urlscan.io logo urlscan.io
SecurityTrails logo

adncaraota.com Open in urlscan Pro
2606:4700:3037::6815:547f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://adncaraota.com/
Effective URL: https://adncaraota.com/
Submission: On January 20 via manual from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 105 IPs in 15 countries across 94 domains to perform 853 HTTP transactions. The main IP is 2606:4700:3037::6815:547f, located in United States and belongs to CLOUDFLARENET, US. The main domain is adncaraota.com.
TLS certificate: Issued by E1 on November 15th 2022. Valid for: 3 months.
This is the only time adncaraota.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 101 2606:4700:303... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 108.178.23.114 32475 (SINGLEHOP...)
6 172.64.193.36 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 192.0.76.3 2635 (AUTOMATTIC)
1 13.32.27.98 16509 (AMAZON-02)
11 2606:4700::68... 13335 (CLOUDFLAR...)
14 2a00:1450:400... 15169 (GOOGLE)
1 1 67.199.248.11 396982 (GOOGLE-CL...)
84 2606:4700:303... 13335 (CLOUDFLAR...)
1 44.239.231.111 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 1 148.69.64.76 12353 (VODAFONE-...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 3 151.101.66.137 54113 (FASTLY)
3 92.123.36.4 16625 (AKAMAI-AS)
1 3.19.54.139 16509 (AMAZON-02)
2 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
11 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 23.35.229.56 16625 (AKAMAI-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
14 151.139.128.10 20446 (STACKPATH...)
49 108 2.16.186.10 20940 (AKAMAI-ASN1)
4 4 18.194.214.184 16509 (AMAZON-02)
3 7 185.29.134.244 30419 (MEDIAMATH...)
6 3.123.54.53 16509 (AMAZON-02)
4 4 3.126.56.137 16509 (AMAZON-02)
14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.120.247 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 2 142.250.185.102 15169 (GOOGLE)
1 37.157.6.236 198622 (ADFORM)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2606:4700:1::... 13335 (CLOUDFLAR...)
16 2a00:1450:400... 15169 (GOOGLE)
16 69.20.43.192 27357 (RACKSPACE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 103.143.19.103 134760 (CHINANET-...)
2 104.20.218.77 13335 (CLOUDFLAR...)
7 7 35.214.223.115 15169 (GOOGLE)
35 146.20.128.66 27357 (RACKSPACE)
7 7 2001:678:cb4:... 56396 (AMOBEE)
7 7 34.202.12.145 14618 (AMAZON-AES)
3 35.190.43.134 15169 (GOOGLE)
3 13.32.28.197 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 12 37.157.2.234 198622 (ADFORM)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 147.75.85.234 54825 (PACKET)
4 162.55.101.208 24940 (HETZNER-AS)
1 13.32.27.59 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 3 63.251.14.3 14744 (INTERNAP-...)
4 34.249.42.161 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 185.89.210.46 29990 (ASN-APPNEX)
1 18.184.195.113 16509 (AMAZON-02)
4 81.17.55.160 60781 (LEASEWEB-...)
1 2a0c:5c81:514... 55081 (24SHELLS)
58 146.20.128.109 27357 (RACKSPACE)
3 2a03:2880:f11... 32934 (FACEBOOK)
1 13.32.28.235 16509 (AMAZON-02)
1 65.9.66.68 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 52.49.185.121 16509 (AMAZON-02)
1 141.95.33.111 16276 (OVH)
1 2001:41d0:701... 16276 (OVH)
1 141.95.98.65 16276 (OVH)
15 2.18.36.193 16625 (AKAMAI-AS)
32 2001:4de0:ac1... 20446 (STACKPATH...)
1 1 3.69.181.182 16509 (AMAZON-02)
5 46 142.250.185.194 15169 (GOOGLE)
16 3.33.220.150 16509 (AMAZON-02)
3 2600:1901:0:7... 15169 (GOOGLE)
36 2606:4700:20:... 13335 (CLOUDFLAR...)
2 185.29.134.249 30419 (MEDIAMATH...)
15 52.46.155.104 16509 (AMAZON-02)
3 3 85.114.159.118 24961 (MYLOC-AS ...)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 69.173.144.138 26667 (RUBICONPR...)
1 1 23.35.228.23 16625 (AKAMAI-AS)
2 4 51.89.9.254 16276 (OVH)
2 2 151.101.2.49 54113 (FASTLY)
3 3 104.18.33.19 13335 (CLOUDFLAR...)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 213.155.156.165 1299 (TWELVE99 ...)
1 1 37.157.4.23 198622 (ADFORM)
2 2 52.17.225.185 16509 (AMAZON-02)
1 13.112.20.39 16509 (AMAZON-02)
1 2 23.203.125.36 16625 (AKAMAI-AS)
5 144.76.238.55 24940 (HETZNER-AS)
14 34.240.212.15 16509 (AMAZON-02)
1 2.18.233.201 16625 (AKAMAI-AS)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
3 88.99.165.19 24940 (HETZNER-AS)
8 8 172.217.18.6 15169 (GOOGLE)
3 6 95.100.75.47 16625 (AKAMAI-AS)
1 87.118.116.9 31103 (KEYWEB-AS)
6 6 84.200.5.215 44066 (DE-FIRSTC...)
2 88.99.63.132 24940 (HETZNER-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 35.176.33.61 16509 (AMAZON-02)
2 2 145.239.193.130 16276 (OVH)
1 88.198.250.30 24940 (HETZNER-AS)
1 2a0b:4d07:401::1 44239 (PROINITY ...)
1 2 2a01:4f8:d0a:... 24940 (HETZNER-AS)
1 167.233.14.134 24940 (HETZNER-AS)
1 1 94.23.99.218 16276 (OVH)
1 54.76.176.197 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 65.9.66.11 16509 (AMAZON-02)
1 13.32.27.119 16509 (AMAZON-02)
1 78.46.85.162 24940 (HETZNER-AS)
4 3.11.171.0 16509 (AMAZON-02)
2 34.98.64.218 396982 (GOOGLE-CL...)
853 105
101    2606:4700:3037::6815:547f (United States)

ASN13335 (CLOUDFLARENET, US)
adncaraota.com
5    2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    108.178.23.114 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
free.xjs.lol
6    172.64.193.36 (United States)

ASN13335 (CLOUDFLARENET, US)
tags.newdreamglobal.com
3    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    13.32.27.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-98.fra56.r.cloudfront.net
certify-js.alexametrics.com
11    2606:4700::6812:18f6 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.cleverwebserver.com
ui.cleverwebserver.com
lp.cleverwebserver.com
call.cleverwebserver.com
14    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
84    2606:4700:3032::6815:5505 (United States)

ASN13335 (CLOUDFLARENET, US)
www.iapac.to
1    44.239.231.111 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-231-111.us-west-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
5    2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    148.69.64.76 (Porto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: are.clevernt.com
sender.clevernt.com
1    2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    2a00:1450:400d:803::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
3    92.123.36.4 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-36-4.deploy.static.akamaitechnologies.com
a.teads.tv
1    3.19.54.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-54-139.us-east-2.compute.amazonaws.com
ads.vidoomy.com
2    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
gml-grp.com
2    2606:4700::6812:9ce (United States)

