expires
@1662955481
/
c.tmyzer.com/c/ Frame 4B5B 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=18763&f=2&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 31 Aug 2022 13:44:35 GMT
Server
nginx
X-IPLB-Request-ID
5FD3C79B:9FAA_36264064:01BB_630F65C3_1044CFF1:F1E4
X-IPLB-Instance
38431
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
smart.js
ced.sascdn.com/tag/1097/ Frame 4B5B 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.133 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-133.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
153c40cc72d76cbaca5faf30ddf657cbcc9694141606c3b1a30ce4a2c47b61c9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 13:44:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=900
Connection
keep-alive
Content-Length
32364
Expires
Wed, 31 Aug 2022 13:59:35 GMT
sync
gum.criteo.com/ Frame 4B5B 		49 B
291 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1748443
strict-transport-security
max-age=31536000; preload;
expires
60
mapper.js
spl.zeotap.com/ Frame 4B5B 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
743633a41f5b9b43-FRA
date
Wed, 31 Aug 2022 13:44:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://media.news8.de
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
libJsLP.js
tag.leadplace.fr/ Frame 4B5B 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 13:44:35 GMT
Last-Modified
Thu, 14 Oct 2021 07:27:52 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
5FD3C79B:929E_91EFC133:01BB_630F65C3_5B9E2944:17AA7
ETag
"6167dbf8-15ab"
X-IPLB-Instance
29922
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5547
/
onetag-sys.com/usync/ Frame 8933 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1661953475192
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://media.news8.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
quant.js
secure.quantserve.com/ Frame 4B5B 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8bac9c023fad9d6721b69f7fe5cfbd0da812fd66ec2c428ae4a141cc44f2e4e9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
gzip
etag
"TFjIU174W8I7nbu1DVEZpA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 07 Sep 2022 13:44:35 GMT
px.js
p.cpx.to/p/12763/ Frame 4B5B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12763/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.196.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-196-234.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6e7ec1538f64f09356d095457fa3387b84619a8f32db7708a4a21957e7d33a3d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 13:44:35 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1990
Content-Type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame 4B5B 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.2.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-2-52.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 19:56:38 GMT
Via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
64077
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-P6
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
E0V7S8LrehInXAtUD6UtKR82bP-eElp58mryl7r0Q32JNvkE_5r3jw==
prebid.js
ads.themoneytizer.com/moneybid7_10/build_noconsent/dist/ Frame 4B5B 		631 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid7_10/build_noconsent/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
006d63d16dc7d6ba19a7ac5f10ee7bfe0de74f4a7bae1606c75101a5ce83f91a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-77-nzt
AZySIRlqr2//6ocAAA
pragma
public
date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
etag
W/"630cdb6b-9ddca"
last-modified
Mon, 29 Aug 2022 15:29:47 GMT
server
CDN77-Turbo
x-77-nzt-ray
JdnUCLDLSjk
x-77-cache
HIT
content-type
application/javascript
x-cache
HIT
x-age
34794
x-77-pop
frankfurtDE
x-accel-expires
@1662955481
X5Wcp9Ugq7sZToVDu26YRTjm5OYazRuFrO0o8wz5lEo.js
pagead2.googlesyndication.com/bg/ Frame DAC5 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/X5Wcp9Ugq7sZToVDu26YRTjm5OYazRuFrO0o8wz5lEo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f959ca7d520abbb194e8543bb6e984538e6e4e61acd1b85aced28f30cf9944a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 11:28:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8181
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15759
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 11:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Aug 2023 11:28:14 GMT
/
view.webplexmedia.de/tags/300/ Frame 9080 		165 B
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/tags/300/?source=495573400
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/?sess=mX7OxuHl8WYe2f1OMhzf95JekUWOUiJUWSHQkPIRw8nGi%2BawF9ddE8Y%2Fv0zFyAbT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
b986dde4fbee4b60ac1d9d458e4c3a374f35a4747b4cc0fd7035034443c7d52c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://view.webplexmedia.de/?sess=mX7OxuHl8WYe2f1OMhzf95JekUWOUiJUWSHQkPIRw8nGi%2BawF9ddE8Y%2Fv0zFyAbT
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:35 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
/
c.tmyzer.com/c/ Frame B105 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=18763&f=2&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 31 Aug 2022 13:44:35 GMT
Server
nginx
X-IPLB-Request-ID
5FD3C79B:9FAA_36264064:01BB_630F65C3_1044CFFA:F1E4
X-IPLB-Instance
38431
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
smart.js
ced.sascdn.com/tag/1097/ Frame B105 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.133 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-133.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
153c40cc72d76cbaca5faf30ddf657cbcc9694141606c3b1a30ce4a2c47b61c9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 13:44:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=900
Connection
keep-alive
Content-Length
32364
Expires
Wed, 31 Aug 2022 13:59:35 GMT
sync
gum.criteo.com/ Frame B105 		49 B
306 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
2056124
strict-transport-security
max-age=31536000; preload;
expires
60
mapper.js
spl.zeotap.com/ Frame B105 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
743633a41f5f9b43-FRA
date
Wed, 31 Aug 2022 13:44:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://media.news8.de
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
libJsLP.js
tag.leadplace.fr/ Frame B105 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 13:44:35 GMT
Last-Modified
Thu, 14 Oct 2021 07:27:52 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
5FD3C79B:929E_91EFC133:01BB_630F65C3_5B9E294C:17AA7
ETag
"6167dbf8-15ab"
X-IPLB-Instance
29922
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5547
/
onetag-sys.com/usync/ Frame 5CB9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1661953475198
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://media.news8.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
quant.js
secure.quantserve.com/ Frame B105 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8bac9c023fad9d6721b69f7fe5cfbd0da812fd66ec2c428ae4a141cc44f2e4e9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
gzip
etag
"TFjIU174W8I7nbu1DVEZpA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 07 Sep 2022 13:44:35 GMT
px.js
p.cpx.to/p/12763/ Frame B105 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12763/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.196.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-196-234.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6e7ec1538f64f09356d095457fa3387b84619a8f32db7708a4a21957e7d33a3d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 13:44:35 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1990
Content-Type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame B105 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.2.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-2-52.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 19:56:38 GMT
Via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
64077
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-P6
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
BsP1A6WuI6UOIHRj-xH7KVRekLNwDNmo722rNdwYLu7joEQGGh78JA==
prebid.js
ads.themoneytizer.com/moneybid7_10/build_noconsent/dist/ Frame B105 		631 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid7_10/build_noconsent/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
006d63d16dc7d6ba19a7ac5f10ee7bfe0de74f4a7bae1606c75101a5ce83f91a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-77-nzt
AZySIRk3X4b/6ocAAA
pragma
public
date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
etag
W/"630cdb6b-9ddca"
last-modified
Mon, 29 Aug 2022 15:29:47 GMT
server
CDN77-Turbo
x-77-nzt-ray
/LEgHgGtNpU
x-77-cache
HIT
content-type
application/javascript
x-cache
HIT
x-age
34794
x-77-pop
frankfurtDE
x-accel-expires
@1662955481
970.jpg
media.news8.de/assets/ Frame C6A7 		548 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.news8.de/assets/970.jpg
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=https://wunderweib.de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.32.121 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172585.ip-51-210-32.eu
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=https://wunderweib.de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
gzip
server
nginx
date
Wed, 31 Aug 2022 13:44:35 GMT
content-type
text/html
9.gif
id5-sync.com/i/12/ Frame 87FC 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://enamora.de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216577.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
thumb.jpg
ust.chatango.com/profileimg/d/a/daisymerollin/ Frame DD4E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ust.chatango.com/profileimg/d/a/daisymerollin/thumb.jpg
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
f7145eeaee8f9ce47acfc4f60af22d33c3c63c510da4305f412f39aef495d81b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 13:44:35 GMT
Last-Modified
Mon, 11 Apr 2016 17:56:45 GMT
Server
nginx
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1539
Expires
Wed, 31 Aug 2022 13:44:35 GMT
thumb.jpg
ust.chatango.com/profileimg/o/b/obi86/ Frame DD4E 		640 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ust.chatango.com/profileimg/o/b/obi86/thumb.jpg
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
fcfa793d204b4144bf54f59bd9c5c720843af02dd02999d1653c8fafc0ebd8ea

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 13:44:35 GMT
Last-Modified
Tue, 09 Jun 2009 03:36:06 GMT
Server
nginx
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
640
Expires
Wed, 31 Aug 2022 13:44:35 GMT
/
view.webplexmedia.de/tags/300/ Frame CBDB 		165 B
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/tags/300/?source=495573400
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/?sess=mX7OxuHl8WYe2f1OMhzf95JekUWOUiJUWSHQkPIRw8nGi%2BawF9ddE8Y%2Fv0zFyAbT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
b986dde4fbee4b60ac1d9d458e4c3a374f35a4747b4cc0fd7035034443c7d52c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://view.webplexmedia.de/?sess=mX7OxuHl8WYe2f1OMhzf95JekUWOUiJUWSHQkPIRw8nGi%2BawF9ddE8Y%2Fv0zFyAbT
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:35 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
/
view.webplexmedia.de/tags/300/ Frame 9F10 		165 B
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/tags/300/?source=495573400
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/?sess=mX7OxuHl8WYe2f1OMhzf95JekUWOUiJUWSHQkPIRw8nGi%2BawF9ddE8Y%2Fv0zFyAbT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
b986dde4fbee4b60ac1d9d458e4c3a374f35a4747b4cc0fd7035034443c7d52c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://view.webplexmedia.de/?sess=mX7OxuHl8WYe2f1OMhzf95JekUWOUiJUWSHQkPIRw8nGi%2BawF9ddE8Y%2Fv0zFyAbT
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:35 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
9.gif
id5-sync.com/i/12/ Frame 4B5B 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216577.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
9.gif
id5-sync.com/i/12/ Frame B105 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216577.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame C4D7 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220831
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/prebid/prebid2.1.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c9b554029c65838a20bb2a81de5bc4224a567c4552fc1bbd492f839f5fa3c67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ad4.adfarm1.adition.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
38613
x-jsd-version
1.0.1448
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19180-FRA, cache-iad-kiad7000166-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"669-WESKDVKNhQ4MfbD/8IqVDZ8P5Hg"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXncgLPFTC0iRYYiNiTlkDIhSAJspb%2BQ%2FZxoGGka2O0T5kks8LNE8fSyHu9mB06pvcIAWiNx6TLkFUAUtJ%2FsqFznPKO99LMt4m0OtpkLvJ5udBHq3z05o%2B%2B%2BW9VOwGIkH0qkm9vNZmyNjUNY7qY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
743633a47e099bf2-FRA
access-control-expose-headers
*
cdb
bidder.criteo.com/ Frame C4D7 		15 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=128&profileId=185&av=16&wv=2.1.0&bundle=__YfiV8lMkI5SXBmV0RuejRFVU11Q2J6SzlkeEJkQ0clMkZlOEVRaWpTJTJCN0w3MW5NdEFSem5yeFM3cDJoWGduenpxTiUyQmdObGVZY0MlMkJXSXpsWEtleDhvbXpzTVl1bk85NmZMSUMwcnEyWVVhU0I1SlNMQVp2bXoyd1dqelJ2cyUyQmtUak9wTXRYS1Y5U0pvVW1NY0N0R2RGd1VRSURKWmNSSGQ4WEUweGpSNzZ5eGVwVVp5ZjAlM0Q&cb=20748180275
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/prebid/prebid2.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
1a8bafc1337c9d7cfafc6e48163d174b4d42dbc3b6ad87cd03a65eecb4d3a53c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ad4.adfarm1.adition.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ad4.adfarm1.adition.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5406
prebid
ib.adnxs.com/ut/v3/ Frame C4D7 		481 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/prebid/prebid2.1.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
673307b84c378b5f22f966b69d33657a0c96f51148f259d190246a9b880e8844
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ad4.adfarm1.adition.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 13:44:35 GMT
X-Proxy-Origin
95.211.199.155; 95.211.199.155; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
90f405e6-69dd-45c5-855a-237af9f08638
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ad4.adfarm1.adition.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
481
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
moneybile.js
ads.themoneytizer.com/ Frame C6A7 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=31
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-77-nzt
AZySIRkU7vj/8YcAAA
pragma
public
date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
etag
W/"604b9fc7-981e"
last-modified
Fri, 12 Mar 2021 17:07:19 GMT
server
CDN77-Turbo
x-77-nzt-ray
LbPPt36KCvc
x-77-cache
HIT
content-type
application/javascript
x-cache
HIT
x-age
34801
x-77-pop
frankfurtDE
x-accel-expires
@1662955474
wckr.php
tag.leadplace.fr/ Frame 6505 		0
247 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dhttps%3A%2F%2Fenamora.de&id=MTIZ
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://media.news8.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Aug 2022 13:44:35 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
X-IPLB-Instance
29922
X-IPLB-Request-ID
5FD3C79B:929E_91EFC133:01BB_630F65C3_5B9E295B:17AA7
syncframe
gum.criteo.com/ Frame 1775 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=dragonball-tube.com
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ad4.adfarm1.adition.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 13:44:34 GMT
server
Kestrel
server-processing-duration-in-ticks
2474959
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
view.webplexmedia.de.1141176.js
jsc.mgid.com/v/i/ Frame 9080 		0
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/v/i/view.webplexmedia.de.1141176.js
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/tags/300/?source=495573400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://view.webplexmedia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
cf-cache-status
HIT
age
5819
cf-polished
origSize=3
cf-ray
743633a548096916-FRA
last-modified
Tue, 05 Apr 2022 16:11:26 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-amz-id-2
BwxvqYLQprDa9ZhEoG3GmjpQ6zoMZIFze91oUvM7Wg172mKrhDxY3B5DMyOkP13kE0q/Os2LAfU=
cf-bgj
minify
server
cloudflare
etag
"cf64b89236d83f0076d28cfa07bc8d51"
vary
Accept-Encoding
x-amz-request-id
DAVD3R2FPZ6XFWG2
cache-control
public, max-age=10800
x-amz-version-id
null
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 31 Aug 2022 16:44:35 GMT
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ Frame 87FC 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:ba00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1a51f921893ae45dfba49e5799f1d8c21b5a1449592bfe3c04cae8d69d093a8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:28:05 GMT
content-encoding
gzip
age
991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Sat, 27 Aug 2022 14:06:59 GMT
server
AmazonS3
etag
W/"552289573698eb75389ce036af4dd98e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
A-uYV9q07EjnK7xiFWUHEY9p05hJiUTyOGh3giaX9BRKYvqgS-LELA==
fire.js
s.cpx.to/ Frame 87FC 		986 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12763&ref=&url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dhttps%3A%2F%2Fenamora.de&hn_ver=40&fid=6ddc8673-acf0-4205-a045-ce10f6f8d6f1
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12763/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.27.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-27-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d613fa107446c08b5a9633d87b14aa2d542ed50c3949e48a47008c4662212a5c
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 31 Aug 2022 13:44:37 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
986
Expires
Tue, 30 Aug 2022 12:24:55 UTC
thumb.jpg
ust.chatango.com/profileimg/i/t/itsgabriyt/ Frame DD4E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ust.chatango.com/profileimg/i/t/itsgabriyt/thumb.jpg
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
41b224edfab7447c72231ee7fd550154d2d6087d1d8d04f23631425cc62157bb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 13:44:36 GMT
Last-Modified
Sun, 13 Sep 2020 13:14:02 GMT
Server
nginx
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1876
Expires
Wed, 31 Aug 2022 13:44:36 GMT
/
c.tmyzer.com/c/ Frame C6A7 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=18763&f=31&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 31 Aug 2022 13:44:35 GMT
Server
nginx
X-IPLB-Request-ID
5FD3C79B:9FAA_36264064:01BB_630F65C3_1044CFFE:F1E4
X-IPLB-Instance
38431
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
smart.js
ced.sascdn.com/tag/1097/ Frame C6A7 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.133 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-133.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
153c40cc72d76cbaca5faf30ddf657cbcc9694141606c3b1a30ce4a2c47b61c9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 13:44:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=900
Connection
keep-alive
Content-Length
32364
Expires
Wed, 31 Aug 2022 13:59:35 GMT
sync
gum.criteo.com/ Frame C6A7 		49 B
372 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
2727
strict-transport-security
max-age=31536000; preload;
content-length
165
expires
60
mapper.js
spl.zeotap.com/ Frame C6A7 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
743633a519729b43-FRA
date
Wed, 31 Aug 2022 13:44:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://media.news8.de
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
libJsLP.js
tag.leadplace.fr/ Frame C6A7 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 13:44:35 GMT
Last-Modified
Thu, 14 Oct 2021 07:27:52 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
5FD3C79B:929E_91EFC133:01BB_630F65C3_5B9E2974:17AA7
ETag
"6167dbf8-15ab"
X-IPLB-Instance
29922
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5547
/
onetag-sys.com/usync/ Frame EF45 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1661953475358
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://media.news8.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
quant.js
secure.quantserve.com/ Frame C6A7 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8bac9c023fad9d6721b69f7fe5cfbd0da812fd66ec2c428ae4a141cc44f2e4e9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
gzip
etag
"TFjIU174W8I7nbu1DVEZpA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 07 Sep 2022 13:44:35 GMT
px.js
p.cpx.to/p/12763/ Frame C6A7 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12763/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.196.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-196-234.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6e7ec1538f64f09356d095457fa3387b84619a8f32db7708a4a21957e7d33a3d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Wed, 31 Aug 2022 13:44:35 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1990
Content-Type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame C6A7 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.2.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-2-52.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 19:56:38 GMT
Via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
64077
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-P6
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
eQTknnFTkxRsKEkRYONSzpjWbkKqWNHfNHWnNy5739I1PUq6WhdaKw==
prebid.js
ads.themoneytizer.com/moneybid7_10/build_noconsent/dist/ Frame C6A7 		631 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid7_10/build_noconsent/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
006d63d16dc7d6ba19a7ac5f10ee7bfe0de74f4a7bae1606c75101a5ce83f91a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-77-nzt
AZySIRkk1Mn/6ocAAA
pragma
public
date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
etag
W/"630cdb6b-9ddca"
last-modified
Mon, 29 Aug 2022 15:29:47 GMT
server
CDN77-Turbo
x-77-nzt-ray
FdsbVpyclZY
x-77-cache
HIT
content-type
application/javascript
x-cache
HIT
x-age
34794
x-77-pop
frankfurtDE
x-accel-expires
@1662955481
102.json
id5-sync.com/g/v2/ Frame 87FC 		216 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/102.json
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216577.ip-141-95-98.eu
Software
/
Resource Hash
66378ae1784fa13981826d04be46b6ae457288c972671c417fac7317b94dcbd8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://media.news8.de/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://media.news8.de
date
Wed, 31 Aug 2022 13:44:35 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
wckr.php
tag.leadplace.fr/ Frame 4F0A 		0
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dhttps%3A%2F%2Fstadt-koeln.de&id=MTIZ
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://media.news8.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Aug 2022 13:44:43 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
X-IPLB-Instance
29923
X-IPLB-Request-ID
5FD3C79B:92E4_91EFC133:01BB_630F65C3_D881D3C6:49CC
view.webplexmedia.de.1141176.js
jsc.mgid.com/v/i/ Frame CBDB 		0
242 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/v/i/view.webplexmedia.de.1141176.js
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/tags/300/?source=495573400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://view.webplexmedia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
cf-cache-status
HIT
age
5819
cf-polished
origSize=3
cf-ray
743633a548116916-FRA
last-modified
Tue, 05 Apr 2022 16:11:26 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-amz-id-2
BwxvqYLQprDa9ZhEoG3GmjpQ6zoMZIFze91oUvM7Wg172mKrhDxY3B5DMyOkP13kE0q/Os2LAfU=
cf-bgj
minify
server
cloudflare
etag
"cf64b89236d83f0076d28cfa07bc8d51"
vary
Accept-Encoding
x-amz-request-id
DAVD3R2FPZ6XFWG2
cache-control
public, max-age=10800
x-amz-version-id
null
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 31 Aug 2022 16:44:35 GMT
view.webplexmedia.de.1141176.js
jsc.mgid.com/v/i/ Frame 9F10 		0
245 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/v/i/view.webplexmedia.de.1141176.js
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/tags/300/?source=495573400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://view.webplexmedia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
cf-cache-status
HIT
age
5819
cf-polished
origSize=3
cf-ray
743633a5480e6916-FRA
last-modified
Tue, 05 Apr 2022 16:11:26 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-amz-id-2
BwxvqYLQprDa9ZhEoG3GmjpQ6zoMZIFze91oUvM7Wg172mKrhDxY3B5DMyOkP13kE0q/Os2LAfU=
cf-bgj
minify
server
cloudflare
etag
"cf64b89236d83f0076d28cfa07bc8d51"
vary
Accept-Encoding
x-amz-request-id
DAVD3R2FPZ6XFWG2
cache-control
public, max-age=10800
x-amz-version-id
null
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 31 Aug 2022 16:44:35 GMT
9.gif
id5-sync.com/i/12/ Frame C6A7 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216577.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ Frame 4B5B 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:ba00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1a51f921893ae45dfba49e5799f1d8c21b5a1449592bfe3c04cae8d69d093a8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:28:05 GMT
content-encoding
gzip
age
991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Sat, 27 Aug 2022 14:06:59 GMT
server
AmazonS3
etag
W/"552289573698eb75389ce036af4dd98e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
O2dFL3sjHUBUs-ZQ4G31G9_4rVwGMv17TIv3HpgZHiNElLLIX1Pdjg==
events
bidder.criteo.com/csm/ Frame C4D7 		0
224 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ad4.adfarm1.adition.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://ad4.adfarm1.adition.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
main.css
imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/ Frame EB8B 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/main.css
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
17c3d6c6eebe77883a37c8f031de1595950b60c3696674867c541b2f30e00c99