ASN13335 (CLOUDFLARENET, US)
www.betano.de
11    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
851d37d4b44b7dd00bfaaa7f382c6c5a.safeframe.googlesyndication.com
5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
3    23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com
t.teads.tv
2    2606:4700::6813:b210 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.gmlinteractive.com
14    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
ad.lkqd.net
108    2.16.186.10 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-10.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
4    18.194.214.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-214-184.eu-central-1.compute.amazonaws.com
x.bidswitch.net
7    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    3.123.54.53 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-54-53.eu-central-1.compute.amazonaws.com
a.vidoomy.com
d.vidoomy.com
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
14    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    18.66.120.247 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-120-247.fra60.r.cloudfront.net
sc-static.net
3    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net
12738953.fls.doubleclick.net
1    37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2606:4700:1::6813:874e (United States)

ASN13335 (CLOUDFLARENET, US)
a.mgid.com
16    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
16    69.20.43.192 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    103.143.19.103 (China)

ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN)
js.users.51.la
ia.51.la
2    104.20.218.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
7    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
35    146.20.128.66 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
7    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
7    34.202.12.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-12-145.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
3    13.32.28.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-28-197.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
12    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
adx.adform.net
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    162.55.101.208 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.208.101.55.162.clients.your-server.de
shb.richaudience.com
1    13.32.27.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-59.fra56.r.cloudfront.net
hb.undertone.com
1    2606:4700:10::ac43:8ae (United States)

ASN13335 (CLOUDFLARENET, US)
i.connectad.io
3    63.251.14.3 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ap.lijit.com
4    34.249.42.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-42-161.eu-west-1.compute.amazonaws.com
g2.gumgum.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    18.184.195.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-195-113.eu-central-1.compute.amazonaws.com
pre.ads.justpremium.com
4    81.17.55.160 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
1    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
58    146.20.128.109 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
3    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    13.32.28.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-28-235.fra56.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    52.49.185.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-185-121.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
lb.eu-1-id5-sync.com
1    2001:41d0:701:1000::96f (France)

ASN16276 (OVH, FR)
lbs.eu-1-id5-sync.com
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
15    2.18.36.193 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-36-193.deploy.static.akamaitechnologies.com
vpaid.pubmatic.com
32    2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
cdn.stickyadstv.com
1    3.69.181.182 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-181-182.eu-central-1.compute.amazonaws.com
1f2e7.v.fwmrm.net
46    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
16    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
36    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
2    185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
15    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
cs.media.net
4    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
3    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    213.155.156.165 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com
d5p.de17a.com
1    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    52.17.225.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-225-185.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
1    13.112.20.39 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-20-39.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
2    23.203.125.36 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-36.deploy.static.akamaitechnologies.com
sync.teads.tv
5    144.76.238.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de
hal9000.redintelligence.net
14    34.240.212.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
s.update.mediamathtag.com
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
3    2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
6    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
3    88.99.165.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de
hal900028.redintelligence.net
8    172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f6.1e100.net
ad.doubleclick.net
6    95.100.75.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-75-47.deploy.static.akamaitechnologies.com
www.awin1.com
1    87.118.116.9 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: km36617.keymachine.de
banner.congstar.de
6    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
2    88.99.63.132 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de
partner.o2online.de
2    2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
3    35.176.33.61 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-33-61.eu-west-2.compute.amazonaws.com
track.webgains.com
2    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
1    88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
1    2a0b:4d07:401::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
2    2a01:4f8:d0a:2321::2 (Germany)