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
last-modified
Sun, 10 Apr 2022 06:57:40 GMT
etag
"3884677435-br"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
1337
adition.js
imagesrv.adition.com/js/ Frame EB8B 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad4.adfarm1.adition.com/ Frame EB8B 		1 KB
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=3974827&gdpr=0&gdpr_consent=&gdpr_pd=0&prf[hb_status]=nobid&clickurl=
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
507e02d477d02983ce54b4884eaa4d496d0f2b5dc42ca6c31536a6f9214329c6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/banner?sid=3974826&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=7138035801138921830&wi=819798388&ac=1&screen_res=6&wpt=H&clickurl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 15:44:35 +0200
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
cache-control
max-age=600
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.css
imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/ Frame C693 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/main.css
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
17c3d6c6eebe77883a37c8f031de1595950b60c3696674867c541b2f30e00c99

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
last-modified
Sun, 10 Apr 2022 06:57:40 GMT
etag
"3884677435-br"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
1337
adition.js
imagesrv.adition.com/js/ Frame C693 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad4.adfarm1.adition.com/ Frame C693 		1 KB
1017 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=3974828&gdpr=0&gdpr_consent=&gdpr_pd=0&prf[hb_status]=nobid&clickurl=
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
88863432041eb15b694a581c0ff863d6774de1b00167860811226a5312716464

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/banner?sid=3974826&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=7138035801138921830&wi=819798388&ac=1&screen_res=6&wpt=H&clickurl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 15:44:35 +0200
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
cache-control
max-age=600
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.css
imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/ Frame 6DD3 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/main.css
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
17c3d6c6eebe77883a37c8f031de1595950b60c3696674867c541b2f30e00c99

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
last-modified
Sun, 10 Apr 2022 06:57:40 GMT
etag
"3884677435-br"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
1337
adition.js
imagesrv.adition.com/js/ Frame 6DD3 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad4.adfarm1.adition.com/ Frame 6DD3 		1 KB
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=3974829&gdpr=0&gdpr_consent=&gdpr_pd=0&prf[hb_status]=nobid&clickurl=
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
e8b74068f602cc56b217069f28c3ab0c1b6b0c339add33e3a15d6025dfe43380

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/banner?sid=3974826&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=7138035801138921830&wi=819798388&ac=1&screen_res=6&wpt=H&clickurl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 15:44:35 +0200
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
cache-control
max-age=600
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.css
imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/ Frame 2D76 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/970x250_4slot/main.css
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
17c3d6c6eebe77883a37c8f031de1595950b60c3696674867c541b2f30e00c99

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
last-modified
Sun, 10 Apr 2022 06:57:40 GMT
etag
"3884677435-br"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
1337
adition.js
imagesrv.adition.com/js/ Frame 2D76 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad4.adfarm1.adition.com/ Frame 2D76 		1 KB
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=3974830&gdpr=0&gdpr_consent=&gdpr_pd=0&prf[hb_status]=nobid&clickurl=
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
0445407612ef205a29cc84507a9ce72d60f631261f80fe5d009c97bb56659574