ASN24940 (HETZNER-AS, DE)
cdn.retailads.net
1    167.233.14.134 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-2.futalis.de
futalis.de
1    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
1    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
1    2a05:d018:d29:3602:17a1:3e8:dac1:363e (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    65.9.66.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-11.fra56.r.cloudfront.net
analytics.webgains.io
1    13.32.27.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-119.fra56.r.cloudfront.net
cdn.track.production.webgains.team
1    78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de
partner.blau.de
4    3.11.171.0 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
api.webgains.io
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
vidoomy-d.openx.net
Apex Domain
Subdomains		 Transfer
140 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 596
cdn.stickyadstv.com — Cisco Umbrella Rank: 5297
2 MB
123 lkqd.net
ad.lkqd.net — Cisco Umbrella Rank: 19407
v.lkqd.net — Cisco Umbrella Rank: 14537
cs.lkqd.net — Cisco Umbrella Rank: 2825
t.lkqd.net — Cisco Umbrella Rank: 16003
439 KB
101 adncaraota.com
adncaraota.com
2 MB
84 iapac.to
www.iapac.to
1 MB
70 doubleclick.net
pubads.g.doubleclick.net — Cisco Umbrella Rank: 418
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
12738953.fls.doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 216
ad.doubleclick.net — Cisco Umbrella Rank: 192
323 KB
42 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 28836
ad4m.at — Cisco Umbrella Rank: 9591
assets.ad4m.at — Cisco Umbrella Rank: 37206
2 MB
36 googlesyndication.com
851d37d4b44b7dd00bfaaa7f382c6c5a.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 156
5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
155 KB
19 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 293
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 492
s.amazon-adsystem.com — Cisco Umbrella Rank: 279
57 KB
16 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 301
4 KB
15 pubmatic.com
vpaid.pubmatic.com — Cisco Umbrella Rank: 4983
13 KB
14 mediamathtag.com
s.update.mediamathtag.com — Cisco Umbrella Rank: 10816
59 KB
14 adform.net
s2.adform.net — Cisco Umbrella Rank: 6703
track.adform.net — Cisco Umbrella Rank: 3926
adx.adform.net — Cisco Umbrella Rank: 4186
c1.adform.net — Cisco Umbrella Rank: 590
38 KB
14 gstatic.com
fonts.gstatic.com
329 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 70
3 KB
11 cleverwebserver.com
scripts.cleverwebserver.com — Cisco Umbrella Rank: 30118
ui.cleverwebserver.com — Cisco Umbrella Rank: 30223
lp.cleverwebserver.com — Cisco Umbrella Rank: 64811
call.cleverwebserver.com — Cisco Umbrella Rank: 31439
217 KB
10 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 453
tags.mathtag.com — Cisco Umbrella Rank: 4501
pixel.mathtag.com — Cisco Umbrella Rank: 972
8 KB
8 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 34179
hal900028.redintelligence.net — Cisco Umbrella Rank: 248350
234 KB
8 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1406
t.teads.tv — Cisco Umbrella Rank: 2734
sync.teads.tv — Cisco Umbrella Rank: 1223
132 KB
7 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 650
2 KB
7 turn.com
ad.turn.com — Cisco Umbrella Rank: 721
3 KB
7 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 826
2 KB
7 vidoomy.com
ads.vidoomy.com — Cisco Umbrella Rank: 23667
a.vidoomy.com — Cisco Umbrella Rank: 8588
d.vidoomy.com — Cisco Umbrella Rank: 9429
7 KB
6 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 18712
api.webgains.io — Cisco Umbrella Rank: 49878
62 KB
6 awin1.com
www.awin1.com — Cisco Umbrella Rank: 15193
4 KB
6 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 82915
static-de.ad4mat.net — Cisco Umbrella Rank: 115742
11 KB
6 newdreamglobal.com
tags.newdreamglobal.com — Cisco Umbrella Rank: 155554
214 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 274
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 417
2 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
218 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 22
60 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
297 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
5 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 691
974 B
4 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1585
2 KB
4 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1318
3 KB
4 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 3659
941 B
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 276
1 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 5983
adservice.google.de — Cisco Umbrella Rank: 8470
2 KB
3 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 47464
medialead.de — Cisco Umbrella Rank: 47044
1 KB
3 webgains.com
track.webgains.com — Cisco Umbrella Rank: 40045
52 KB
3 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 70051
1 KB
3 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 72059
773 B
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 728
s.tribalfusion.com — Cisco Umbrella Rank: 1773
2 KB
3 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 434
2 KB
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1442
2 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
270 B
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 595
2 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1862
mp.4dex.io — Cisco Umbrella Rank: 1893
25 KB
3 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 984
1 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 352
12 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 153
157 KB
3 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3117
cds.connatix.com — Cisco Umbrella Rank: 3134
280 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3300
onesignal.com — Cisco Umbrella Rank: 1332
73 KB
2 openx.net
vidoomy-d.openx.net — Cisco Umbrella Rank: 37173
465 B
2 retailads.net
cdn.retailads.net — Cisco Umbrella Rank: 102502
6 KB
2 conrad.de
www.conrad.de — Cisco Umbrella Rank: 59631
980 B
2 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 80790
3 KB
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 625
815 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4845
645 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 554
849 B
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 306
964 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1057
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1305
610 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 938
id5-sync.com — Cisco Umbrella Rank: 393
17 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1039
bcp.crwdcntrl.net — Cisco Umbrella Rank: 904
10 KB
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1038
cs.media.net — Cisco Umbrella Rank: 1323
2 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 13730
c.statcounter.com — Cisco Umbrella Rank: 8813
15 KB
2 51.la
js.users.51.la — Cisco Umbrella Rank: 74513
ia.51.la — Cisco Umbrella Rank: 71058
3 KB
2 mgid.com
a.mgid.com — Cisco Umbrella Rank: 22115
5 KB
2 gmlinteractive.com
cdn.gmlinteractive.com — Cisco Umbrella Rank: 354971
7 KB
2 betano.de
www.betano.de — Cisco Umbrella Rank: 569266
2 KB
2 gml-grp.com
gml-grp.com — Cisco Umbrella Rank: 71692
2 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 2733
pixel.wp.com — Cisco Umbrella Rank: 2493
3 KB
1 blau.de
partner.blau.de — Cisco Umbrella Rank: 106543
1 KB
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 47056
3 KB
1 ad-server.eu
ad-server.eu — Cisco Umbrella Rank: 97044
312 B
1 futalis.de
futalis.de — Cisco Umbrella Rank: 160348
409 B
1 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 131376
931 B
1 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 46272
607 B
1 congstar.de
banner.congstar.de — Cisco Umbrella Rank: 89082
549 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 5281
44 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 11998
551 B
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 3075
536 B
1 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 5843
1 KB
1 justpremium.com
pre.ads.justpremium.com — Cisco Umbrella Rank: 6023
256 B
1 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 207
1 KB
1 connectad.io
i.connectad.io — Cisco Umbrella Rank: 8454
394 B
1 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 3221
559 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 838
275 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 357
7 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 951
13 KB
1 clevernt.com
sender.clevernt.com — Cisco Umbrella Rank: 59629
426 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 bit.ly
bit.ly — Cisco Umbrella Rank: 5116
226 B
1 alexametrics.com
certify-js.alexametrics.com — Cisco Umbrella Rank: 12436
certify.alexametrics.com Failed
2 KB
1 xjs.lol
free.xjs.lol — Cisco Umbrella Rank: 273092
2 KB
853 94
Domain Requested by
108 ads.stickyadstv.com 49 redirects adncaraota.com
ad.lkqd.net
cdn.stickyadstv.com
101 adncaraota.com 1 redirects adncaraota.com
84 www.iapac.to adncaraota.com
www.iapac.to
58 t.lkqd.net ad.lkqd.net
46 cm.g.doubleclick.net 5 redirects adncaraota.com
5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
35 cs.lkqd.net ad.lkqd.net
32 cdn.stickyadstv.com ad.lkqd.net
cdn.stickyadstv.com