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/banner?sid=3974826&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=7138035801138921830&wi=819798388&ac=1&screen_res=6&wpt=H&clickurl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 15:44:35 +0200
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
cache-control
max-age=600
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires
Sat, 01 Jan 2000 00:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ Frame 87FC 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 03:02:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 03:02:37 GMT
notifyme.php
adtrack.adleadevent.com/ Frame 6C4F 		0
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.253.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-253-224.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://media.news8.de/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 13:44:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Aug 2022 13:44:35 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://media.news8.de
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
fire.js
s.cpx.to/ Frame 4B5B 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12763&ref=&url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dhttps%3A%2F%2Fstadt-koeln.de&hn_ver=40&fid=8945e1c1-fcc7-4c80-8c70-a28e9d89c7d0
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12763/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.27.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-27-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ Frame B105 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:ba00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1a51f921893ae45dfba49e5799f1d8c21b5a1449592bfe3c04cae8d69d093a8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:28:05 GMT
content-encoding
gzip
age
991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Sat, 27 Aug 2022 14:06:59 GMT
server
AmazonS3
etag
W/"552289573698eb75389ce036af4dd98e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
8JOTVUB8gqCs4PjAe3TVZ7LcSCF3Q1VdKDwt7mjMc3gjUlNvJMVoIQ==
102.json
id5-sync.com/g/v2/ Frame 4B5B 		216 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/102.json
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216577.ip-141-95-98.eu
Software
/
Resource Hash
fd1f3e74123ad6d9cb51b549efd5e6782d7d529a0e8086257b9a60436587461b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://media.news8.de/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://media.news8.de
date
Wed, 31 Aug 2022 13:44:35 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
wckr.php
tag.leadplace.fr/ Frame 3786 		0
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dhttps%3A%2F%2Fklamm.de&id=MTIZ
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://media.news8.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Aug 2022 13:44:35 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
X-IPLB-Instance
29923
X-IPLB-Request-ID
5FD3C79B:92E4_91EFC133:01BB_630F65C3_D881D406:49CC
fire.js
s.cpx.to/ Frame B105 		984 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12763&ref=&url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dhttps%3A%2F%2Fklamm.de&hn_ver=40&fid=eefef1f7-8f55-4ef1-b226-399b9b85e539
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12763/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.27.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-27-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
53f923c36085f1d6fdb0c72522d25bb73e05e9cb2cb66c4f9e325ce7c921b913
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 31 Aug 2022 13:44:37 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
984
Expires
Tue, 30 Aug 2022 12:24:55 UTC
102.json
id5-sync.com/g/v2/ Frame B105 		215 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/102.json
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216577.ip-141-95-98.eu
Software
/
Resource Hash
19978a0837e920a40e12b0cc759ca6516700603b36a3fd9aa80c2fbc35320d0b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://media.news8.de/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://media.news8.de
date
Wed, 31 Aug 2022 13:44:35 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ Frame 4B5B 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 03:02:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 03:02:37 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ Frame B105 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 03:02:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 03:02:37 GMT
sid
mug.criteo.com/ Frame 1775
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ad4.adfarm1.adition.com&sn=ChromeSyncframe&so=2&topUrl=dragonball-tube.com&bundle=__YfiV8lMkI5SXBmV0RuejRFVU11Q2J6SzlkeEJkQ0clMkZlOEVRaWpT...
  • https://mug.criteo.com/sid?cpp=fdVFcXxmbkRPUWlYNWVKcXA5M01ROHZvYlMxWDRZU01kNmI0Mnd0UTlVTE5nUHh2WDFicHpGOURlZkk4SUNNSGZlS2QrZFA0aTFXRXc2OWd1WlA5dFkvb3BRU25wWEJMcTNUUHE2OGZFVS8rMzNVWFA1NWM5TUFiVEw5Mn...
463 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=fdVFcXxmbkRPUWlYNWVKcXA5M01ROHZvYlMxWDRZU01kNmI0Mnd0UTlVTE5nUHh2WDFicHpGOURlZkk4SUNNSGZlS2QrZFA0aTFXRXc2OWd1WlA5dFkvb3BRU25wWEJMcTNUUHE2OGZFVS8rMzNVWFA1NWM5TUFiVEw5MnlFaXNvTytmbmMvVE5wdGhaSmYzR1JVRzFYbXZOcGRQZ1dqcm1DYjN5UUdLNHRNcEdScFhKM05RRzBMRUJsckNJMmpKZkVWQStsR0drcGo1ZnRSWFlldEFORDZsMFFiaVBLRE1GWktSLzRKdkVxVHR4RThwbkxRSC93VzB0aEgrNWNTODBJTG4rN3RrZEJERVlCOTNBMWxJcEdxTkQzRlNVNHIySFpNNHE0T2VadWZGL1krdFFRUkoySUdGZEp4MEJGKytuWXZTMnw&cppv=2
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
1ec4f3e5f9f8190152adc6e7b4e2333539bde41c4656bcc25acd8ac449713090
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 13:44:34 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3706
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Aug 2022 13:44:35 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=fdVFcXxmbkRPUWlYNWVKcXA5M01ROHZvYlMxWDRZU01kNmI0Mnd0UTlVTE5nUHh2WDFicHpGOURlZkk4SUNNSGZlS2QrZFA0aTFXRXc2OWd1WlA5dFkvb3BRU25wWEJMcTNUUHE2OGZFVS8rMzNVWFA1NWM5TUFiVEw5MnlFaXNvTytmbmMvVE5wdGhaSmYzR1JVRzFYbXZOcGRQZ1dqcm1DYjN5UUdLNHRNcEdScFhKM05RRzBMRUJsckNJMmpKZkVWQStsR0drcGo1ZnRSWFlldEFORDZsMFFiaVBLRE1GWktSLzRKdkVxVHR4RThwbkxRSC93VzB0aEgrNWNTODBJTG4rN3RrZEJERVlCOTNBMWxJcEdxTkQzRlNVNHIySFpNNHE0T2VadWZGL1krdFFRUkoySUdGZEp4MEJGKytuWXZTMnw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1230
content-length
594
expires
0
pixel
pxl.qccerttest.com/ Frame 6C4F 		35 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=1106809566;fpan=1;fpa=P0-1524681532-1661953475546;pbc=;ns=1;ce=1;qjs=1;qv=223cf405-20220825122038;ref=;cm=;gdpr=0;d=media.news8.de;dst=0;et=1661953475546;tzo=0;url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referrer%3Dhttps%3A%2F%2Ffohlenfive.de;ogl=
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=https://fohlenfive.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:5600:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 05:55:33 GMT
via
1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
28143
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
content-type
image/gif
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
6mURhnNfByqgWZcqC4z7s4IzeFY7Xf1MJ5xtCVOIgThealAua6XfUQ==
pixel;r=97548094;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referrer...
pixel.quantserve.com/ Frame 6C4F 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=97548094;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referrer%3Dhttps%3A%2F%2Ffohlenfive.de;uht=2;fpan=0;fpa=P0-1524681532-1661953475546;pbc=;ns=1;ce=1;qjs=1;qv=223cf405-20220825122038;cm=;gdpr=0;ref=;d=media.news8.de;dst=0;et=1661953475549;tzo=0;ogl=;ses=03942e1f-eb5f-4c98-9df9-862c5509ed7f
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=https://fohlenfive.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 13:44:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
tracking-event
api.webgains.io/ Frame 84C0 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 31 Aug 2022 13:44:35 GMT
server
nginx
pixel
pxl.qccerttest.com/ Frame 87FC 		35 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=1840609097;fpan=1;fpa=P0-184127285-1661953475576;pbc=;ns=1;ce=1;qjs=1;qv=223cf405-20220825122038;ref=;cm=;gdpr=0;d=media.news8.de;dst=0;et=1661953475576;tzo=0;url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dhttps%3A%2F%2Fenamora.de;ogl=
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://enamora.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:5600:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 05:55:33 GMT
via
1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
28143
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
content-type
image/gif
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
fP5vBxVK4GNPSevfXveqBDhQA8UlOgIoWTvMZk7njidTBVc2RQDWTQ==
pixel;r=96922565;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer...
pixel.quantserve.com/ Frame 87FC 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=96922565;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dhttps%3A%2F%2Fenamora.de;uht=2;fpan=0;fpa=P0-184127285-1661953475576;pbc=;ns=1;ce=1;qjs=1;qv=223cf405-20220825122038;cm=;gdpr=0;ref=;d=media.news8.de;dst=0;et=1661953475577;tzo=0;ogl=;ses=03942e1f-eb5f-4c98-9df9-862c5509ed7f
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://enamora.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 13:44:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
pxl.qccerttest.com/ Frame 4B5B 		35 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=1700642599;fpan=1;fpa=P0-516009798-1661953475580;pbc=;ns=1;ce=1;qjs=1;qv=223cf405-20220825122038;ref=;cm=;gdpr=0;d=media.news8.de;dst=0;et=1661953475580;tzo=0;url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dhttps%3A%2F%2Fstadt-koeln.de;ogl=
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://stadt-koeln.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:5600:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 05:55:33 GMT
via
1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
28143
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
content-type
image/gif
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
T5_ElIjRvyysby4yMKGbFcx5VCeR7Q8T9qYrS3xZAlCCtMCciyMQlA==
pixel;r=1580682059;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referr...
pixel.quantserve.com/ Frame 4B5B 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1580682059;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dhttps%3A%2F%2Fstadt-koeln.de;uht=2;fpan=0;fpa=P0-516009798-1661953475580;pbc=;ns=1;ce=1;qjs=1;qv=223cf405-20220825122038;cm=;gdpr=0;ref=;d=media.news8.de;dst=0;et=1661953475582;tzo=0;ogl=;ses=03942e1f-eb5f-4c98-9df9-862c5509ed7f
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://stadt-koeln.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 13:44:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
banner
ad4.adfarm1.adition.com/ Frame EB8B 		19 B
401 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=3974827&adjsver=3&fvers=&iframe=1&ref=https%3A//ad4.adfarm1.adition.com/banner%3Fsid%3D3974826%26adjsver%3D3%26fvers%3D%26iframe%3D1%26ref%3D%26ro%3Dhttps%253A//view.webplexmedia.de/in4.php%253Fuid%253D495573400%2526e%253D0%2526s%253D0%2526p%253D0%2526sid%253D929%2526size%253D5%2526referrer%253D%26uao%3DMozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit/537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome/105.0.5195.52%2520Safari/537.36%26os%3D17%26browser%3D11%26userid%3D7138035801138921830%26wi%3D819798388%26ac%3D1%26screen_res%3D6%26wpt%3DH%26clickurl%3D&ro=https%3A//ad4.adfarm1.adition.com/banner%3Fsid%3D3974826%26adjsver%3D3%26fvers%3D%26iframe%3D1%26ref%3D%26ro%3Dhttps%253A//view.webplexmedia.de/in4.php%253Fuid%253D495573400%2526e%253D0%2526s%253D0%2526p%253D0%2526sid%253D929%2526size%253D5%2526referrer%253D%26uao%3DMozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit/537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome/105.0.5195.52%2520Safari/537.36%26os%3D17%26browser%3D11%26userid%3D7138035801138921830%26wi%3D819798388%26ac%3D1%26screen_res%3D6%26wpt%3DH%26clickurl%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=7138035801138921830&wi=197126198&ac=NaN&gdpr=0&gdpr_pd=0&screen_res=6&prf[hb_status]=nobid&wpt=J&clickurl=
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=3974827&gdpr=0&gdpr_consent=&gdpr_pd=0&prf[hb_status]=nobid&clickurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/banner?sid=3974826&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=7138035801138921830&wi=819798388&ac=1&screen_res=6&wpt=H&clickurl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 15:44:35 +0200
server
ADITIONSERVER v1.0
etag
7138035822614547466
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
content-type
text/javascript
content-length
19
expires
Sat, 01 Jan 2000 00:00:00 GMT
banner
ad4.adfarm1.adition.com/ Frame C693 		19 B
401 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=3974828&adjsver=3&fvers=&iframe=1&ref=https%3A//ad4.adfarm1.adition.com/banner%3Fsid%3D3974826%26adjsver%3D3%26fvers%3D%26iframe%3D1%26ref%3D%26ro%3Dhttps%253A//view.webplexmedia.de/in4.php%253Fuid%253D495573400%2526e%253D0%2526s%253D0%2526p%253D0%2526sid%253D929%2526size%253D5%2526referrer%253D%26uao%3DMozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit/537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome/105.0.5195.52%2520Safari/537.36%26os%3D17%26browser%3D11%26userid%3D7138035801138921830%26wi%3D819798388%26ac%3D1%26screen_res%3D6%26wpt%3DH%26clickurl%3D&ro=https%3A//ad4.adfarm1.adition.com/banner%3Fsid%3D3974826%26adjsver%3D3%26fvers%3D%26iframe%3D1%26ref%3D%26ro%3Dhttps%253A//view.webplexmedia.de/in4.php%253Fuid%253D495573400%2526e%253D0%2526s%253D0%2526p%253D0%2526sid%253D929%2526size%253D5%2526referrer%253D%26uao%3DMozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit/537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome/105.0.5195.52%2520Safari/537.36%26os%3D17%26browser%3D11%26userid%3D7138035801138921830%26wi%3D819798388%26ac%3D1%26screen_res%3D6%26wpt%3DH%26clickurl%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=7138035801138921830&wi=197126198&ac=NaN&gdpr=0&gdpr_pd=0&screen_res=6&prf[hb_status]=nobid&wpt=J&clickurl=
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=3974828&gdpr=0&gdpr_consent=&gdpr_pd=0&prf[hb_status]=nobid&clickurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/banner?sid=3974826&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=7138035801138921830&wi=819798388&ac=1&screen_res=6&wpt=H&clickurl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 15:44:35 +0200
server
ADITIONSERVER v1.0
etag
7138035822614613002
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
content-type
text/javascript
content-length
19
expires
Sat, 01 Jan 2000 00:00:00 GMT
banner
ad4.adfarm1.adition.com/ Frame 6DD3 		19 B
392 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=3974829&adjsver=3&fvers=&iframe=1&ref=https%3A//ad4.adfarm1.adition.com/banner%3Fsid%3D3974826%26adjsver%3D3%26fvers%3D%26iframe%3D1%26ref%3D%26ro%3Dhttps%253A//view.webplexmedia.de/in4.php%253Fuid%253D495573400%2526e%253D0%2526s%253D0%2526p%253D0%2526sid%253D929%2526size%253D5%2526referrer%253D%26uao%3DMozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit/537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome/105.0.5195.52%2520Safari/537.36%26os%3D17%26browser%3D11%26userid%3D7138035801138921830%26wi%3D819798388%26ac%3D1%26screen_res%3D6%26wpt%3DH%26clickurl%3D&ro=https%3A//ad4.adfarm1.adition.com/banner%3Fsid%3D3974826%26adjsver%3D3%26fvers%3D%26iframe%3D1%26ref%3D%26ro%3Dhttps%253A//view.webplexmedia.de/in4.php%253Fuid%253D495573400%2526e%253D0%2526s%253D0%2526p%253D0%2526sid%253D929%2526size%253D5%2526referrer%253D%26uao%3DMozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit/537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome/105.0.5195.52%2520Safari/537.36%26os%3D17%26browser%3D11%26userid%3D7138035801138921830%26wi%3D819798388%26ac%3D1%26screen_res%3D6%26wpt%3DH%26clickurl%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=7138035801138921830&wi=197126198&ac=NaN&gdpr=0&gdpr_pd=0&screen_res=6&prf[hb_status]=nobid&wpt=J&clickurl=
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=3974829&gdpr=0&gdpr_consent=&gdpr_pd=0&prf[hb_status]=nobid&clickurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/banner?sid=3974826&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=7138035801138921830&wi=819798388&ac=1&screen_res=6&wpt=H&clickurl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 15:44:35 +0200
server
ADITIONSERVER v1.0
etag
7138035822614678538
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
content-type
text/javascript
content-length
19
expires
Sat, 01 Jan 2000 00:00:00 GMT
banner
ad4.adfarm1.adition.com/ Frame 2D76 		19 B
401 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=3974830&adjsver=3&fvers=&iframe=1&ref=https%3A//ad4.adfarm1.adition.com/banner%3Fsid%3D3974826%26adjsver%3D3%26fvers%3D%26iframe%3D1%26ref%3D%26ro%3Dhttps%253A//view.webplexmedia.de/in4.php%253Fuid%253D495573400%2526e%253D0%2526s%253D0%2526p%253D0%2526sid%253D929%2526size%253D5%2526referrer%253D%26uao%3DMozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit/537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome/105.0.5195.52%2520Safari/537.36%26os%3D17%26browser%3D11%26userid%3D7138035801138921830%26wi%3D819798388%26ac%3D1%26screen_res%3D6%26wpt%3DH%26clickurl%3D&ro=https%3A//ad4.adfarm1.adition.com/banner%3Fsid%3D3974826%26adjsver%3D3%26fvers%3D%26iframe%3D1%26ref%3D%26ro%3Dhttps%253A//view.webplexmedia.de/in4.php%253Fuid%253D495573400%2526e%253D0%2526s%253D0%2526p%253D0%2526sid%253D929%2526size%253D5%2526referrer%253D%26uao%3DMozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit/537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome/105.0.5195.52%2520Safari/537.36%26os%3D17%26browser%3D11%26userid%3D7138035801138921830%26wi%3D819798388%26ac%3D1%26screen_res%3D6%26wpt%3DH%26clickurl%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=7138035801138921830&wi=197126198&ac=NaN&gdpr=0&gdpr_pd=0&screen_res=6&prf[hb_status]=nobid&wpt=J&clickurl=
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=3974830&gdpr=0&gdpr_consent=&gdpr_pd=0&prf[hb_status]=nobid&clickurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/banner?sid=3974826&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/105.0.5195.52%20Safari/537.36&os=17&browser=11&userid=7138035801138921830&wi=819798388&ac=1&screen_res=6&wpt=H&clickurl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 15:44:35 +0200
server
ADITIONSERVER v1.0
etag
7138035822614744074
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
content-type
text/javascript
content-length
19
expires
Sat, 01 Jan 2000 00:00:00 GMT
wckr.php
tag.leadplace.fr/ Frame 594F 		0
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referrer%3Dhttps%3A%2F%2Fwunderweib.de&id=MTIZ
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://media.news8.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Aug 2022 13:44:35 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
X-IPLB-Instance
29923
X-IPLB-Request-ID
5FD3C79B:92E4_91EFC133:01BB_630F65C3_D881D420:49CC
fire.js
s.cpx.to/ Frame C6A7 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12763&ref=&url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referrer%3Dhttps%3A%2F%2Fwunderweib.de&hn_ver=40&fid=6806ff76-7a32-4895-b82a-ec3bb251c81f
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12763/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.27.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-27-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ Frame C6A7 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:ba00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1a51f921893ae45dfba49e5799f1d8c21b5a1449592bfe3c04cae8d69d093a8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:28:05 GMT
content-encoding
gzip
age
991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Sat, 27 Aug 2022 14:06:59 GMT
server
AmazonS3
etag
W/"552289573698eb75389ce036af4dd98e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
TwrR9bXYwkeEXY9B_n_PwSGmoqYHLI1iGhtO6LRCsd-GxgUo1h51TA==
102.json
id5-sync.com/g/v2/ Frame C6A7 		216 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/102.json
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216577.ip-141-95-98.eu
Software
/
Resource Hash
90202ea73ce957344d4016e26f056c85f07daaf6777b80791f47935d0d68ee97
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://media.news8.de/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://media.news8.de
date
Wed, 31 Aug 2022 13:44:35 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
pixel
pxl.qccerttest.com/ Frame B105 		35 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=771565273;fpan=1;fpa=P0-1373858678-1661953475657;pbc=;ns=1;ce=1;qjs=1;qv=223cf405-20220825122038;ref=;cm=;gdpr=0;d=media.news8.de;dst=0;et=1661953475657;tzo=0;url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dhttps%3A%2F%2Fklamm.de;ogl=
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://klamm.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:5600:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 05:55:33 GMT
via
1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
28143
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
content-type
image/gif
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
rpc2g_eiJWd0JLgZ-2cE3CnzvTBHaBl_OHfWQk5NcBbxmk26eY15fQ==
pixel;r=223573730;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referre...
pixel.quantserve.com/ Frame B105 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=223573730;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dhttps%3A%2F%2Fklamm.de;uht=2;fpan=0;fpa=P0-1373858678-1661953475657;pbc=;ns=1;ce=1;qjs=1;qv=223cf405-20220825122038;cm=;gdpr=0;ref=;d=media.news8.de;dst=0;et=1661953475658;tzo=0;ogl=;ses=03942e1f-eb5f-4c98-9df9-862c5509ed7f
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://klamm.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 13:44:35 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ Frame C6A7 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 03:02:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 03:02:37 GMT
notifyme.php
adtrack.adleadevent.com/ Frame 87FC 		0
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.253.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-253-224.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://media.news8.de/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 13:44:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Aug 2022 13:44:35 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://media.news8.de
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame DAC5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?DspSgg
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
notifyme.php
adtrack.adleadevent.com/ Frame 4B5B 		0
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.253.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-253-224.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://media.news8.de/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 13:44:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Aug 2022 13:44:35 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://media.news8.de
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
notifyme.php
adtrack.adleadevent.com/ Frame B105 		0
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.253.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-253-224.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://media.news8.de/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 13:44:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Aug 2022 13:44:35 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://media.news8.de
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
tracking-event
api.webgains.io/ Frame 9CCC 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 31 Aug 2022 13:44:35 GMT
server
nginx
pixel
pxl.qccerttest.com/ Frame C6A7 		35 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=1529873506;fpan=1;fpa=P0-819495829-1661953475739;pbc=;ns=1;ce=1;qjs=1;qv=223cf405-20220825122038;ref=;cm=;gdpr=0;d=media.news8.de;dst=0;et=1661953475739;tzo=0;url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referrer%3Dhttps%3A%2F%2Fwunderweib.de;ogl=
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=https://wunderweib.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:5600:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 05:55:33 GMT
via
1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
28143
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
content-type
image/gif
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
B2CqybWiF9HD_xq6Spzwp3YABFC3_jne9OmQGy1ioSM30WlhZfFZeg==
pixel;r=1882148919;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referr...
pixel.quantserve.com/ Frame C6A7 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1882148919;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referrer%3Dhttps%3A%2F%2Fwunderweib.de;uht=2;fpan=0;fpa=P0-819495829-1661953475739;pbc=;ns=1;ce=1;qjs=1;qv=223cf405-20220825122038;cm=;gdpr=0;ref=;d=media.news8.de;dst=0;et=1661953475740;tzo=0;ogl=;ses=03942e1f-eb5f-4c98-9df9-862c5509ed7f
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=https://wunderweib.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 13:44:35 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
notifyme.php
adtrack.adleadevent.com/ Frame C6A7 		0
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.253.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-253-224.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://media.news8.de/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 13:44:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Aug 2022 13:44:35 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://media.news8.de
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame C4D7 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/prebid/prebid2.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d91c38797a4f40c02b517763adb6b8d25ca0d0af244856025ecc3543b8540679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:35 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 00:22:08 GMT
server
nginx
etag
W/"63041db0-15cdc"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 01 Sep 2022 13:44:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4B1C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220829&jk=1293389133885865&bg=!8vGl8bXNAAaXrHhMt6w7ACkAdvg8WoFmfzwo1GzlbxiJ-l4eG3kUGTMW2VFikPfzlKkghF5muOHylwIAAAFWUgAAAAJoAQeZAwOkWwjO_-UEE0Erkd05xDskxMekJ3Enwz4E-NisMaxj5MH4M3ezl_Q96LFmoEax3zaPDKq41RO9PmlDU6hPr4tlIAeM2BSnSddKIrmXcvSugsbocBSSdG4J2EzKOYJOQCrKUVQPxwOx3oF7KrfA1K5x_qYSLNkbh0SX94-RSG1Ivvn_zjZJgkVmG3VgS5WsaSiT4Qem4pxN2-VyST7E8VXLtWnMMYHTi4k0xFIFlbyA-gdRPM9kqwgF-UdDr44opTfALog-QXFY7nfCjmxiiK0uGqppiS0hPk2rOZhEzuqK9k1FBOhMXOsRE5YvqKTWcz4gLt7_3PBLIcdWJLTtLaCzcChPlrgaDq03Wy6TOpMaEvWXz4WlAHLo0KAj38vH4DGOL0EUPTSbx6zuDUGQZW8ZhunnRRa0lW2p9ly3_RBq5A9hcMOVG9zhNCYGo9n54DAAXj7NIvDrpecd9w9vXuHfGYLRyS9nXUd_EPfOxRY942d5SJoMwqgbPEGMVQXCxInrjJTUSW1u5Cybl2-Zc2ZYFhHrZGDn4AOUIr57bydC2e5yT71VQ3aoTzlwhGxuhNqPvuzZBa3gRnLBNGw8Q1MmwDw4Ee78fusP3Nt72Ia1IB3vW9x6F_kQWcnKU0Wsp-h8y9m2RefgoRXg000f_69bJVwjRSQ_F5zHtMonFPK5h2lr_LAGR8-9y5YWXBL9Yk4yU7GScL30j1UfMExFDMiFiE8ZCxrgDl0ULKvmYjsrZY_bUvqs4cFRTv5moGH0gbwGkmHqV4j3ukiM0ibRmXOPCdWezdJWVkpSHGU6Clsxb9lfOcXKX9DOhKSW7FTCe09520Fmvr6rd8eJuttikLc6Cr3Il9SYCQqNTf35DofaVscVXQyYNZuuaYXFA2KzJZsjF6b9vesab2Uoso-zU_lxeNxxVU03B_f-4VlEAss3fAv_5VgyfOh9BuKxADGJAcu7dXp6JcI7Wd-Vm42eH-CuHtvG857eV9yTO2L1xVFtERdl3VRJFrVlT16SK8NZDDG_iik
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://emmaglam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
ca.png
s.cpx.to/ Frame 87FC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=6ddc8673-acf0-4205-a045-ce10f6f8d6f1
  • https://s.cpx.to/ca.png?dsp=dbm&fid=6ddc8673-acf0-4205-a045-ce10f6f8d6f1&google_gid=CAESEIGczn1dxLUQHpVkJPJjZd8&google_cver=1
0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=6ddc8673-acf0-4205-a045-ce10f6f8d6f1&google_gid=CAESEIGczn1dxLUQHpVkJPJjZd8&google_cver=1
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://enamora.de
Protocol
HTTP/1.1
Server
52.17.27.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-27-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0

Redirect headers

pragma
no-cache
date
Wed, 31 Aug 2022 13:44:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=6ddc8673-acf0-4205-a045-ce10f6f8d6f1&google_gid=CAESEIGczn1dxLUQHpVkJPJjZd8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
sync.smartadserver.com/ Frame 87FC
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D6ddc8673-acf0-4205-a045-ce10f6f8d6f1&gdpr=0
  • https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=6ddc8673-acf0-4205-a045-ce10f6f8d6f1&gdpr=0&cklb=1
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=6ddc8673-acf0-4205-a045-ce10f6f8d6f1&gdpr=0&cklb=1
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://enamora.de
Protocol
HTTP/1.1
Server
185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 13:44:37 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=6ddc8673-acf0-4205-a045-ce10f6f8d6f1&gdpr=0&cklb=1
pragma
no-cache
date
Wed, 31 Aug 2022 13:44:37 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
an_fire
s.cpx.to/ Frame 87FC
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3D%26url%3Dhttps%253A%252F%252Fmedia.news8.de%252Fin4.php%253Fuid%253D495573400%2526e%2...
  • https://s.cpx.to/an_fire?app_nexus_uid=8368826727068441185&pid=12763&ref=&url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dht...
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=8368826727068441185&pid=12763&ref=&url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dhttps%3A%2F%2Fenamora.de&hn_ver=40&fid=6ddc8673-acf0-4205-a045-ce10f6f8d6f1
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://enamora.de
Protocol
HTTP/1.1
Server
52.17.27.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-27-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 31 Aug 2022 13:44:39 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 31 Aug 2022 13:44:39 UTC

Redirect headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 13:44:37 GMT
X-Proxy-Origin
95.211.199.155; 95.211.199.155; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
0a9d0741-5458-4b4c-8dcf-3c46333d29f2
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=8368826727068441185&pid=12763&ref=&url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dhttps%3A%2F%2Fenamora.de&hn_ver=40&fid=6ddc8673-acf0-4205-a045-ce10f6f8d6f1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UCookieSetPug
image2.pubmatic.com/AdServer/ Frame 87FC 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6ddc8673-acf0-4205-a045-ce10f6f8d6f1
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://enamora.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 01:02:18 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame 87FC 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://enamora.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 13:44:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
generic
match.adsrvr.org/track/cmf/ Frame B105 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
Requested by
Host: s.cpx.to
URL: https://s.cpx.to/fire.js?pid=12763&ref=&url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dhttps%3A%2F%2Fklamm.de&hn_ver=40&fid=eefef1f7-8f55-4ef1-b226-399b9b85e539
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Aug 2022 13:44:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
s.cpx.to/ Frame B105
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Deefef1f7-8f55-4ef1-b226-399b9b85e539&gdpr=0
  • https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=4536891572803098826&fid=eefef1f7-8f55-4ef1-b226-399b9b85e539
0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=4536891572803098826&fid=eefef1f7-8f55-4ef1-b226-399b9b85e539
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://klamm.de
Protocol
HTTP/1.1
Server
52.17.27.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-27-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0

Redirect headers

location
https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=4536891572803098826&fid=eefef1f7-8f55-4ef1-b226-399b9b85e539
date
Wed, 31 Aug 2022 13:44:36 GMT
content-length
0
UCookieSetPug
image2.pubmatic.com/AdServer/ Frame B105 		0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Deefef1f7-8f55-4ef1-b226-399b9b85e539
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://klamm.de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:36 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8
ca.png
s.cpx.to/ Frame B105
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=eefef1f7-8f55-4ef1-b226-399b9b85e539
  • https://s.cpx.to/ca.png?dsp=dbm&fid=eefef1f7-8f55-4ef1-b226-399b9b85e539&google_gid=CAESEIGczn1dxLUQHpVkJPJjZd8&google_cver=1
0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=eefef1f7-8f55-4ef1-b226-399b9b85e539&google_gid=CAESEIGczn1dxLUQHpVkJPJjZd8&google_cver=1
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://klamm.de
Protocol
HTTP/1.1
Server
52.17.27.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-27-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0

Redirect headers

pragma
no-cache
date
Wed, 31 Aug 2022 13:44:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=eefef1f7-8f55-4ef1-b226-399b9b85e539&google_gid=CAESEIGczn1dxLUQHpVkJPJjZd8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
an_fire
s.cpx.to/ Frame B105
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3D%26url%3Dhttps%253A%252F%252Fmedia.news8.de%252Fin4.php%253Fuid%253D495573400%2526e%2...
  • https://s.cpx.to/an_fire?app_nexus_uid=8368826727068441185&pid=12763&ref=&url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dht...
0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=8368826727068441185&pid=12763&ref=&url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dhttps%3A%2F%2Fklamm.de&hn_ver=40&fid=eefef1f7-8f55-4ef1-b226-399b9b85e539
Requested by
Host: media.news8.de
URL: https://media.news8.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=https://klamm.de
Protocol
HTTP/1.1
Server
52.17.27.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-27-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://media.news8.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Wed, 31 Aug 2022 13:44:37 GMT
X-Proxy-Origin
95.211.199.155; 95.211.199.155; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
266d2392-3766-428b-b1d6-3eb1d8e65811
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=8368826727068441185&pid=12763&ref=&url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dhttps%3A%2F%2Fklamm.de&hn_ver=40&fid=eefef1f7-8f55-4ef1-b226-399b9b85e539
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gtx.php
view.webplexmedia.de/ Frame 33C6 		0
177 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/gtx.php?nc=f57aa43c7c661a4f5bed940c28fce8e1&sid=929&uid=495573400&sz=5
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/js/base.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:39 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
sl.php
view.webplexmedia.de/ Frame 5548 		384 B
442 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/sl.php?key=NTcw
Requested by
Host: dragonball-tube.com
URL: https://dragonball-tube.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
a6afa2d71945f652880192863aae765c0613fd01a19153d50a6749707df5515b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 13:44:39 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
57fgjj6v.js
ad4m.at/ Frame 5548 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/57fgjj6v.js
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/sl.php?key=NTcw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a2b3e41cf4d6b16ef89a098a6f72bc2a54a76ab63c02e14e617cba05cc4a38

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://view.webplexmedia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
96852
cf-polished
origSize=51099
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 10:41:11 GMT
server
cloudflare
etag
W/"d5f2cf8e554d28884c63541e94f6f7b9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfatjDLRLl1h0vEKrcEaNQG9O42Vn%2BjGROM9EitaCsMbt%2B9jU2dR6s2qZgYVzDbvmxlxDz2JG9usWaUeeQjdrRLYSRrAS%2Fk%2FlaLAagGuJS9O2uEMCCWCeeyxzLdwzZEeLxzYieg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
expires
Tue, 23 Aug 2022 11:04:14 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
743633c11d0991dd-FRA
cf-bgj
minify
frame.html
ad4m.at/ Frame 4826 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://view.webplexmedia.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
495568
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
743633c16d8291dd-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 31 Aug 2022 13:44:39 GMT
expires
Thu, 25 Aug 2022 20:10:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hhzraTwcHJ%2FYkZ54yIcRLaY7SXlsaVt%2BDNTcCBALmdSl1opB9RT2ElM5nAXMm2LbteP8GKIsYYolrt%2BufVMMv0AS9yFlY3Ymc6DptQ1nwJUjogKEdAuKQOsR7q3CbIm774j3ns%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rs
ad4m.at/ Frame 5548 		472 B
865 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e784310189f7bd52fff295becdf2d4bf0dcb7498bccefefec2c34a53d449ddb2

Request headers

Referer
https://view.webplexmedia.de/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Aug 2022 13:44:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
743633c1f8f0903d-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6w7iEcyh4dk0B3to6k%2BlLpXZb33X8Chnw3ccl2rNgWQOn7UzwZ%2FBdwE%2BQw4gFxXcAheLSmKD%2BkUO6QGWmluZu4m7k1QwxDMIoGxpyhfNES%2BFk%2BaqzAWQCK2YVkMWKwKtRTTZVY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://view.webplexmedia.de
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://view.webplexmedia.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://view.webplexmedia.de
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
743633c1a891903d-FRA
content-length
24
content-type
text/plain
date
Wed, 31 Aug 2022 13:44:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bu3gVyevW7EeACpBAtVRHf2N9haRuvP2q0MJ1TY4eLq%2Bz4aScDlewqJrYAHwQwpc6rZswSPuw2kpZvNIuPWitdWF1inIV6fVjsDfayJ1zNSr%2B%2FbYnqfiiXVUFZ9477kqCzRMXGw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rar
as.ad4m.at/ad/ Frame 7017 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=56666%2C183975%2C24673&b=j1xCEfGfxxJ9UYHEH2t6tqX1tZSDtDbet9%2C8MzFDf8fR29KcgHJHEtxtkMeaGS5t8r2fk%2C5kZuXfEfKWkapH7HMt3tE3QaYSktVj2f1&f=xQVsQfAfAAbJcPHdHztDCdDju7S4tqpMFA%2CZkVuwfBfz65xcmHDHDtDCJ41C6SJtxeWaJ%2CpA9u1fgfj9WfkH4HmtJCQ7Yh9S7tERYUE&c=300&d=250&e=&g=aef4e8e5c1e4cdc5e29c4d7e82bd7783%2F14711240335851992919&i=22427%2C20597%2C20430&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&r=1661953480011&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4be73252e7518f5575b612f585a2b726d177df8a2cc8ff64d29f338b4501c13
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://view.webplexmedia.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
743633c24ed991dd-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 13:44:40 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.22/one-ad/ Frame 7017 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.22/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C183975%2C24673&b=j1xCEfGfxxJ9UYHEH2t6tqX1tZSDtDbet9%2C8MzFDf8fR29KcgHJHEtxtkMeaGS5t8r2fk%2C5kZuXfEfKWkapH7HMt3tE3QaYSktVj2f1&f=xQVsQfAfAAbJcPHdHztDCdDju7S4tqpMFA%2CZkVuwfBfz65xcmHDHDtDCJ41C6SJtxeWaJ%2CpA9u1fgfj9WfkH4HmtJCQ7Yh9S7tERYUE&c=300&d=250&e=&g=aef4e8e5c1e4cdc5e29c4d7e82bd7783%2F14711240335851992919&i=22427%2C20597%2C20430&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&r=1661953480011&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=56666%2C183975%2C24673&b=j1xCEfGfxxJ9UYHEH2t6tqX1tZSDtDbet9%2C8MzFDf8fR29KcgHJHEtxtkMeaGS5t8r2fk%2C5kZuXfEfKWkapH7HMt3tE3QaYSktVj2f1&f=xQVsQfAfAAbJcPHdHztDCdDju7S4tqpMFA%2CZkVuwfBfz65xcmHDHDtDCJ41C6SJtxeWaJ%2CpA9u1fgfj9WfkH4HmtJCQ7Yh9S7tERYUE&c=300&d=250&e=&g=aef4e8e5c1e4cdc5e29c4d7e82bd7783%2F14711240335851992919&i=22427%2C20597%2C20430&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&r=1661953480011&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:40 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
167759
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86775
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 29 Aug 2022 15:08:41 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
743633c29f3e91dd-FRA
cf-bgj
minify
DE7723A3AFDAF019578E8DC48EFCA5260074D3BD31078DAB30E39934BDB537A7756DE8A298EFEBC96FD918DCFB3DF6E8EFF3AA5A7830C15D1026723FEFAFAC4A
assets.ad4m.at/logo/ Frame 7017 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DE7723A3AFDAF019578E8DC48EFCA5260074D3BD31078DAB30E39934BDB537A7756DE8A298EFEBC96FD918DCFB3DF6E8EFF3AA5A7830C15D1026723FEFAFAC4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C183975%2C24673&b=j1xCEfGfxxJ9UYHEH2t6tqX1tZSDtDbet9%2C8MzFDf8fR29KcgHJHEtxtkMeaGS5t8r2fk%2C5kZuXfEfKWkapH7HMt3tE3QaYSktVj2f1&f=xQVsQfAfAAbJcPHdHztDCdDju7S4tqpMFA%2CZkVuwfBfz65xcmHDHDtDCJ41C6SJtxeWaJ%2CpA9u1fgfj9WfkH4HmtJCQ7Yh9S7tERYUE&c=300&d=250&e=&g=aef4e8e5c1e4cdc5e29c4d7e82bd7783%2F14711240335851992919&i=22427%2C20597%2C20430&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&r=1661953480011&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb99807d9c2d9b98d417acd2a3e897a28cc0829d4815642cb9bd1ab640b98454