18 assets.ad4m.at as.ad4m.at
16 match.adsrvr.org adncaraota.com
16 v.lkqd.net ad.lkqd.net
16 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
15 s.amazon-adsystem.com adncaraota.com
15 vpaid.pubmatic.com ad.lkqd.net
14 s.update.mediamathtag.com tags.mathtag.com
s.update.mediamathtag.com
14 pagead2.googlesyndication.com securepubads.g.doubleclick.net
adncaraota.com
tpc.googlesyndication.com
5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
www.googletagservices.com
14 ad.lkqd.net adncaraota.com
ad.lkqd.net
14 fonts.gstatic.com fonts.googleapis.com
12 ad4m.at as.ad4m.at
ad4m.at
12 as.ad4m.at 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
11 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
tags.newdreamglobal.com
adncaraota.com
10 adx.adform.net ad.lkqd.net
8 ad.doubleclick.net 8 redirects
8 www.google.com adncaraota.com
tpc.googlesyndication.com
www.betano.de
5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
8 lp.cleverwebserver.com adncaraota.com
lp.cleverwebserver.com
7 sync.srv.stackadapt.com 7 redirects
7 ad.turn.com 7 redirects
7 csync.loopme.me 7 redirects
7 sync.mathtag.com 3 redirects tags.mathtag.com
sync.mathtag.com
5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
6 www.awin1.com 3 redirects as.ad4m.at
5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
6 tags.newdreamglobal.com adncaraota.com
tags.newdreamglobal.com
5 hal9000.redintelligence.net adncaraota.com
hal900028.redintelligence.net
5 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 www.googletagservices.com tags.newdreamglobal.com
5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
5 www.googletagmanager.com adncaraota.com
www.betano.de
www.googletagmanager.com
www.iapac.to
adv.office-partner.de
5 fonts.googleapis.com adncaraota.com
lp.cleverwebserver.com
www.betano.de
www.iapac.to
hal900028.redintelligence.net
4 api.webgains.io analytics.webgains.io
4 onetag-sys.com 2 redirects 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
4 prg.smartadserver.com tags.newdreamglobal.com
4 d.vidoomy.com tags.newdreamglobal.com
4 g2.gumgum.com tags.newdreamglobal.com
4 shb.richaudience.com tags.newdreamglobal.com
4 ups.analytics.yahoo.com 4 redirects
4 x.bidswitch.net 4 redirects
3 track.webgains.com as.ad4m.at
adncaraota.com
3 www.lead-alliance.net 3 redirects
3 www.telefonica-partner.de 3 redirects
3 hal900028.redintelligence.net hal9000.redintelligence.net
hal900028.redintelligence.net
3 static-de.ad4mat.net as.ad4m.at
3 ssum-sec.casalemedia.com 3 redirects
3 dsp.adfarm1.adition.com 3 redirects
3 prod-rtb.ad4mat.net adncaraota.com
3 www.facebook.com www.betano.de
adncaraota.com
3 ap.lijit.com 2 redirects tags.newdreamglobal.com
3 c.amazon-adsystem.com tags.newdreamglobal.com
c.amazon-adsystem.com
3 tr.snapchat.com sc-static.net
www.betano.de
3 bat.bing.com adncaraota.com
bat.bing.com
www.betano.de
3 connect.facebook.net www.googletagmanager.com
connect.facebook.net
3 t.teads.tv adncaraota.com
3 adservice.google.com securepubads.g.doubleclick.net
12738953.fls.doubleclick.net
3 a.teads.tv tags.newdreamglobal.com
a.teads.tv
2 vidoomy-d.openx.net ad.lkqd.net
2 analytics.webgains.io track.webgains.com
2 cdn.retailads.net 1 redirects futalis.de
2 pv.medialead.de 2 redirects
2 www.conrad.de as.ad4m.at
2 partner.o2online.de as.ad4m.at
2 sync.teads.tv 1 redirects 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
2 ads.yieldmo.com 2 redirects
2 d5p.de17a.com 2 redirects
2 a.tribalfusion.com 1 redirects 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
2 sync-tm.everesttech.net 2 redirects
2 pixel.rubiconproject.com 2 redirects
2 tags.mathtag.com 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
tags.mathtag.com
2 track.adform.net 1 redirects www.betano.de
2 script.4dex.io tags.newdreamglobal.com
script.4dex.io
2 a.mgid.com adncaraota.com
www.betano.de
2 12738953.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 a.vidoomy.com adncaraota.com
2 cdn.gmlinteractive.com www.betano.de
2 adservice.google.de securepubads.g.doubleclick.net
2 www.betano.de 1 redirects lp.cleverwebserver.com
2 gml-grp.com 2 redirects
2 cds.connatix.com adncaraota.com
cd.connatix.com
2 www.google.de adncaraota.com
www.betano.de
2 cdn.onesignal.com adncaraota.com
cdn.onesignal.com
1 partner.blau.de as.ad4m.at
1 cdn.track.production.webgains.team 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 ad-server.eu 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
1 medialead.de 1 redirects
1 futalis.de hal900028.redintelligence.net
1 adv.office-partner.de hal900028.redintelligence.net
1 pb.media01.eu hal900028.redintelligence.net
1 banner.congstar.de as.ad4m.at
1 pixel.mathtag.com tags.mathtag.com
1 cc.adingo.jp 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
1 c1.adform.net 1 redirects
1 s.tribalfusion.com 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
1 cs.media.net 1 redirects
1 ads.travelaudience.com 1 redirects
1 1f2e7.v.fwmrm.net 1 redirects
1 c.statcounter.com www.statcounter.com
1 ia.51.la www.iapac.to
1 id5-sync.com cdn.id5-sync.com
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn.id5-sync.com adncaraota.com
1 tags.crwdcntrl.net adncaraota.com
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 ghb.adtelligent.com tags.newdreamglobal.com
1 pre.ads.justpremium.com tags.newdreamglobal.com
1 ib.adnxs.com tags.newdreamglobal.com
1 prebid.media.net tags.newdreamglobal.com
1 i.connectad.io tags.newdreamglobal.com
1 hb.undertone.com tags.newdreamglobal.com
1 prebid.a-mo.net tags.newdreamglobal.com
1 mp.4dex.io tags.newdreamglobal.com
1 www.statcounter.com www.iapac.to
1 js.users.51.la www.iapac.to
1 cdn.jsdelivr.net www.iapac.to
1 s2.adform.net adncaraota.com
1 sc-static.net www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 851d37d4b44b7dd00bfaaa7f382c6c5a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ads.vidoomy.com tags.newdreamglobal.com
1 cd.connatix.com 1 redirects
1 onesignal.com cdn.onesignal.com
1 stats.g.doubleclick.net www.google-analytics.com
1 pixel.wp.com adncaraota.com
1 call.cleverwebserver.com adncaraota.com
1 sender.clevernt.com 1 redirects
1 ui.cleverwebserver.com adncaraota.com
1 pubads.g.doubleclick.net tags.newdreamglobal.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com adncaraota.com
1 bit.ly 1 redirects
1 scripts.cleverwebserver.com adncaraota.com
1 certify-js.alexametrics.com adncaraota.com
1 stats.wp.com adncaraota.com
1 free.xjs.lol adncaraota.com
0 certify.alexametrics.com Failed adncaraota.com
853 142
Subject Issuer Validity Valid
*.adncaraota.com
E1		 2022-11-15 -
2023-02-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
free.xjs.lol
R3		 2022-12-17 -
2023-03-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-07 -
2023-06-06		 a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
certify-js.alexametrics.com
Amazon		 2022-05-30 -
2023-06-27		 a year crt.sh
cleverwebserver.com
Cloudflare Inc ECC CA-3		 2022-09-06 -
2023-09-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2022-09-13 -
2023-10-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
teads.tv
R3		 2023-01-20 -
2023-04-20		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
ad.lkqd.net
R3		 2022-11-29 -
2023-02-27		 3 months crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-01-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-29 -
2023-01-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-27 -
2023-07-18		 a year crt.sh
*.users.51.la
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-29 -
2023-04-30		 a year crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.snap.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-08-16		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2022-08-22 -
2023-09-23		 a year crt.sh
*.a-mo.net
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
*.undertone.com
Amazon		 2022-09-03 -
2023-10-01		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
gumgum.com
Amazon		 2022-09-06 -
2023-10-05		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
tracking.justpremium.com
Amazon		 2022-12-31 -
2024-01-29		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-12-03 -
2023-03-03		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.51.la
GlobalSign GCC R3 DV TLS CA 2020		 2022-04-19 -
2023-05-21		 a year crt.sh
*.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-09 -
2024-02-09		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-12-13 -
2023-03-13		 3 months crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-06 -
2023-04-14		 a year crt.sh
redintelligence.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
update.mediamathtag.com
R3		 2022-12-21 -
2023-03-21		 3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-05		 a year crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh
*.webgains.com
Amazon		 2022-06-14 -
2023-07-13		 a year crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-05-20 -
2023-05-21		 a year crt.sh
adv.office-partner.de
R3		 2023-01-01 -
2023-04-01		 3 months crt.sh
*.futalis.de
R3		 2022-12-18 -
2023-03-18		 3 months crt.sh
*.webgains.io
Amazon		 2022-08-23 -
2023-09-21		 a year crt.sh
cdn.retailads.net
Encryption Everywhere DV TLS CA - G1		 2022-06-17 -
2023-06-18		 a year crt.sh
cdn.track.production.webgains.team
Amazon		 2022-09-29 -
2023-10-28		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh

This page contains 76 frames:

Primary Page: https://adncaraota.com/
Frame ID: C08DE465D2E8AEEEA83EF3D54FDCF670
Requests: 291 HTTP requests in this frame

Frame: https://www.iapac.to/
Frame ID: A8E12BF00E559B720580B9471CC7B9F4
Requests: 95 HTTP requests in this frame

Frame: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=651020&group=64971&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNWJfOTA0Y18mYWZmaWQ9NDMxJnNpdGVpZD04MjUmYWRpZD05MDQmYz1WRUFCSllZRk1SQkFBREU%3D&ref=aHR0cHM6Ly9hZG5jYXJhb3RhLmNvbS8%3D&r=607724083
Frame ID: A3087E7EE4AF4B09FB23701529AF2913
Requests: 10 HTTP requests in this frame

Frame: https://tags.newdreamglobal.com/viewability/gtsur.newglobal.dfp1.2.0.min.js?v=1.1.4.3
Frame ID: 0DB554B560380CA54F8942FBACA4E705
Requests: 10 HTTP requests in this frame

Frame: https://cds.connatix.com/p/216099/connatix.playspace.dc.js
Frame ID: 5BF23CA6E64D19085ECFD86C71E8A6CF
Requests: 2 HTTP requests in this frame

Frame: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=825
Frame ID: 832B4D4A8543F46848335007F56E7241
Requests: 27 HTTP requests in this frame

Frame: https://851d37d4b44b7dd00bfaaa7f382c6c5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 758DC1EC08D28B473137C05C630F0B21
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 56B2B7E2658C0F54D9C5663163D73169
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 2022C7E5D6BC6E2D2BE3FAA9537AA16D
Requests: 2 HTTP requests in this frame

Frame: https://12738953.fls.doubleclick.net/activityi;dc_pre=CM_S3rLE1vwCFa9GHgIdtW4F6g;src=12738953;type=despo0;cat=despo0;ord=4584660124607;gtm=2wg1i0;~oref=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D825
Frame ID: 85F19667351254EDA301DC4E613037E7
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: C2B5A3102729F0B6C1B06A00FEAFDF53
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 8DEA87DC0AB5FB0B51DB97B9A4E43EF0
Requests: 6 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&u_scsid=a8b3ac8e-fc53-4a5f-b63b-bedaf9dd0e2a&u_sclid=2111be86-1343-46bd-b447-ca33de8f9ca0
Frame ID: 5C1E5A4C43473C5FE86D522BE7B7E0CA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3E82BFCFCF010D8417E27B1F54B48790
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 611C56E24B0BAD9E956083C09A2DFBD6
Requests: 2 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 0759C4732D5BDD9D9F2B5DF661851ED2
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 5E3AFD2DAF2CFD8E203A1B54F7022708
Requests: 3 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 2C2728CB1ECEB03D5DA9EDB76BCC34BF
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 2E23AC1131E24DDE9845680AF77C01B1
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 762F589F41B0F845727519AEA2B9AC86
Requests: 6 HTTP requests in this frame

Frame: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0ADD4B554E4E74F5B54FCE88C01B12A0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 6C1B4CFAD228FDA464745DA3A6A02D2B
Requests: 4 HTTP requests in this frame

Frame: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 42F4A15A2B343F3E3F57A230C72A4D04
Requests: 9 HTTP requests in this frame

Frame: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 63D384DF602F4EDD910853E8FA635F0C
Requests: 10 HTTP requests in this frame

Frame: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7C985530F526E7771131C6FA0F737DAC
Requests: 36 HTTP requests in this frame

Frame: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 44D8B8882FAE1070856377033216F9F2
Requests: 10 HTTP requests in this frame