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
667976
cf-polished
origFmt=png, origSize=74333
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47320
last-modified
Mon, 11 May 2020 10:44:44 GMT
server
cloudflare
etag
"51f3d45cd5a8ea4b88e8dd266a535ea4"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2uW8jO9XfKTXxEgIwlq47vaWh1NX%2FL9m0CXB9I3h6wQ5y5LLAWdscQZAKfovYvSRLbz%2B6gXSi09EUIDpZPE0zDm8C%2BZtCDmq%2FsC%2B7i8MWROqBXJX7eStfEdCtrC31O58zsUD0hK3Z4pyyY3"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:40 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
743633c29f4091dd-FRA
cf-bgj
imgq:85,h2pri
E158872B571029E3E20F7B79790588A099EC8F077F856868794A4EA52ED013FC9129FAD340A51F8CD7B6A46733F8D275D86DF117AF4AF8DD766F13FB8A4CAA9A
assets.ad4m.at/product_image/ Frame 7017 		290 KB
290 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/E158872B571029E3E20F7B79790588A099EC8F077F856868794A4EA52ED013FC9129FAD340A51F8CD7B6A46733F8D275D86DF117AF4AF8DD766F13FB8A4CAA9A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C183975%2C24673&b=j1xCEfGfxxJ9UYHEH2t6tqX1tZSDtDbet9%2C8MzFDf8fR29KcgHJHEtxtkMeaGS5t8r2fk%2C5kZuXfEfKWkapH7HMt3tE3QaYSktVj2f1&f=xQVsQfAfAAbJcPHdHztDCdDju7S4tqpMFA%2CZkVuwfBfz65xcmHDHDtDCJ41C6SJtxeWaJ%2CpA9u1fgfj9WfkH4HmtJCQ7Yh9S7tERYUE&c=300&d=250&e=&g=aef4e8e5c1e4cdc5e29c4d7e82bd7783%2F14711240335851992919&i=22427%2C20597%2C20430&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&r=1661953480011&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46b98a3787c3de05a63a522c71300ef713f78660098ae524fda5e19bb8567a83

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
667908
cf-polished
origFmt=png, origSize=489686
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
296674
last-modified
Tue, 17 Nov 2020 11:24:27 GMT
server
cloudflare
etag
"e3cf70a0e5e86792e426bcf3dabd6105"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWiAIUwK9pavu7TMku9ZExeb8BAyQ6GEwvZcWEFlgkXGB9EOgscro60sGVAj%2FYP%2FjZGANKz5SJkcb%2B1jNv5RzT%2FN3UkpKLrcfj5fMGr9dR0nFjjTF7%2F7NL84%2FARHxqrdmEDaUU9bh5u2MzZ2"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:40 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
743633c29f4d91dd-FRA
cf-bgj
imgq:85,h2pri
F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 7017 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C183975%2C24673&b=j1xCEfGfxxJ9UYHEH2t6tqX1tZSDtDbet9%2C8MzFDf8fR29KcgHJHEtxtkMeaGS5t8r2fk%2C5kZuXfEfKWkapH7HMt3tE3QaYSktVj2f1&f=xQVsQfAfAAbJcPHdHztDCdDju7S4tqpMFA%2CZkVuwfBfz65xcmHDHDtDCJ41C6SJtxeWaJ%2CpA9u1fgfj9WfkH4HmtJCQ7Yh9S7tERYUE&c=300&d=250&e=&g=aef4e8e5c1e4cdc5e29c4d7e82bd7783%2F14711240335851992919&i=22427%2C20597%2C20430&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&r=1661953480011&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
669058
cf-polished
origFmt=png, origSize=233620
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
130164
last-modified
Tue, 29 Mar 2022 07:10:51 GMT
server
cloudflare
etag
"d1d171dd651522f41a2fc0dba256a546"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FpfEz22EFSHfl%2Fy18oii2ie50uJXIn5gtP6KnubHdDvAfyhURoxywBdU6mrLvtOYM%2B5ukWtcNb3z9s264TRk5NdONMNohDTL6sm5pXWc9gFBJa2suu5hcqX4oIxp6EeaNM7U%2FZ4UKhNZyF3"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:40 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
743633c29f4f91dd-FRA
cf-bgj
imgq:85,h2pri
1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 7017 		461 KB
461 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C183975%2C24673&b=j1xCEfGfxxJ9UYHEH2t6tqX1tZSDtDbet9%2C8MzFDf8fR29KcgHJHEtxtkMeaGS5t8r2fk%2C5kZuXfEfKWkapH7HMt3tE3QaYSktVj2f1&f=xQVsQfAfAAbJcPHdHztDCdDju7S4tqpMFA%2CZkVuwfBfz65xcmHDHDtDCJ41C6SJtxeWaJ%2CpA9u1fgfj9WfkH4HmtJCQ7Yh9S7tERYUE&c=300&d=250&e=&g=aef4e8e5c1e4cdc5e29c4d7e82bd7783%2F14711240335851992919&i=22427%2C20597%2C20430&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&r=1661953480011&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
667205
cf-polished
origFmt=png, origSize=731561
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
471752
last-modified
Tue, 29 Mar 2022 07:03:31 GMT
server
cloudflare
etag
"1b69278243c107df5b11186b1f6ca585"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2B12AKL4Oly41rH%2FRTf4K6HW6vAc5QJ1fdPgaCLyijQuiDIGXPaWiGYyLGI601i%2Bf8FRjcb74t6n%2FVhaLVL4WMtXnXxMCnc5BRsKoZgSoKBvYHB1POpQzU1HCTE0i4EDegtv7vz7ZykJXbxt"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:40 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
743633c29f5391dd-FRA
cf-bgj
imgq:85,h2pri
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 7017 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C183975%2C24673&b=j1xCEfGfxxJ9UYHEH2t6tqX1tZSDtDbet9%2C8MzFDf8fR29KcgHJHEtxtkMeaGS5t8r2fk%2C5kZuXfEfKWkapH7HMt3tE3QaYSktVj2f1&f=xQVsQfAfAAbJcPHdHztDCdDju7S4tqpMFA%2CZkVuwfBfz65xcmHDHDtDCJ41C6SJtxeWaJ%2CpA9u1fgfj9WfkH4HmtJCQ7Yh9S7tERYUE&c=300&d=250&e=&g=aef4e8e5c1e4cdc5e29c4d7e82bd7783%2F14711240335851992919&i=22427%2C20597%2C20430&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&r=1661953480011&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
591119
cf-polished
origFmt=png, origSize=77267
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LpywKAeOydFu7rL794LzOGq0KLeYEF6VUgJnWLxKNR0Ka3yenbnWMemvEtazKQwTSdQBvb2F%2BTJacM6NEexlb2nFVcrAg2cTz6I8DV3E6AS9ZLlXPgNN3FfLLiPTH3HNeK%2FV%2BDPsxSDgXOCY"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 01 Sep 2022 13:44:40 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
743633c29f5791dd-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 7017 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C183975%2C24673&b=j1xCEfGfxxJ9UYHEH2t6tqX1tZSDtDbet9%2C8MzFDf8fR29KcgHJHEtxtkMeaGS5t8r2fk%2C5kZuXfEfKWkapH7HMt3tE3QaYSktVj2f1&f=xQVsQfAfAAbJcPHdHztDCdDju7S4tqpMFA%2CZkVuwfBfz65xcmHDHDtDCJ41C6SJtxeWaJ%2CpA9u1fgfj9WfkH4HmtJCQ7Yh9S7tERYUE&c=300&d=250&e=&g=aef4e8e5c1e4cdc5e29c4d7e82bd7783%2F14711240335851992919&i=22427%2C20597%2C20430&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&r=1661953480011&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
101168
cf-polished
origSize=90165, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85727
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUNLiwY5UMA4m4SRv1meIDqxEonlnSULpraIiwGh3JzVRTIeEv%2BlWyoegvvfAHkxboC4TE%2F2z8tMAAWib30Vcu6zeb1gmmc9wOjW4bEbAgvAyxEUp3BoLJ%2BYdbe3nImRSJzA2mVTM2ou6Cpb"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Thu, 01 Sep 2022 13:44:40 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
743633c29f5891dd-FRA
cf-bgj
imgq:85,h2pri
link.html
track.webgains.com/ Frame 7017 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=496305&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kbgq8q3mafwb5awr4gt29a05jxfb60zjrqgs1nanp9jjxdwx7v3g8beqt61arwpnjpm2xfghygeaxw8z3qx067e6793m3me4hrdte7tknn6yxryhm3vyn803n1hxz4tbq1kq4p4c6desv0hz0ymq2bbzpyekemp0447qrwq750t2xkwgk9jg1hfvz9pbvyhv1rxmn0dnjw0530bn93fa5btxk7dr46q2yb948tae8w7qwpwsfwqq6kr14mynrr08w67g%26a%3D&clickref=oneidxQVsQfAfAAbJcPHdHztDCdDju7S4tqpMFAoneid__webplexmedia_advancedad_Desktop_300x250&viewref=oneidj1xCEfGfxxJ9UYHEH2t6tqX1tZSDtDbet9oneid__webplexmedia_advancedad_Desktop_300x250
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C183975%2C24673&b=j1xCEfGfxxJ9UYHEH2t6tqX1tZSDtDbet9%2C8MzFDf8fR29KcgHJHEtxtkMeaGS5t8r2fk%2C5kZuXfEfKWkapH7HMt3tE3QaYSktVj2f1&f=xQVsQfAfAAbJcPHdHztDCdDju7S4tqpMFA%2CZkVuwfBfz65xcmHDHDtDCJ41C6SJtxeWaJ%2CpA9u1fgfj9WfkH4HmtJCQ7Yh9S7tERYUE&c=300&d=250&e=&g=aef4e8e5c1e4cdc5e29c4d7e82bd7783%2F14711240335851992919&i=22427%2C20597%2C20430&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&r=1661953480011&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
4197413e6ecbaa918cb01205df34bd3abdff6700df956b3396ec291e0a511bf3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:40 GMT
last-modified
Wed, 31 Aug 2022 13:44:40 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 13:45:40 GMT
link.html
track.webgains.com/ Frame 7017 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gctn8p3hymsc4z84e5hhdy7qas07dc8tss9hn0gznqw8yqya7fgdvje08xrket65gk2wsft4b8s3w4j37z0r7yyyt70f53ecbe1xxvvv62a0d2wsfnzyegake7nmfg318h69xm1t9vbt0rk6xytb4wjws39mavgm8eb174w0q7cagsekp5490dqtheacwrm0wf21mg08d8hv3ma6t9z2x4hdh0av2jkpxfhw56ymwdjwapm1arj56pwfrqjwdf241t9xer%26a%3D&clickref=oneidZkVuwfBfz65xcmHDHDtDCJ41C6SJtxeWaJoneid__webplexmedia_advancedad_Desktop_300x250&viewref=oneid8MzFDf8fR29KcgHJHEtxtkMeaGS5t8r2fkoneid__webplexmedia_advancedad_Desktop_300x250
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C183975%2C24673&b=j1xCEfGfxxJ9UYHEH2t6tqX1tZSDtDbet9%2C8MzFDf8fR29KcgHJHEtxtkMeaGS5t8r2fk%2C5kZuXfEfKWkapH7HMt3tE3QaYSktVj2f1&f=xQVsQfAfAAbJcPHdHztDCdDju7S4tqpMFA%2CZkVuwfBfz65xcmHDHDtDCJ41C6SJtxeWaJ%2CpA9u1fgfj9WfkH4HmtJCQ7Yh9S7tERYUE&c=300&d=250&e=&g=aef4e8e5c1e4cdc5e29c4d7e82bd7783%2F14711240335851992919&i=22427%2C20597%2C20430&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&r=1661953480011&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
d12283be97149d8b68f5f8a2e5e7b9fce1f2f7ba0970e2171b55ab3301ca66f0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:40 GMT
last-modified
Wed, 31 Aug 2022 13:44:40 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 13:45:40 GMT
link.html
track.webgains.com/ Frame 7017 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j0msx5ydjzbrc1gh6dp9tetczw2r84sd3q1w7rpbsexeq9qskbwfgr5wcxdn5zq55ecb9smqvvm5wxbf0dd53964hse31n201nx9j75s5349s1vvw9cwpnae4mfm68pvrc7wvf60vmz8fkrf07ng75c0vt8phf2w3cna1azcpwgfj7w32rx090wabcee52jhgf824d323exzjp6svm3gd9nswhzkrdmfyxzy00qrwd8wmfxgnc5bbp1pbpaezrsc0kb4%26a%3D&clickref=oneidpA9u1fgfj9WfkH4HmtJCQ7Yh9S7tERYUEoneid__webplexmedia_advancedad_Desktop_300x250&viewref=oneid5kZuXfEfKWkapH7HMt3tE3QaYSktVj2f1oneid__webplexmedia_advancedad_Desktop_300x250
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C183975%2C24673&b=j1xCEfGfxxJ9UYHEH2t6tqX1tZSDtDbet9%2C8MzFDf8fR29KcgHJHEtxtkMeaGS5t8r2fk%2C5kZuXfEfKWkapH7HMt3tE3QaYSktVj2f1&f=xQVsQfAfAAbJcPHdHztDCdDju7S4tqpMFA%2CZkVuwfBfz65xcmHDHDtDCJ41C6SJtxeWaJ%2CpA9u1fgfj9WfkH4HmtJCQ7Yh9S7tERYUE&c=300&d=250&e=&g=aef4e8e5c1e4cdc5e29c4d7e82bd7783%2F14711240335851992919&i=22427%2C20597%2C20430&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&r=1661953480011&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
ac5bda00a06e2a3189fae564172e47b39a8b96cd334603f9197f1018b433c9ff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:40 GMT
last-modified
Wed, 31 Aug 2022 13:44:40 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 13:45:40 GMT
pvClk.min.js
analytics.webgains.io/ Frame 7017 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j0msx5ydjzbrc1gh6dp9tetczw2r84sd3q1w7rpbsexeq9qskbwfgr5wcxdn5zq55ecb9smqvvm5wxbf0dd53964hse31n201nx9j75s5349s1vvw9cwpnae4mfm68pvrc7wvf60vmz8fkrf07ng75c0vt8phf2w3cna1azcpwgfj7w32rx090wabcee52jhgf824d323exzjp6svm3gd9nswhzkrdmfyxzy00qrwd8wmfxgnc5bbp1pbpaezrsc0kb4%26a%3D&clickref=oneidpA9u1fgfj9WfkH4HmtJCQ7Yh9S7tERYUEoneid__webplexmedia_advancedad_Desktop_300x250&viewref=oneid5kZuXfEfKWkapH7HMt3tE3QaYSktVj2f1oneid__webplexmedia_advancedad_Desktop_300x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 05:03:56 GMT
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 13:40:24 GMT
server
AmazonS3
age
31245
etag
"42f12532a1be9c2d028e26e9b82a99a2"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
FRA60-P4
content-length
86537
x-amz-cf-id
a-8u75qFWkKlLrU3Fgh9MukX8--t4O2kQVOkql1PsdP5pVNdr4vQYQ==
Logo%20RGB.png
cdn.track.production.webgains.team/12607/ Frame 7017 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/12607/Logo%20RGB.png?Expires=1661953780&Signature=p4t2bsHBQeWqnvHcYEgtyzgXeqJyLNHHTnPtprovJ6X7--X1J0uK7~tbYjT84cF6YGHGwil4NKfBh9tNtoN8ZmMJ1BqskX-CzFvcVoKiBub1lZu14AMwPf4hTMjG5fq8sWEGw5hMRXaSxgn3KhX2Yda4lP~Go1z1rjUj89y18wJoes5tzKgX1bNXoag~Vbja~fV29FMluPi~S65OVuxJueYG8icsP4W1iLhFLr-SGd1MdG3OpY7WGQ1uGN9YILec046gYlDC4V2c8IBejfOqzB6z1sY7yck69ZCd6OtndpJF1cJsTBQK3h8sB0UhwVV75GY-4cWVkBI-~PBgLqyC1Q__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C183975%2C24673&b=j1xCEfGfxxJ9UYHEH2t6tqX1tZSDtDbet9%2C8MzFDf8fR29KcgHJHEtxtkMeaGS5t8r2fk%2C5kZuXfEfKWkapH7HMt3tE3QaYSktVj2f1&f=xQVsQfAfAAbJcPHdHztDCdDju7S4tqpMFA%2CZkVuwfBfz65xcmHDHDtDCJ41C6SJtxeWaJ%2CpA9u1fgfj9WfkH4HmtJCQ7Yh9S7tERYUE&c=300&d=250&e=&g=aef4e8e5c1e4cdc5e29c4d7e82bd7783%2F14711240335851992919&i=22427%2C20597%2C20430&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&r=1661953480011&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 09:41:36 GMT
server
AmazonS3
age
22472
etag
"92f323c42d6018008b4cf82e90ac9639"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Wed, 31 Aug 2022 07:30:09 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
86991
x-amz-cf-id
tbjnXyp8SNCqGYyFa4_o34blq4LoDJp9a1AFkh63104phWT9wuWuvw==
link.html
track.webgains.com/ Frame 7017 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidj1xCEfGfxxJ9UYHEH2t6tqX1tZSDtDbet9oneid__webplexmedia_advancedad_Desktop_300x250&wglinkid=496305
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C183975%2C24673&b=j1xCEfGfxxJ9UYHEH2t6tqX1tZSDtDbet9%2C8MzFDf8fR29KcgHJHEtxtkMeaGS5t8r2fk%2C5kZuXfEfKWkapH7HMt3tE3QaYSktVj2f1&f=xQVsQfAfAAbJcPHdHztDCdDju7S4tqpMFA%2CZkVuwfBfz65xcmHDHDtDCJ41C6SJtxeWaJ%2CpA9u1fgfj9WfkH4HmtJCQ7Yh9S7tERYUE&c=300&d=250&e=&g=aef4e8e5c1e4cdc5e29c4d7e82bd7783%2F14711240335851992919&i=22427%2C20597%2C20430&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&r=1661953480011&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
32b5ea0410bbd7fa1aef6686a84aeb567739bcd71a935ff6214d538b61353f0b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:40 GMT
last-modified
Wed, 31 Aug 2022 13:44:40 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 13:45:40 GMT
link.html
track.webgains.com/ Frame 7017 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneid8MzFDf8fR29KcgHJHEtxtkMeaGS5t8r2fkoneid__webplexmedia_advancedad_Desktop_300x250&wglinkid=2194035
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=56666%2C183975%2C24673&b=j1xCEfGfxxJ9UYHEH2t6tqX1tZSDtDbet9%2C8MzFDf8fR29KcgHJHEtxtkMeaGS5t8r2fk%2C5kZuXfEfKWkapH7HMt3tE3QaYSktVj2f1&f=xQVsQfAfAAbJcPHdHztDCdDju7S4tqpMFA%2CZkVuwfBfz65xcmHDHDtDCJ41C6SJtxeWaJ%2CpA9u1fgfj9WfkH4HmtJCQ7Yh9S7tERYUE&c=300&d=250&e=&g=aef4e8e5c1e4cdc5e29c4d7e82bd7783%2F14711240335851992919&i=22427%2C20597%2C20430&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&r=1661953480011&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:44:40 GMT
last-modified
Wed, 31 Aug 2022 13:44:40 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 31 Aug 2022 13:45:40 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/zrt_lookup.html
Domain
www.google.com
URL
http://www.google.com/jsapi
Domain
id5-sync.com
URL
https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| MooTools function| $defined function| $type function| $merge function| $extend function| $native function| $chk function| $pick function| $random function| $time function| $clear function| Abstract function| Class function| Chain function| Events function| Options function| $A function| $each function| Elements function| $ function| $$ object| Garbage function| $E function| $ES object| Fx object| Drag function| XHR function| Ajax object| Cookie object| Json object| Asset function| Hash function| $H function| Color function| $RGB function| $HSB function| Scroller function| Slider function| SmoothScroll function| Sortables function| Tips function| Group function| Accordion function| extend boolean| xpath boolean| webkit420 boolean| webkit boolean| khtml function| addListener function| removeListener function| addEvent function| removeEvent function| addEvents function| removeEvents function| fireEvent function| cloneEvents function| onDomReady function| getWidth function| getHeight function| getScrollWidth function| getScrollHeight function| getScrollLeft function| getScrollTop function| getSize function| getPosition function| JCaption object| $events function| jQuery function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| hidden string| visibilityChange number| rdy function| hVC function| isivp object| elements function| cbF object| gaplugins object| gaGlobal object| gaData string| prefix string| suffix string| attribs string| path string| addy46381 object| FB object| __buffer object| gapi object| ___jsl object| google function| abp object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| closure_lm_886162

34 Cookies

Domain/Path Name / Value
dragonball-tube.com/ Name: d4dad6935f632ac35975e3001dc7bbe8
Value: pr1s046nugkk9mgk22r0op3d03
.dragonball-tube.com/ Name: _ga
Value: GA1.2.112436510.1661953470
.dragonball-tube.com/ Name: _gid
Value: GA1.2.1632722142.1661953470
.dragonball-tube.com/ Name: _gat_gtag_UA_64822671_1
Value: 1
.adfarm1.adition.com/ Name: UserID1
Value: 7138035801138921830
.adnxs.com/ Name: uuid2
Value: 8368826727068441185
pb.media01.eu/ Name: ASP.NET_SessionId
Value: jr3mpakgk5r0a1kwwi0bozwc
pb.media01.eu/ Name: DTU
Value: 67C92343D884FBCA04C57804AF035763
.criteo.com/ Name: uid
Value: 5ba089a6-8b91-4ca9-9c48-c1fa27551e95
.awin1.com/ Name: awpv14369
Value: 412863|1661953471|0a76c460-2933-11ed-a34d-22350b028903
.awin1.com/ Name: awpv30131
Value: 412863|1661953471|0a78c030-2933-11ed-89c6-2237875fe73c
.awin1.com/ Name: AWSESS
Value: 365825:2531885
.awin1.com/ Name: awpv14702
Value: 412871|1661953471|0a7787b0-2933-11ed-89c6-2237875fe73c
st.chatango.com/ Name: session_id
Value: 4843121104981181
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.adnxs.com/ Name: icu
Value: ChgI-K0uEAoYAiACKAIww8u9mAY4AkACSAIQw8u9mAYYAQ..
.mgid.com/ Name: __cf_bm
Value: J9p_I_8vJdqHG5koBaxh36hUw7TXqUlJhp.G618CNDM-1661953475-0-Ac4yQhB+YPX8x19+MFSE9i4hheEyDvR9tHQbDrVVXvrobny3K+11UpIYvKuRnZ/yOR1NpvlIxTX4AoWRCQoYKsQ=
.blau.de/ Name: nscT486
Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjYxOTUzNDc1dmxlYTFkZTIwMjIwODMxMTU0NDM1NzU3ODkwMTEzNjNYMTE3NjYzVjEyMjUxMzExMDZNU3JlYWNoX1NVQklEVEVTVF92aWV3MTE3NjYz
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022083115443575789011363X117663V1225131106MSreach_SUBIDTEST_view&wfid=117663
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTIxMDAwMDAwMDA2MTY2MTk1MzQ3NXZsZWExZGUyMDIyMDgzMTE1NDQzNTc1Nzg5MDExMzY1WDExNzY4M1YxMjI2MTMyNzAyTVNvbmVpZHp4SmFSZllmOTV4RnBIQkhNdHF0enpBZlZTWnRnMmRzV29uZWlkX193ZWJwbGV4bWVkaWFfYWR2YW5jZWRhZF85NzB4MjUwMTE3Njgz
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117683_-HTLP&utm_term=AFF_la_117683_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022083115443575789011365X117683V1226132702MSoneidzxJaRfYf95xFpHBHMtqtzzAfVSZtg2dsWoneid__webplexmedia_advancedad_970x250&wfid=117683&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTIxMDAwMDAwMDA2MTY2MTk1MzQ3NXZsZWExZGUyMDIyMDgzMTE1NDQzNTc1Nzg5MDExMzY1WDExNzY4M1YxMjI2MTMyNzAyT
.quantserve.com/ Name: mc
Value: 630f65c3-91274-3f902-fe15c
.doubleclick.net/ Name: IDE
Value: AHWqTUlrj9UQ6qZOBu0PPb11K0DeqGO8AnEkLhRyVe-dVF2Lbt3O28MJRRJzLf5sApE
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16100%3b%24o%3d11100
.smartadserver.com/ Name: pid
Value: 4536891572803098826
.cpx.to/ Name: cpSess
Value: 53e1a3fbcb219952