Frame: https://www.iapac.to/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1674230400
Frame ID: 84C160CE388E2E33C8E4EF9EF639FA9D
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h3xhtpnqy1qnws37t30g25cngef5pg6nswjf1p1fwhtem3rf7n6kp0eg2cq0er6aejj3sjq8xs2xpp0e478akm3a6dkem1y22thmxgfqsft0r3j574x2ns73qcndate3rpaahsh65w6e5afrfsz9p0x7gx4ansezdhvwbb08r6h5ndrm1bdxc5fs429bf09jqr306va8ceb0brnprpfy07j5eys9z38qz4gr3yydkhccphkj34p29mhj9zr6medv1h8ej9yw1b80132cdj43zjwbfedjx7pf611wynrej1k0n2txm277b4swfqdny6vr3fp5m6zxqx69g3fkvy8f0za17s6tk20n8hk46brfr9jh5hb6c6fvbrr3vf9w111a9kjwajcf62cks7ef915p5rfpkpc0qsmx5vrn4q6arp4s8xbnnjpt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmAaWvLzKY4u5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEhQJP0FtyO975n_5PTAzovyWATwGr0DN87sGuGxn18ZmS-pZpI3GcvsZNKhEGv2XsOTeK5kqXxHrLQ0ml5zu5X8y7sg2Fqp4hYHVMMVuyiKCffnDCA-FaSM5L1LqfI-FovHsQ4TAk9wJawjaEdsp38oRbXKrEsfu7SEYGjdE8A5uh5AkqzajJcZkyjs5PgRGpiFovn91IMGTWHSzt_HMa45wOZ3rTYMJ1OtoxhJ05YC8RLv7cljQb3KKAb5GRkqs7j5tGMzVm2Jyckqj8D5yJumi3i0jhHr_CfH8JJZKjn3VSc-84ttLJ6y1Qd1HrCKbUxqWSBm03XW1r7bCq5z0PrfNXWo3EHtfgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1yrPEMCc-JA7UfiUFrOu4Az74ySA%26client%3Dca-pub-8339469931624128%26adurl%3D
Frame ID: A63829955546608545510E32A57EBAA3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AE795CA64940DEA6EF34EFCDD1301F80
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g0mj50s9vfr6dk1dky1nv61bjmywwgb6gd2ypwjqn462x5apwr96yc1c0t7bs7bk2cst81zs1afgj5mncf397n83zymfn1svhebyrxr79br5rc53b38b70wkayfrn41yx78zmh1qhmecwtxw3armc01f53tmr2fb59qgfzparv979ccvkq1wx6vxm6q9y8hj1kgt04bx0tem56d8w81wazt7arb1ggzhkgt3fekd8m0aasn81k6gatgtjm7ccdnahgt5wpjcs5k6g5ta2yr8bdr1xpf0e0nbempkgz6rnsx1t9demh70e4734xy2sxy2q4nzj3a34bw0rmv6mkx50advbkhp9e2vxzw341fbtybc1de7c22eatc4m6k1ksgpnksb5d456c24gh1gv3mf9wy4v7tq9q6gbp1x3dqvbb03wyed654wdnsbaa7c02nqcqms6kk&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5pDmvLzKY4y5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEgQJP0CKzjOL1xDWi-2XSRsyi_qG8I-TCZiwbJxlIHM7m-CrMS5NuISwOgZ4nfOEdJZEtQCK9_z4V-wIdIlyNJFgxSlv5Q9nAwbUx4SRCtBMC_fIW0DmgPeVzSr5tqkjASzm6STjucheKy8F6sNYT64klWVunCQkqXWVAxw0-OlYev5zsHXz4GWywHEpfix4zUEkDu08mV9KPIgshYpS-lZGxF3cr9qyLaf7ZkI7Jkfi7npGXcdlXQX7D9EuBXt4ddb7CpIKJ6R4WPucG0hTH0OrgwSSx1SomwVvj930Q-AIfLprOO9F7ZwoPit6v6KZuYLB5bIL4Fc90mDoKNNrj2wWgMOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3DZq9wNZ8IyDqSVMyRZmEa9_tRoQ%26client%3Dca-pub-8339469931624128%26adurl%3D
Frame ID: 1A0B63D33428A19363BFA7371717EC10
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 91C38DD75904CA01682111E69430A4EF
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jv0tc1d7h0sk421bj98s5b55vqb8jsxj31gteq1x2ckfqccnggcs9ad9h3kh5nmebdn0h7jg5w5zavp1gxq72fyjewkjwgv5jnnafxw1rwhntd4ex2mgj0ycxqz7j5gh7qvkj17tzkrds20j7b3ayz6ynwv4jjnnayyphvskgxgcf63hvf6ewx0e3y4wpv62ac4pfh8f8m36qc5t38pj0y7s5040ksjp85j7z6mp69c4gth921ywhjj0aa64evccsgvzr4brg9fgvbkcegm0xm37bykcqyqy9baww43dwsd8d285tkrz8jn77vz99fqwjy182gc7bn0b9g4k76r4jpv78rbkteg9k77vq969g3d3zyvnkd9q51264byvdbf93bprbx6d87kt4m62z51kf5ewekpse5s4gktt2grfcq6nt2y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBCV_vLzKY465MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoE_AFP0BVQ00imEV9BG-DrtJyhQ_fgudY4BBugd3UDhnouc_srXuKiVyeQanmmspQFQNJhfV8QNqRO5JvV4DnkpRKQBpyTilAhyfrwxVhkXGCv7KXVYnEfWMt211dSguL6rlAd2Lhw574z-v6PhYeiP7a41syAPUhMpN9fIsJ2AlR6gKVKfnUMpuc0noGTQ_HhlAldqa050oovxui-JsFCxZjmbTsC-zaxvNsdqDOtPHxBYIR6t5G2mLp4mrt3vZJf-n0TaTTLUcbkVN7b06zpG_9E_Ftds8-AMMymDjHRgbfE4WKwrspXIkOTLAGzh2_TuCcayeIpD0JvzU0BdC_gBAGABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1WI6wq1uCVTXZJ2ufR1pCBf4xThg%26client%3Dca-pub-8339469931624128%26adurl%3D
Frame ID: E68800CA4A4711C0C60A1CC696A47FF9
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 101AD10CF9967055628345078155B53E
Requests: 9 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 77DBC494D045856CAA75EB65550FAFC2
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: B7C684A7F702AE49B24DAD348BBD1B7F
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: F47DCF9064A78308E5890503A61AD481
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 0E773DCB9B5C396A209C2CB567FA504A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 82E81A3AED0591E3B1CF0E1574079462
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=186460%2C183975%2C14044&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=728&d=90&e=&g=11fbeeb394524b8200c10eaa8f3cd61c%2F12102109115472933496&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1674230974105&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hsw3ppdfhp8vmykf4dbrh0kj4kjfrs3gzwth79ccnyx4y01aabx1g6f2n7s8vs2y32kvp6cejc37bq7vajvfqp3p52z97nbetewvge5hjt8tbc0qp2zxm2p1pqdbp331vpx5qb439kjrg45c4tfb19qeqcrrpfgky0tcewtx1cy5ys5m3f7acxezebejgte53j3sttaxx2fa4p777erth8gcw7zfj2k06ywp180y9gs0wkpyzrc9zbt79twxrsspbarmb02pwcv8chzwpp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBCV_vLzKY465MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoE_AFP0BVQ00imEV9BG-DrtJyhQ_fgudY4BBugd3UDhnouc_srXuKiVyeQanmmspQFQNJhfV8QNqRO5JvV4DnkpRKQBpyTilAhyfrwxVhkXGCv7KXVYnEfWMt211dSguL6rlAd2Lhw574z-v6PhYeiP7a41syAPUhMpN9fIsJ2AlR6gKVKfnUMpuc0noGTQ_HhlAldqa050oovxui-JsFCxZjmbTsC-zaxvNsdqDOtPHxBYIR6t5G2mLp4mrt3vZJf-n0TaTTLUcbkVN7b06zpG_9E_Ftds8-AMMymDjHRgbfE4WKwrspXIkOTLAGzh2_TuCcayeIpD0JvzU0BdC_gBAGABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1WI6wq1uCVTXZJ2ufR1pCBf4xThg%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Frame ID: 2E99BF72BD90E7D669137B53F813557D
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=372e725e5d8f83622650c749bcd76ed1%2F9884314323597550369&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674230974106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdwamnbeaqav53nc5mf1xcp65e716qqpcj35w06q6qtfa2qhkk5yvxar2j9s0f958hk211dyqhxv3dk8mygfs3e2vtqnv91n4bvq60yzgh4eq4csxk6qey4zhg75z2evrq2tbqe3pysq302ng9yg74adc465wnztx06q67343gr8qsdrnv8mh8n09fqhkhs2w55r0nje5acvatkp0t4ekmes9q516tg86fkkst3x3zcd064hv9yff187qqzyk1hvcchmr7vav99wja38mt98cfd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5pDmvLzKY4y5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEgQJP0CKzjOL1xDWi-2XSRsyi_qG8I-TCZiwbJxlIHM7m-CrMS5NuISwOgZ4nfOEdJZEtQCK9_z4V-wIdIlyNJFgxSlv5Q9nAwbUx4SRCtBMC_fIW0DmgPeVzSr5tqkjASzm6STjucheKy8F6sNYT64klWVunCQkqXWVAxw0-OlYev5zsHXz4GWywHEpfix4zUEkDu08mV9KPIgshYpS-lZGxF3cr9qyLaf7ZkI7Jkfi7npGXcdlXQX7D9EuBXt4ddb7CpIKJ6R4WPucG0hTH0OrgwSSx1SomwVvj930Q-AIfLprOO9F7ZwoPit6v6KZuYLB5bIL4Fc90mDoKNNrj2wWgMOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3DZq9wNZ8IyDqSVMyRZmEa9_tRoQ%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Frame ID: 64F06F9F0567F22E58062AC902CE66CE
Requests: 11 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=83752400174015600951403012210028&actionid=981741&produktid=&dt_url=
Frame ID: 886BC4038553022CFA8663EA0FA73A79
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: A90DCB3ED52E4860134553FB4FE69063
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2104477020
Frame ID: 0222A527FB340DB8BDE9431A1F931015
Requests: 2 HTTP requests in this frame

Frame: https://hal900028.redintelligence.net/request_content.php?s=83752400174015600951403012210028&a=0b092f05
Frame ID: 193313FA5F4FE0CD53DE8F8578FF491F
Requests: 9 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/iframe?mt_uuid=5a0163ca-bcbb-4500-a947-113b34a33c4d&no_iframe=1&synclist=4&mt_lim=1&type=1&source=bidder
Frame ID: D5A07AB61D7F1E1D59F0B9187D45FAE2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 68AAEE32097715A2291937F753D9F8D0
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f376e9abdd93a2272c6543bf2aff1725%2F506313898071075014&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674230974508&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4sab7s68bex8t02k70qvyq5qer8zgd5v2mv75f6s5r4mnkm9dz6ap1ywc5a0t94g2019rjh4psyy225nmzxbgnh0cybc31y6xw7z4fnn4663ak5161098gseebyhzrbz6edm4yrpm5f7zt1qr51r1h07wx5mr68t26dcvzjvhtr57z0syvx1g4anhry5f00qppxm6bb10caa9ppvzw59pcmg0csjts97z6wcasmapnq334khnbc04ce4a2qbcgmaaycdr4w56pxpkdmst0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmAaWvLzKY4u5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEhQJP0FtyO975n_5PTAzovyWATwGr0DN87sGuGxn18ZmS-pZpI3GcvsZNKhEGv2XsOTeK5kqXxHrLQ0ml5zu5X8y7sg2Fqp4hYHVMMVuyiKCffnDCA-FaSM5L1LqfI-FovHsQ4TAk9wJawjaEdsp38oRbXKrEsfu7SEYGjdE8A5uh5AkqzajJcZkyjs5PgRGpiFovn91IMGTWHSzt_HMa45wOZ3rTYMJ1OtoxhJ05YC8RLv7cljQb3KKAb5GRkqs7j5tGMzVm2Jyckqj8D5yJumi3i0jhHr_CfH8JJZKjn3VSc-84ttLJ6y1Qd1HrCKbUxqWSBm03XW1r7bCq5z0PrfNXWo3EHtfgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1yrPEMCc-JA7UfiUFrOu4Az74ySA%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Frame ID: 99420BC2C3B3280501284C877339A4A8
Requests: 11 HTTP requests in this frame