22 Console Messages

Source Level URL
Text
javascript warning URL: https://view.webplexmedia.de/banner.php?uid=945079468&e=0&p=0&s=0&sid=854&size=4
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://view.webplexmedia.de/js/webplvers.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://view.webplexmedia.de/banner.php?uid=945079468&e=0&p=0&s=0&sid=854&size=4
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://view.webplexmedia.de/js/webplvers.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://view.webplexmedia.de/banner.php?uid=945079468&e=0&p=0&s=0&sid=854&size=2
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://view.webplexmedia.de/js/webplvers.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://view.webplexmedia.de/banner.php?uid=945079468&e=0&p=0&s=0&sid=854&size=2
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://view.webplexmedia.de/js/webplvers.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://deliver.helpnation.de/banner.php?uid=924994936&e=0&p=0&s=0&sid=4&size=2
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cee3f0doi1a2.de/jw.js?de=7HyJZH5uCVK0Sw63, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://deliver.helpnation.de/banner.php?uid=924994936&e=0&p=0&s=0&sid=4&size=2
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cee3f0doi1a2.de/jw.js?de=7HyJZH5uCVK0Sw63, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
security error URL: https://news8.de/
Message:
Mixed Content: The page at 'https://dragonball-tube.com/' was loaded over HTTPS, but requested an insecure script 'http://www.google.com/jsapi'. This request has been blocked; the content must be served over HTTPS.
rendering warning URL: https://st.chatango.com/h5/gz/r0817221641/id.html(Line 4)
Message:
The key "target-densitydpi" is not supported.
network error URL: https://media.news8.de/assets/970.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://media.news8.de/assets/300.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://media.news8.de/assets/300.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://media.news8.de/assets/300.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://s.cpx.to/fire.js?pid=12763&ref=&url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referrer%3Dhttps%3A%2F%2Ffohlenfive.de&hn_ver=40&fid=c1496395-a9f5-4f3b-bd12-4b95fa968613
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable: Back-end server is at capacity)
network error URL: https://media.news8.de/assets/970.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://s.cpx.to/fire.js?pid=12763&ref=&url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dhttps%3A%2F%2Fstadt-koeln.de&hn_ver=40&fid=8945e1c1-fcc7-4c80-8c70-a28e9d89c7d0
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable: Back-end server is at capacity)
network error URL: https://s.cpx.to/fire.js?pid=12763&ref=&url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D5%26referrer%3Dhttps%3A%2F%2Fwunderweib.de&hn_ver=40&fid=6806ff76-7a32-4895-b82a-ec3bb251c81f
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable: Back-end server is at capacity)
network error URL: https://s.cpx.to/ca.png?dsp=dbm&fid=6ddc8673-acf0-4205-a045-ce10f6f8d6f1&google_gid=CAESEIGczn1dxLUQHpVkJPJjZd8&google_cver=1
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable: Back-end server is at capacity)
network error URL: https://s.cpx.to/an_fire?app_nexus_uid=8368826727068441185&pid=12763&ref=&url=https%3A%2F%2Fmedia.news8.de%2Fin4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3Dhttps%3A%2F%2Fklamm.de&hn_ver=40&fid=eefef1f7-8f55-4ef1-b226-399b9b85e539
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable: Back-end server is at capacity)
network error URL: https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=4536891572803098826&fid=eefef1f7-8f55-4ef1-b226-399b9b85e539
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable: Back-end server is at capacity)
network error URL: https://s.cpx.to/ca.png?dsp=dbm&fid=eefef1f7-8f55-4ef1-b226-399b9b85e539&google_gid=CAESEIGczn1dxLUQHpVkJPJjZd8&google_cver=1
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable: Back-end server is at capacity)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
ad4.adfarm1.adition.com
ad4m.at
ads.themoneytizer.com
adservice.google.com
adservice.google.nl
adtrack.adleadevent.com
ajax.googleapis.com
analytics.webgains.io
api.webgains.io
apis.google.com
as.ad4m.at
assets.ad4m.at
bidder.criteo.com
c.blyatflix.de
c.tmyzer.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.track.production.webgains.team
ced.sascdn.com
cee3f0doi1a2.de
cm.g.doubleclick.net
connect.facebook.net
consent.cookiefirst.com
d2zur9cc2gf1tx.cloudfront.net
de-c114.cdnplus.de
deliver.helpnation.de
dragonball-tube.com
emmaglam.com
fonts.googleapis.com
fonts.gstatic.com
g.cash-ads.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
imagesrv.adition.com
jsc.mgid.com
match.adsrvr.org
media.news8.de
mug.criteo.com
news8.de
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pb.media01.eu
pixel.quantserve.com
pv.medialead.de
pxl.qccerttest.com
ref.cdnplus.de
rules.quantcount.com
s.cpx.to
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
spl.zeotap.com
st.chatango.com
static.a-ads.com
static.criteo.net
static.hubu.fm
sync.smartadserver.com
tag.leadplace.fr
thisis.aninter.net
tool.hubu.link
tpc.googlesyndication.com
track.webgains.com
ust.chatango.com
view.webplexmedia.de
www.awin1.com
www.facebook.com
www.fesch.tv
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.lead-alliance.net
www.news8.de
www.telefonica-partner.de
googleads.g.doubleclick.net
id5-sync.com
www.google.com
108.138.2.52
13.32.121.21
141.95.98.71
142.250.184.194
145.239.193.130
145.239.193.51
151.101.65.44
162.19.154.224
178.250.0.165
178.250.2.146
18.66.147.120
18.66.147.89
185.180.12.68
185.64.189.110
185.86.139.57
185.89.211.12
185.89.211.84
188.114.97.12
195.201.169.184
2.18.79.133
2001:4860:4802:38::178
208.93.230.22
208.93.230.28
217.79.188.46
217.79.188.60
2600:9000:20ed:ba00:6:44e3:f8c0:93a1
2600:9000:223d:5600:11:615:7240:93a1
2606:4700:10::6816:1857
2606:4700:1::6813:864e
2606:4700:20::ac43:4a81
2606:4700::6810:5814
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:800::2002
2a00:1450:4001:800::2008
2a00:1450:4001:801::2003
2a00:1450:4001:806::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:830::200e
2a01:4f8:10b:ddc::2
2a01:4f8:212:29e0::2
2a02:2638:1::13
2a02:2638::3
2a02:6ea0:c700::18
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
3.11.195.34
35.71.131.137
46.4.20.142
46.4.41.145
46.4.62.19
51.210.32.121
51.89.9.253
51.91.68.112
52.17.27.112
52.56.221.73
54.217.253.224
54.38.64.100
54.73.196.234
62.171.186.137
84.200.5.215
88.198.250.30
92.123.17.141
94.130.9.175
000e6cf8ede83b41f4cc4e128ec06dd7f9674c80f3e808a2e8de45a7d220828e
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
006d63d16dc7d6ba19a7ac5f10ee7bfe0de74f4a7bae1606c75101a5ce83f91a
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01985555d5eb4407b14db290c3a1c71a8a58a9351bccb70326c7665f6d1dee20
021fd5d08c1e5aefdf2738b4124c7a3edf64fff418e9f1f26b090f9c8e1cb2fa
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02ad60828c115e97fc41cd91e4e4303ec29c46160b2493a85b1d5b9bc3e08eb3
0398576f2352ddc2a9e0cec57cba9534325074f41e707a70d03e92af5c521ff0
03d5ce9fd1cd67e0c631da7ecee842bb6cbac4b82ea16064e3b3159e377482ba
03dd1e02408eb0d44b07302841c14c315590d988638e4db94c6861f671d8a938
0445407612ef205a29cc84507a9ce72d60f631261f80fe5d009c97bb56659574
0593174ff4efdddac16bae8411b2c4cd61adbf920f4324ead464074ccc63917d
05986b69288b07065d07201e63bf605a6ba437b02084aef791b2f21e7213d50d
05cfeecca96c97e0d3f0106989942e329e2d69591925e0ca99fef0aee32ceee9
07cfc76c479a977c2d7a65f3b1e0ce319ce56d01bdafd34ebbdd819083429f47
08da0846fcb1f65a2ead9d380eeb1285d7920fc0ce2d68cd394afe52af059ad2
0c1559254f9267b0142afb4fc759cb2f436717e6e8614a65ba63003e4fcae13b
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0cfe2fcd5e94de39175cc3dfc506bdbb07866c4f69de8d0adc9e58680bf273c3
0d28bd4bc4b8a1ecb41ea341dd43aabbc0322889858d76d406b7dc8a887b8eac
0d824c8b104ad2fe36019f4b3238d8c2969ae84008602a1f3d0b96024d6b131a
0df6b7e526b74f0f781f4bb2718066c37696cf55d3818b8a1923fca65c64b448
0ed40f4d2fbfd0fb9eb11c13ba0200defbd6bfa643134fe6ddfdf0002b81c0a9
0fa60c13bcea4273c2928250a6d7cda2039b83377ca098e0011ccb0adb2aec6e
10e65bf9b164e3e02c541cdb54ddf6f7d670c4aa9b5d212147de42a57403bcf7
125ca25dca8afb2c0c712f9d8fd2c86183d96cedb25e99617e74ad20879b7165
126153be0049a26d623488bd25ebb9ba467057669a1d6c129af9b6e6b2dcf786
12967dfbe83712c6c8ce1910ad29b33880a6311935c236d2ff632c9dae7db8c7
14172044559b3520a896741ca738a9bf7f8307adbd5386c24811d314d6d616b7
1450e5fc1f894c08784e1eeffcbb628afade4c3a2737db160d0d13f559f94ee7
14b30612570f753e6804af047af73c3fcf1469687713c65c7a515919844688e4
153c40cc72d76cbaca5faf30ddf657cbcc9694141606c3b1a30ce4a2c47b61c9
15cc42ec2a3a08dc0566d2f71a13e462fa764a4390c7d96870b71fd2cf6ff513
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17c3d6c6eebe77883a37c8f031de1595950b60c3696674867c541b2f30e00c99
17de521791f8fbb76b054407f96a9cabf90a222c67ae367d02ecbe66832fa948
17deb20c6f6ec3f074a2633c5c1706ae28e6def4c605c81c268dcd6161ad008e
1931a9737f2fa7694f57f02de955f274850fef4910e412f4f6c18090cc3ec90f
193a04fa09b754cb1103c7518253baf873320c898ed831c9783e42fae488523e
19978a0837e920a40e12b0cc759ca6516700603b36a3fd9aa80c2fbc35320d0b
1a252ab44aea48932fabadc302800d16dce7195a44326b1bfe94fb5b3ab810f9
1a8bafc1337c9d7cfafc6e48163d174b4d42dbc3b6ad87cd03a65eecb4d3a53c
1ac676f1c4a499cade859da1d11326a01fb3d99ebdec2d31aaac0ef8d387a834
1c70babefa9822756487660bc9f6efb38bc17af3b652453f469c1b688074e536
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d1add8b66b3b2eb042aa10501e0cbb9cd1ac7a0747c97a6e5ecb2eda32345bb
1d4857ecc19d6247ae5012c8b1af05dbf4d5c72547645481d7220e585f3092e1
1d7cf49cf488eaa5e5ea28d2e550b90946a63878fbb3c9be3cad0e727b7d364c
1d8fd12dc816835e256600e3042c355a78b7e2c5508a760002a1836e3fc59966
1e409dc20738a652ea368358dbc02ff88e6e4ba1d5fb97c678981b8f32c7f7bc
1ec4f3e5f9f8190152adc6e7b4e2333539bde41c4656bcc25acd8ac449713090
1f4082bc4d525c198936b8e7b8bda99929537de890c143e5e35fca4ac23b2a26
1f98f28389d6e1e4e182cda1b7e61ce411924514c59d8a16befa241302ca9e25
201bf4936ae235a53997b9388bbe0436c1de666785d726971a6588986af0ffee
20822478d32f7b9cebbe947fa565a20d155a5f710403e3bbea65ca814dbe8b8b
2130552ccb70ffd4c8b39437384f4003956678bf43819e63c545b4453f970cc1
2266a3a875952ddb16453e3d49b1fabd825728176d76976d8a9454fe717f9898
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
231645e192c14002a3c17176280d8398d54d2b0688e6f44c4eaa2637d0f4e732
2443d90558d9c645fadf3154ffeb61f5155b771da77a1b5db035e58100693139
24716b89ef0706ab40b366d8363c0c3de855d42d869dec9082e65103a9cd5978
2555f97253b61f29dff22b233037ad73159912cfbe96d290894f8efb6576a01e
25aa226b11eacdde779256279b5de6966d2e9a3c3d1965691dc14ca3f484f2f9
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
2789e254620426294e85035888c1a4c9f391155c28921dd63053862c7592b75a
288387557bd23a78a62e6ebd3656487103b957a7b96cce672dfe0d26a6c0097f
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8
297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4
2a0813d7fcc340ef99a50adeff2e7c26d952cb077fafb8718d0a8aae9d69295a
2a1f470895f45ab9e7bd67a603458a662c16bd7628d2990cb311b87d0dec5c19
2a3214455e3a5ac54649add67e0bddd593f92fe190a09c22a2270c9bef891a72
2b784d3e5c0e39e317b6f6298ea422ffec43793f96a9db00ce3765ca66cd87cd
2bf0b59a7518f8b73db880ecb0e510763231b2a8ef3a789504c9ab98e549904a
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2cf3abac33af5b2486b6f5a80408290d4d081e2dc5e26a7c1a402f48f76bad88
2d27c29095dea63352f123ae16072ffbc141969fd70133b3b7c8cef75f0bcb47
2dd15ee91f5ab4245c84ac337159c1b27d247d9299f7f3abb1d792bd8f14edb3
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fbcd1bc2d92c05ebd7ac6400b9700a10c3b522bc785b89d08ea94c9b72c15fc
31b6fadc0a0b6b6313ebe22cbc6cc824cdfea9e4338de57b50c6979df72468cb
32b52bf758f52d20e796e3e41e7659aa55242f7cb2a1e67c3cec59ead1916572
32b5ea0410bbd7fa1aef6686a84aeb567739bcd71a935ff6214d538b61353f0b
35453e2e57b7dd89ebc45fc0387ed811b2a41f2d127f37da6e3084de36b6352c
3701f4ae604d8fccb4ddca393e076a456aebfb06c1a9d94c1c13089293f55716
377f111f5b9b9a0f4b13fbd238493ecf98c07354de272b8558eb4cf8966714ee
3955297f287664a552e76449cd964596fd0fac5b4ed29e6c3ea8a3b0c1de72c0
3aba1bb7563b4d5d171c2785219b3fc32f27f1e32bd108de504821180438429e
3b9bbabb9bc1e756c5e4618fa0274f97f640490b5cdd34123012998e2d78d974
3bc1f989c9129baa76e8a27f34d9e622da8c38aec236cebf30c8e1e48103196c
3c392c23aff29f3624f3ae2d74139a1f9d694bec38c2aacf63a0c4bd691ab9c1
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
3c9b554029c65838a20bb2a81de5bc4224a567c4552fc1bbd492f839f5fa3c67
3cbc4cc3417ad2b7c4f69cd47a7b91dbd798b3722462fdccd081c31d05f2e61c
3fd510b1d61c187e90d8f8ef3ffe21c05c0f64f10c6add0c2f9e5d817fb277b8
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
4197413e6ecbaa918cb01205df34bd3abdff6700df956b3396ec291e0a511bf3
41b224edfab7447c72231ee7fd550154d2d6087d1d8d04f23631425cc62157bb
41d35eeaef7e5365fd00f00a6ca80b44d1108708d61c82fd3f92d1f3390be875
455d3b555c487828f6ce2b9fac9015a92be6cefbf332adc3d6a13e48f80bd6f0
462e9d73985031bfce27c38ce1a7c8325e374e622cafa542045a8daa1c03fffe
4670ec81856e44cc664ff12f9bd1d29ba564aa63d3354e6e01381f3eb55d0ee4
46b98a3787c3de05a63a522c71300ef713f78660098ae524fda5e19bb8567a83
471fa3e2feed6a9cc4337221b28d39234da2e826ef933b3df31a1d713e1e134c
483db3dae0af6290f875eba42729443c469964751832896b74c5210ecabf8a7e
4a12a69741a00b3fe0f1eeab41df223f7ea4ed428a90e091622a46e6db06cd6b
4ac7d4f3a8256fa10b20dee7956b42b0b46fa380a8adeb3b0d482b878e6cf3e9
4bc55c8ba260bec669e7e1a3a9f58bee850b833f3aa81f77a239a3acff6f8b35
4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977
4ef0c91e24e85f74f1de1a411d3bae2418f53ef03a877c6ecf17431dcf8316db
507e02d477d02983ce54b4884eaa4d496d0f2b5dc42ca6c31536a6f9214329c6
50df5c94512b11c2f4c8357774f25d123c5a39c120796dcc5b1d9ec8df548e83
50e320947b091c667a70658580f5fe7eb27e1e5e9edd177f4f19bcd1896a07b9
50f4f5c78736b4b5eb13cf588426996e5dbd0391b1228e08e4b7ef35ad0d4459
517f644aff03e243be5e16123a6caa65f1f9b91100dac3bd9089f2eeec202d7d
52231257689106bd0c1e85b5b0675f0eb01ab7c3492365d701827a07028d2df3
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f
53a1ee0f1371425a273deed2af1b5d1ac4a123774b42d961589a23884d51d9c1
53f923c36085f1d6fdb0c72522d25bb73e05e9cb2cb66c4f9e325ce7c921b913
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54beccad9698cb4c45756d70f7c15fa146b4e4cfb4c6bdd34b0998a4c85a7ad4
55320df11f4b1f769e314be2802aa92e719d09e1e6d2f8f2b243c984446b67b0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568dd1d03aaa979a84f4bb146bc456de281b39b3877dc0a5763d77fabc6fc34a
56979661e60a2854395bfa60af743f37f059f7974e404fa38fc459952b8b09b4
5803c3940f4808efcc4e5115a016862e0b366862c607c9dbfefe6432dd573f62
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5ba184595336942188e368221da6ae51f8eacebbf4f4a320d51899b6f593cd72
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5e709cf94bd75ce9f22e956e2e3f852350fdca2c27a1cf53d756fd0e0f08827b
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5f959ca7d520abbb194e8543bb6e984538e6e4e61acd1b85aced28f30cf9944a
6077d96b9bd1b7071f971ce7fb559e3e57af37df56ac67b9c2d64b2b8796fbd4