Frame: blob://https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/f489fafd-7787-41e3-8276-1aa806879d83
Frame ID: 0313803DC94EFBC2A7A8A6EADE261C58
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 918E0D5D7F05E42DCD8A54211A0E58F6
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 670FB89CDD4602030AC099FDFF518AB8
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 38FE9EF12719FE72A14ADDBD3679F44E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2C8B2407F3DADAAF8F7D8421565E8C76
Requests: 2 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: AD38939897BCD75D7E6A2DAEF5D33D5B
Requests: 6 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 21D1B96F59172F622CABD543AC6D06AC
Requests: 7 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: B1BF51CDA56C5EDC6AD2EDF3593DD10C
Requests: 7 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 00D4ECBCD471E8E74C921A32EA45B590
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 7DD8243C7E759F97BC2376E93335A4D8
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 1E488C8658130729024ECAE6ACF3976B
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: A149828354D3794A4A156A9F89B81AA2
Requests: 7 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: BFF0A28E8CF75345846B5258ED6FA02E
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: A48C59DCFBC64C2E8BF224308BE2FE97
Requests: 7 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: AEF6C2478EAD74D45A0E9D0A06319D6F
Requests: 7 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: C40E21A119597C80A92E949996518F75
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 046213B95E0C51DE64AFA433EFF4E87D
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 26A841F26CC392BFD52C0C6D4AE08B06
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: EE32C431558AD85E8B58F2B2CE15C040
Requests: 7 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: A9F871E9B36C21627CE3DBE702243137
Requests: 7 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: BEB429DC67747A59BC5DC23A599A588C
Requests: 7 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: B5E9BBC099FE30565B7D82669D8183FF
Requests: 7 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 1C9E516EC4B9CB37B685E77A4FDAB0A0
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: CCCCF63A833229B13B3EF072755E9C6F
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: E01EA23A3D9F657D8281247B304764BC
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 0F211E8B53928279129586B33B5A0C5F
Requests: 3 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: CB7238DCD1AACDDB78B6815D0DCF39A5
Requests: 7 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 4AA03C9669F72DDF72D880471E8DECF1
Requests: 7 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 6A5DB02BC1853D2D2E4DFF4EE19F3C88
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Noticias de Venezuela y el Mundo - Caraota Digital

Page URL History Show full URLs

  1. http://adncaraota.com/ HTTP 301
    https://adncaraota.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?
Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • /revslider/[/\w-]+/js
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