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62536b7ae3d555a8f998d3ab12bc7b920dde483edf9daf8d35e878d2d1182775
650ac99ee8a6ef50220f78053e21bcc2c96a8e1a91d3a849f96c358c121b1d84
651d5a55b7bcafbfb592b0a4df1e6800f3b89d5b20acb8f1f680736bbc5316c1
65ac6cc05d7933437081474bbbc2b72e0a1a340281837480bbc6bdef0b997267
6634563eec684020fbbbeebc71f8e2f7fd7782e057c6e722abd19116bf8701b2
66378ae1784fa13981826d04be46b6ae457288c972671c417fac7317b94dcbd8
672837f7c3468f78dc467f095815667f2d257ee045d320ed95a19232937e54ba
673307b84c378b5f22f966b69d33657a0c96f51148f259d190246a9b880e8844
67a2b3e41cf4d6b16ef89a098a6f72bc2a54a76ab63c02e14e617cba05cc4a38
67a80e1c7b36aa53913a77e36a8a6ed6e1e2f305e254476efab497ab7b967e69
6881118acfcf78a6d84c2b2e1d8f5f11ff5363150d608414726464802f1c3635
693fcd2c97a0aa26464a8a87d2dc78db0870793e6d8dab054d60081ade5e2db0
69f44b7464c4452c30bec7ab1eeea8bd43012032e784b007c25ec51a90e15693
6a7f4c8a9af17cac4c92d0fad28e07cc781825be9dd19da205c028b2a49e634a
6b463aba7f5eccf693919551bf83106c8990c446fb9fe811cbf5d7691936a200
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ba44a26c65949d928fa4930797db4d274f105a9acd23e8c9b98d3e46be1b261
6c2123d9ddde52411b964e7dc36c56aeab308244e03a22ecf479a821d5e1e62e
6d2cf79989a25b94d2694569e8a8372c34b3cfac8caf3f7c2ae6d97f7e9d02ae
6d65d818e5e9a949560b900fbf950d482e4bc95e15c7e8182ba9da491616ddb2
6e7ec1538f64f09356d095457fa3387b84619a8f32db7708a4a21957e7d33a3d
6eea499926669878dc267d25feeebbfd7826db0e55b82ce10db9e0004a3172b7
6f41f29b0f02e5481de7e96b521b618eca399bade637e84457034fab87681d91
70d6644ae6100468cefbb889c4f815c1977cf54d1558370ff508fb5d56e61c7b
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237
71f48a0b0b2d51a7083106e74b77afd7d2a73345c1deea097c1e667504187c39
73f7738878e54c2dd6c2d79edf5763175124049d669c28543b9c80342ce5a17c
74ecfd9eea177eec3310924ebc059a5f5ad1834a9deeed26b349384a8b883da9
75290b038a915258cda4e6f2092f80ffddcf6d8fb9d8aa92bfffa34575db0349
76f8f0c9cc435f09d8c0cb8dd8dd4a0cf67254928fecd7aefa5ee182cb95b571
7a04ecd654ddea0f1a13432ddd92ccd77be9b46d9a7ead225d66125810bbfc22
7c522a6bf7e3c6263e27733d969f2387639d6f34dca3ffbb625f31b9f5419c7b
7cc57368a0c50a6797e74ba8a99e457997b7280e497630d249913b8e064bac3e
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e412e84a85c83657fa00a6da402a8b64c0c6faa1bb7024416ee72792d6d2bdb
7e8be04cfefb213251aab28078169e5486db704ef75ecaa27ce922f177eaebdd
7eee63d56cb60adcef9626ef237065a99dd7bb638ad21b6ba09bc29a3977050d
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
8156497af6e016c713379e4ecb3006cce8360d92d858eda6924aa40ba917c0fe
82a3f563c7950d61eb323ac36257d3ee7c9bddfb304098d118d472ae9d19ba9a
82d02e0d253d4b4aea093b74e3be064f44c6589798a93b8013ef7bfe0ca6a588
83f7a89635aca73ac121457b26bc1c359a29449f19e304bf33ab4c13f3a89892
84aff2355b6de3a0a2388db5ecfd27cc8a980e6f52fed932fb61b49f93a275b3
85e267b92c6a639a35e54f01bb3bede4ff1bc3ff715bea017e04cc8d3d304abb
85fa0d0278bef0b937949219c966840c193f772bb4b938cfcdc7fa7c46f79c6b
86b87c6ffa01cbdb1bf025d141ee6dae755cec5169dd0561fcc089b46eb6d088
86bca6ce011493365eba131df592f31e72f7251d7dd6fa0f1b723d3f107f8f6f
88863432041eb15b694a581c0ff863d6774de1b00167860811226a5312716464
88adaed5566048e5f37b28e021e0db68f743f23be696c0ffd3878cea87d432b4
89141fb02ca66a70d90ff804823dd662c99cee3ec72b5bc33f2e995a4ef76695
89c575f0c94b26e707f9c06719f913681933a7ad9ee4dfd2602d426589c1082f
89ccf7b1b02f7c10f304e95be9d4263e8f72bb0902ba137dc4aa4e1f7fe26c88
8a282d829567d5169b2f6dbcd8a62ecdaf24fffffd07730bdab6a2719c7b164b
8ad12eed523baa167f8090c7c10af10b527e2829a98e1510b95a57d105e490e6
8b6d4698f1d2782fc265615021e4ed826ae859c976dcb8bde5dcb6d85c9bc10a
8bac9c023fad9d6721b69f7fe5cfbd0da812fd66ec2c428ae4a141cc44f2e4e9
8c25ade0a1d20dfb962dbc265e60d98d90544f13ce586820e3c3dc2baae64e81
8cc38bd1ad73b7001b1b4b331e5049dee6b025733dff772319ff98364f338363
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e71afd53d34b1a32c15ee776f34aa51869e45820afcc130ee01477b7e9e275e
8ef441397a2b83b65f0891e02347b0f824fd7cad319b1c097308f785012268b7
8f54026d94ef1734a1a29ea411fd5fb0b09f02b438b799bf1a088485c4ba045d
90202ea73ce957344d4016e26f056c85f07daaf6777b80791f47935d0d68ee97
90cbcae2f75cbdcf2a00d82c83cb2926f1a4ad7ab38eb3d629f2e7d3ad72410e
9517f1c9d7954c44a3999ca345447f3d5afd18256a1b3c44fe0620c83b430539
958b76a1a9b936a90ad2d7d51dea619af19dd0feb3a79876ccf447993815bae4
95db5e0f52d1d89a1c17733e005452f61c10c4b351a8737b7730fbf68dc3cd8e
96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd
9640bfe02ee029a65059e83f9da9aa81c16e4da84051876fc09581aeaeec63e3
967884205fed6eb3e1c7b73f689527b70b4eba4bcf5cc43cbfada48194846bca
97589eaccfbe78ee0a2455024933ac3a5b79a9f6b753a5cda7e5c7010ec8b29d
979e8f8ee5ebf383c6efc90997069e513bbdb12623bf1ecd12de5bec7d44e3a4
99308092280fbb41913fd20a39ba3ff572a8bc24e62a169327357b84957dcb6f
997c32003a6e783337a31a800313fe2ef5429c60a8a8a56ae51261ceb2380f14
998a493e3fe5cf9d5848e085b80f7cc29cf371651ed85c26376556a0dbd31c86
99a3260a9e2e7c516284706682be7761dde4c4c1f2544a16776db9657da5536f
9a8847e6fdfa97e19c86eafcaf7f60e470847db1a40e12b15b39782004d4663d
9b987b66e874b72abe1919a9d966a5e49922760e7806c10a9aed3cfebba0da33
9d3f94088f77a589448abfffa4bfdddf23d695955b910306b0df53a112fb7f34
9d5fa41af7cdd9ba2e17cbcbe3e784560230667f6eb0c0dd40f478220e7d59c9
9e002876e0dac7fef9dc879b0347e6c9561413ee8707799d584e21acc050a8a6
9e3dbbcaf1d1cf4f9b9b1906e98073523fba93c63cf624aad7226f63ec1ad528
9f3e7b3b36a699ce6ab2a79b9343479e262486bbbcacef8ecd76bcdfe9d621ce
9f5f18a43547bbe0a7a73f8322a2649c44dae857802d6b04b3087480730c8479
9f9ddb16e79d4d766243bdc8882427313b422a2b42f86b281aec279b49e98fcf
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b779ad590272d25a6b625b33f3d117b71ab8b77efa8266cf2ebcd90bd76764
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e76d6c389d3dd02a77fff1733aa635da50594ce724b552f99adca798604743
a1155e976b92237ae79d6085a47ee840c47f14960b1e4da88297b9fb5ebfb0ef
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a20e5d03eaf22ec1750835efce979b366149eede6cf4c7ddb853443feb281a3e
a2c9f4e1bb7783bdb65b2b2c5c1a12c4c4b27d9a075f076f197b4e6937c747b9
a2e462fb4793b1280b2104fe762b58e2f6c6f86027e2e7f9779c0759e3ba9cb0
a30e5e625ff14472418113ed08d6deeaf0e39daf7c78a677d071304c2a48ba81
a3157264639ee750d4f264e717ad00d0c1502d3d04e4f2ab6c7249cefd1bb13f
a327f98329c040b225029235f30448bf290256baa8f76a4c04cb45b2eb1bc6ae
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a877a5aa1e7da5c9913c955ebc1a731e1bf8728d7e6207cf0ed05a13219614
a6afa2d71945f652880192863aae765c0613fd01a19153d50a6749707df5515b
a8275413d7059db1bf68ea3986e84410ba9df950693f6d5fe66404b69290895c
a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff
a868642fa5a7a4692ff83f60cf0f26a6717c5d6a6cb6d550e798462a38a66880
a877d18de61f68a6bf3f8240fa730e23e2d80ffbc4b5e1293e5697dc6a585d96
a8b43a55f6ec6c8c41206b28c598ce97ea8c7eb279beda5ba68d565eba2413a9
a954cc44c4a08b33c2983ac361b1217185444c8ef1cfa8d601bb971db22adb0b
ac5bda00a06e2a3189fae564172e47b39a8b96cd334603f9197f1018b433c9ff
ad975e3af8266a5e38d207e80eb4bd17b8593a0f629f0013af5dc1153252c452
aebc89744247b7dc55942489f3cc024ffb5561f35598be98f78bb65fb51711b7
aeff4ff0fb0ac203d6273caa750d6ec45728de9bfdccd031699795498a70c5df
af468a53ff8b21e58d333969b462d31f6d23e94d0f255e58b8c9242057d29c34
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b03bec9e9bb215c735a4323b2c71d906529b613498bc46eefa00fa0f1288ea8d
b0e587092ca1126e5ead23734ff18340f126edcf6ee6c1460a223d56a3598497
b190bec40be9563df5802aa246508502691500f57eb9018a96c2fe7bf22381e3
b304e59ed1d6399f00578b6053c731d259b5ad4ca1da7b4fc1a94d166eec7c30
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b492fbe0a02dc8d5f6097dd996ebe2c8de3310d3d4dd2888a40326582ae8dd16
b4be73252e7518f5575b612f585a2b726d177df8a2cc8ff64d29f338b4501c13
b525db9076ab2e60b649f451fc0b8f28bdfd0e798cd03ff2a7bbb0df056bb8de
b5973c7b9e0fc3296016ea9c24884a4e84fbd9630fd9b4d88b697158d6a662e5
b5b58613de02a2628489f5253cbf992b173ce8a399697cb943ccf415375a9f4e
b5bf19127d5963d508986f22cd6d926905e0984497c0689bbd6dcf78779f4ea4
b78c6aa96175d69ae56638aa814a628fe1f8936f8a4be89e9df0a6e72db4c664
b809efcc7fd9ea21ab5a028abfa4102480b42f33542962cb545b3b8ec9c9b6f6
b84166bfe38537664b2d1fae7dbb2ec3d0041d495810a1adc50168a2030c2243
b8c1144d7765f25858dabd3f744c6e13e5349a454cd8b0354cf600016c8c158f
b986dde4fbee4b60ac1d9d458e4c3a374f35a4747b4cc0fd7035034443c7d52c
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bb3296813f7b54986ae0d9a55a8df2463a8b4278de212459b313cd765b8a4774
bb5e27f34ba5ea447a148b28c7c6f633a846bb4d8a7e5dd3cbc2e04274899154
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd52bb27c0db8081835c4162463d48085f62dec9752cae922d41503085963e82
bdbaae24cb5e89820feaa34c9363b83e4f7e3160e452d45c3b9b602b9b73b534
be6bff0e539b40d29e833aedbfa5580ba8230a025138d3805bfe4a553e7c6a8a
bebbc1dd159904af1973d97ce32f0390a377f2e2f8692b1a23a86f6a1b0a2781
bf109a2d05e13d300f3c97cd9aa2b384992564695380c09a8f3a2e7e9cb0201e
bf205569fe444f13084084efb6712517da6e6b59bbeafa2933fbb93bb1f7eda7
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c00f31ad114bda11405e2d6314696b4fd8081c4c22f89ef9df1ee887c78914fb
c1a51f921893ae45dfba49e5799f1d8c21b5a1449592bfe3c04cae8d69d093a8
c345540502d3b439812ff0feeda84b3eba4cc62c06af14831aad896746599940
c38fb8803f0f3d54042275fb83f607444ffe92e4243c6ed002bcc7fdccfc3c61
c3adf17d1e772530c629a8027fb51f2dd8170ec85d16d6797803287b7ba0f6ca
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
c6b254942d9acce474295b68f0c687bc7333468d1bf8c3dd2b909555e9a1eae4
c700207cd346b2625a804b41f581afc9351b319719ffb198ad39144366df6239
c7672b1f8efbb532817e72b70aa9f39f4616b10e2e7f008b2975d305d0c2998c
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
c80fe2f3fddacf61c34f8b931a37f7e781aa87f3d37f66350da5525f200a095b
c83d212d214bd2b84cf910740973055f9a6391ee8a53c4c815d81fcb9f40afb9
c89c795d21fe08b925ea2014adf779625a21310d4d6de59dbdeeafe98bbf62ac
c8a971105c9d001834b7d079ca4367c9084cda1a380a1cd1bac3a7444d668a95
c907449e77649b7251526ef8a042c6f0b2e1518c9bca69728f5a6f37d4f92a0e
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9584f421fb06be52362782600272bf07739aae062c73e970d6dd1aeb3ebcfcf
c9640eb2befb4938a64076908c70b3e3b72c1af042b031026e8a981d186ccff7
c9aeea516311505aad685ba305da7f535e51bd3052f9cff8677a4c70be4ca55b
ca41986254f8635bb72b990cd85b62f0f5b4e5f1b39cd7670c1b441b6b8e7d2b
caf8340f2513401c46bd6623b38cd091850da9664c2f87dc69b1e245824662a7
cceaa58cfc7773b7f4864d26b8854e3deb386ab0372b6cc33d38e3e875437eb6
ce335a9abb4111b27e4592548da35884a158ff050832f11595824dc97508f1c1
cea864c08935e4829ac476a659369a6f104bc42975540ca96922c364c05a0ad7
cf47258e6a4a33e59b9bf905dfdc7e4548112fb722468c0957995386cf30d721
cfe8f7650885b0eb139da2fd24a038fb4ca0067a566ea5c93e30fd68c3ad9eee
d12283be97149d8b68f5f8a2e5e7b9fce1f2f7ba0970e2171b55ab3301ca66f0
d12eb44c7f6038966737af70549631d70bb252740d2ccabbcf78ec866869333b
d1dff7ddfdb142c4a7685479a7f665d75a32026aede769007614b8fcb81a8ddc
d24e8c9af57e3a15948d22b892b7c4937bfcfd7378e6d881e75b3dcfa2443a7f
d25331f1455f29e2c4c97800b12dd968520098c4197e2bfc27ecb8eda36cc2c0
d32518f7f68825d7470b8364d11e5e933a1c5149724355e1d290e6e7eb1a6b21
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d491b524fd9bd7333918701c6c039b2f5937ceabd2e23c1839f5c0d64a298432
d613fa107446c08b5a9633d87b14aa2d542ed50c3949e48a47008c4662212a5c
d618a3a41f1fe2e4aacade7342bb5994e35f98557b4e3336c17a48da88e953e5
d71b1722a86feb175cf26b030003b5bff5c708e070bc72b2e4cc2d8492129460
d73d5638ad3d660cdbc2c1114ea844928b00c871ca4b4f86eb12525cb1a17994
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065
d91c38797a4f40c02b517763adb6b8d25ca0d0af244856025ecc3543b8540679
d93e8f042ec01770e430bf2b4822157f34589485e314bfe6a0ef9ee6297ffb31
d951736694abf6e078c76c38dc0c83979714734d020a73d59d066f652c75e3b0
d95fd6444b0227447fb555d0d26da10f52939657dc29d4620fc962f62ae99fe2
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
daee4c40a40971197a93d788d6df4eb52b14299162feb5a2c5a70d963f7dadb2
dba24e8290d6647caa36a88fb43451b82b5a8a270dea84eab6482b6647c1ccef
dd5d2ece36f87b02e567fab75d9b97b2c49d04b3c6ee2c43e177622ee66fdd81
dd65f097cca15df3bd4afad4e6e69575f85b3364d33eed8f8ec2ee778d9c78ca
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de666f9cf797fd3f24862538f446cc993597d8df630b1d342ebf891f1f49dd54
df8483ffa43afa35b105e2d83477b94e528490fc8b8dd9e19c95ab86cfd126cc
e25ce990aba8b6de45d83381762b446ae12fa65038a4cc2048d4f7e02ff18979
e2afb94ec849c8c855a08d80a9f77b3e20ca1945b279e4cce8e909aa1b18316a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4eb4de6890122eb3345d67f787fa78844fd2c86f315be3b1d20ae15de34c7c2
e634c6f7bbfd05283cd3adb4a0eacff47028f1c741925e131a41164541e873e5
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e6be69d99846159c43f20ee5e25d4ca83b462b90a46521fbf49f6030b92d4af7
e764961fbde84ea138e23879d3cb93f7fd96bccd31808c05c424bdeb5136e448
e784310189f7bd52fff295becdf2d4bf0dcb7498bccefefec2c34a53d449ddb2
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
e8b74068f602cc56b217069f28c3ab0c1b6b0c339add33e3a15d6025dfe43380
e8d217f8a77a3b7c389b29b0ddc0169d38747408e1673075645610293a8b3606
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
e9f20108fc117afb0b35d17bf5c22de16bc9201c5a644cf6cf99e720a3915daf
eb08bdbd007609495b67b3709c5dae15b718376b9638d87481fcaf3b92af36b4
eb522d165e917238e8a4946d98794ecd5b25dca69ec3f1392d8df54f59fc0d7a
eb9593cd7ae32b92fb30a92f84dd357bd2c5c58b3b45ec182f45baf3a8851458
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b
ed4446368946cdd67b6a4eea5136b7c6c02e004934eb865e41f6fa168431dd32
ed54662d8d90a7019c364180d5260b0820e6e39dba28600f1f704c33943a1486
edb6726c3fff1860799494fa30ffe3661c2527fec7263f75c43b7be211eaeb94
edbf3cc6250e1cac743959257f830469c245d353342d4a29694b82fee059c3a7
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef8a27703cc8657747ed7196c52caf00df3b3f11d9a7e9c0a9674c773004ecbd
f0d09f55cae1a62d19fa7e49b14465aa41215dac2887bcf221e600113c7707b8
f13311204beda3ce95b4047bfdca1579d115cbe7ccca1f145862d08e75edf6d2
f18e4698b1282cf42ab3e3011e1027b7e2fab2afb339417e38a06449c5f10529
f3f5311847d8fbac94a3d572938dea0a268ca1ff1fc18f6dad8b5bb9ff16a243
f426dd362e7d55ea96be5391bb1af0ff36f122175ca0aa44aa4008c5b04af426
f4612bb14195057916e896ac37087b1cabb18650978550a3bc4e27eee62020e6
f52afbdc9b50ea83386ec3f01d5b7f960c612515f6904541b370334f8d9676c0
f65fde2255ae7ee1aecf2ac52c2d97f0333bf55f8a2a3f6cb48e7da07cf7b044
f690efa866e3c106311602fd8846c3140460fb1238f85424131ebe0c198d2591
f7145eeaee8f9ce47acfc4f60af22d33c3c63c510da4305f412f39aef495d81b
f7543013448a42e1b07bc53b29226c43a784e357a52d97796b66dff9e2c8a6b0
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f840acfbbd734f7355b50043ebdf0daade546a92763d0fcf9cadab92c1919265
f95326e83a21ccb544105ca897dfee22936335d62c055f45514ee05f865f06a7
fb370df72145d766239306c63c0c9e2b02d0d82c9889fdae4667eb7a7249a034
fb99807d9c2d9b98d417acd2a3e897a28cc0829d4815642cb9bd1ab640b98454
fc7a25365244602b9b9a5de42f997b09a6705a6fdb0de9f5a549f93e06079396
fcc1c7f84067e55e0b64873d2314b7ba662561cbbc21381a4374bac8abf8eb37
fcd36fb7f3ad13e6f2d84898a5b87926d7fa8b2273be6f5d9377e5e5c698b731
fcfa793d204b4144bf54f59bd9c5c720843af02dd02999d1653c8fafc0ebd8ea
fd1f3e74123ad6d9cb51b549efd5e6782d7d529a0e8086257b9a60436587461b
fd61b4726abb58bb90d2820f7026c087362c59327c56b357c3f7ce810a6ade59
feac2132f1efc440bca59ad2c6dd33500e757e5e6096b369fdc7b04f81ea149e
feedef8ad246726b81ed4144f39e4f92af5537a2d9e06c55fa62a2aa465a35e3
ffa6b63bbede30e4937217f9d17cddf1a55a97b9f2c226011ed7b7a8ee2d7536