853
Requests

82 %
HTTPS

35 %
IPv6

94
Domains

142
Subdomains

105
IPs

15
Countries

10846 kB
Transfer

25428 kB
Size

79
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://adncaraota.com/ HTTP 301
    https://adncaraota.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://bit.ly/3KXLqnq HTTP 301
  • https://www.iapac.to/
Request Chain 46
  • https://sender.clevernt.com/transporter/64971.php?ppuc=1&ppu=0&id=651020&ref=aHR0cHM6Ly9hZG5jYXJhb3RhLmNvbS8%3D&ruri=&r=607724083&tok=33419711310201791433&t=1674230970&cmpId=&fb=0&wl=1&iv=-1&ctr=DE&sz=1200&wn=null&res=1600x1200&landing=1&ts=0.081 HTTP 302
  • https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=651020&group=64971&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNWJfOTA0Y18mYWZmaWQ9NDMxJnNpdGVpZD04MjUmYWRpZD05MDQmYz1WRUFCSllZRk1SQkFBREU%3D&ref=aHR0cHM6Ly9hZG5jYXJhb3RhLmNvbS8%3D&r=607724083
Request Chain 69
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/216099/connatix.playspace.dc.js
Request Chain 73
  • https://gml-grp.com/C.ashx?btag=a_825b_904c_&affid=431&siteid=825&adid=904&c=VEABJYYFMRBAADE HTTP 302
  • https://gml-grp.com/C.ashx?btag=a_825b_904c_&affid=431&siteid=825&adid=904&c=VEABJYYFMRBAADE&AutoR=1 HTTP 302
  • https://www.betano.de/promos/de/Betano-DE.aspx?btag=a_825b_904c_VEABJYYFMRBAADE&utm_medium=431&utm_source=2&siteid=825 HTTP 302
  • https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=825
Request Chain 90
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=692970506.23986851878994094.6441208 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=692970506.23986851878994094.6441208 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3Dd6a150f5-36dc-49d6-bf28-5da25dcbf756&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=5a0163ca-bcbb-4500-a947-113b34a33c4d&expires=30&ssp=vidoomy&bsw_param=d6a150f5-36dc-49d6-bf28-5da25dcbf756&gdpr=&gdpr_consent= HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=d6a150f5-36dc-49d6-bf28-5da25dcbf756
Request Chain 91
  • https://ups.analytics.yahoo.com/ups/58610/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58610/occ?verify=true HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-XDbybhBE2uE6_mhjWQ0GPg4Pi.FHEaScEfeQnEE-~A
Request Chain 103
  • https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=4584660124607;gtm=2wg1i0;~oref=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D825 HTTP 302
  • https://12738953.fls.doubleclick.net/activityi;dc_pre=CM_S3rLE1vwCFa9GHgIdtW4F6g;src=12738953;type=despo0;cat=despo0;ord=4584660124607;gtm=2wg1i0;~oref=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D825
Request Chain 180
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3cb1150c-343f-4c4c-b45d-f77253664b1f
Request Chain 183
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3434956184223306299
Request Chain 184
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Uoc0NV_dSTpD4brib741C1FfBSM
Request Chain 188
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=98f99a3b-963b-403b-a979-a12c25e08aca
Request Chain 191
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2930553025957810747
Request Chain 192
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=teGXuYRATmdgaXdHAJtNPlFfBSM
Request Chain 204
  • https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=213522896195&ADFtpmode=2&loc=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D825&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=213522896195&ADFtpmode=2&loc=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D825&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Request Chain 249
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=634c81dc-c812-47ad-8fae-9efecd8a8f36
Request Chain 252
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2930553025957810747
Request Chain 253
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=teGXuYRATmdgaXdHAJtNPlFfBSM
Request Chain 318
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=74c6ef1e895703ea1ef0512e43736&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=v2e78_7190767274985939360&gdpr=0&gdpr_consent=null HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEJc8gPHeesmGNrMgZStcyoE&google_cver=1&gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 356
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 357
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 367
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEP025ukcDJX6NGY__ozs4v0&google_cver=1&google_push=AavPq0M03AmJAACByxsWIvPGlLEung3MZl-U7g-dxt_h84wwicJGD7EzOX0zOokw0jbqOxaG6UPr2EfNmlJosQEJg9rBljs-avA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=WgFjyry7RQCpRxE7NKM8TQ&google_push=AavPq0M03AmJAACByxsWIvPGlLEung3MZl-U7g-dxt_h84wwicJGD7EzOX0zOokw0jbqOxaG6UPr2EfNmlJosQEJg9rBljs-avA
Request Chain 368
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPpNYTE8pMyiVnjjRcVxTuU&google_cver=1&google_push=AavPq0MrroN1K7bPSDvt110aZ1wjZ27hYT8T_T8xOknvYMV3xVfZ-cHCtT8slXr_zlMi9l09JObzdzVBOEttePKmbyNttCuBeQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MDc2NzI3NTAxNTkyNzk2Mw%3D%3D&google_push=AavPq0MrroN1K7bPSDvt110aZ1wjZ27hYT8T_T8xOknvYMV3xVfZ-cHCtT8slXr_zlMi9l09JObzdzVBOEttePKmbyNttCuBeQ
Request Chain 369
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMLFz2NNtCTeF5nDkO5QoMM&google_cver=1&google_push=AavPq0OQQ-JKk0TmJAzTcRzRnqoyR7f9DBr9LAbftJ3QzbPsqrMNbTet7gC38jxUBUsUCvRY3Vrtsy_MABLyT0KPO31e3rfwew HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ylhEYai3Tkm3yMVGQUFAzw2&google_push=AavPq0OQQ-JKk0TmJAzTcRzRnqoyR7f9DBr9LAbftJ3QzbPsqrMNbTet7gC38jxUBUsUCvRY3Vrtsy_MABLyT0KPO31e3rfwew
Request Chain 370
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMBjEaFssIO4EN_MB6vtiJE&google_cver=1&google_push=AavPq0P6piwNyMwjjqLFaEdalhBt6dIP3ua2KGTDuT8QZW1SQoGLHkEuXv7JtWCay3utwBBWQf8aieUrlxAmj50bILuR-QimCg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ0UFc3OTItMU8tRzZZMg==&google_push=AavPq0P6piwNyMwjjqLFaEdalhBt6dIP3ua2KGTDuT8QZW1SQoGLHkEuXv7JtWCay3utwBBWQf8aieUrlxAmj50bILuR-QimCg
Request Chain 371
  • https://cs.media.net/cksync?type=g&google_gid=CAESEGZ8ApYmrt0XsoAwf1g4830&google_cver=1&google_push=AavPq0OU9PEcC7h1LWabIE_1QqQRZIJh5SaKAhGizwZ2aSrYqg6iuqmlCw9ieQXd6nxAxLhH_JkHI7xYT9uYeepHgvcyPFOTqA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE3MjMyNTczODE3MzE3OTAwMFYxMA%3d%3d&mn_hm=MzE3MjMyNTczODE3MzE3OTAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0OU9PEcC7h1LWabIE_1QqQRZIJh5SaKAhGizwZ2aSrYqg6iuqmlCw9ieQXd6nxAxLhH_JkHI7xYT9uYeepHgvcyPFOTqA&gdpr=&gdpr_consent=
Request Chain 372
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECqpWalKLHn4DsO-oeAkUZw&google_cver=1&google_push=AavPq0OhyXJVu2oG_aP9wgwp0pHCXLZ6mEvon-UQjrvNfR9NqHN71BIOAehaGW9pwzD8kXe4frajIyDefoar-3FQz_RL0wc5SgFh HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0uQ2NnOHpoRTJ1RU5GRHZlbU1Ub3RxYlBBdWxGNXUzZ35B&google_push=AavPq0OhyXJVu2oG_aP9wgwp0pHCXLZ6mEvon-UQjrvNfR9NqHN71BIOAehaGW9pwzD8kXe4frajIyDefoar-3FQz_RL0wc5SgFh
Request Chain 373
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEE4sxNVzs7LGFWPfuN1QQC0&google_cver=1&google_push=AavPq0NNwhYMRF_nzaYvgtRKsDNc-eZ9aEOP0cd8kCTRT3ogr6N4xLhITafzY3zwzN4wqfWASowK8XAfpOMzfnPiLJgLi1YFWBE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NNwhYMRF_nzaYvgtRKsDNc-eZ9aEOP0cd8kCTRT3ogr6N4xLhITafzY3zwzN4wqfWASowK8XAfpOMzfnPiLJgLi1YFWBE HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 375
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEP025ukcDJX6NGY__ozs4v0&google_cver=1&google_push=AavPq0Nd9H9TwMqY13tPT5yzirWqaiDiwrg8GB3-KZMOIL7ufZFM_XbxdmOLClBb3GrwYqLsn2_IT4DHtfB37uUBsVP7UubxpJaIfviMrpeWHMFlSkT-RUZrGgCinReH4n1RSOfocHpoKKgE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=WgFjyry7RQCpRxE7NKM8TQ&google_push=AavPq0Nd9H9TwMqY13tPT5yzirWqaiDiwrg8GB3-KZMOIL7ufZFM_XbxdmOLClBb3GrwYqLsn2_IT4DHtfB37uUBsVP7UubxpJaIfviMrpeWHMFlSkT-RUZrGgCinReH4n1RSOfocHpoKKgE
Request Chain 376
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENy5K5TIvkv9STxLT66N9rA&google_cver=1&google_push=AavPq0NRBVcApCGiBJV6xtRpgNbJmedBKcMAHQDKTkoAOG5lCypzLMHyU8aE3tVAJ6V00WL_i2foftYTSa2mjexciUZs9U9r62C0E4sCD5xizM_dEun1QQ4mmFSa3I1k7cBNm1ZbOykos8ef HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENy5K5TIvkv9STxLT66N9rA&google_push=AavPq0NRBVcApCGiBJV6xtRpgNbJmedBKcMAHQDKTkoAOG5lCypzLMHyU8aE3tVAJ6V00WL_i2foftYTSa2mjexciUZs9U9r62C0E4sCD5xizM_dEun1QQ4mmFSa3I1k7cBNm1ZbOykos8ef
Request Chain 377
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPpNYTE8pMyiVnjjRcVxTuU&google_cver=1&google_push=AavPq0MNUL-eFIfDB-7IwdE4RyELD6uWkKzq_V4ZD1tGZcSGdDtr4jSSQEG_i8vGlaQqCbL7DWKAMaIb1GAehGH1MW4ol-KU8pvmvcaLnlvy__x7pXr5a3nLZPvBuVEpUdhnEaY2LIfjPUeH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MDc2NzI3NTAxNzA0MjA2MQ%3D%3D&google_push=AavPq0MNUL-eFIfDB-7IwdE4RyELD6uWkKzq_V4ZD1tGZcSGdDtr4jSSQEG_i8vGlaQqCbL7DWKAMaIb1GAehGH1MW4ol-KU8pvmvcaLnlvy__x7pXr5a3nLZPvBuVEpUdhnEaY2LIfjPUeH
Request Chain 378
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMBjEaFssIO4EN_MB6vtiJE&google_cver=1&google_push=AavPq0PJkS9F2Q2RQJAKcUB4pfCIFhJIwzEWQxLkT1tyfQ6wMSlVuZMnNf2oVugy6g9VK9VvwtSDPjtTLZdI5wA6GGjjrt5259Y3Zb8wThHaExeqQ1-UWBcqqM4c7ixZ9jh5-ttyzr432w63 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ0UFc3RVAtMjAtQjc4Mg==&google_push=AavPq0PJkS9F2Q2RQJAKcUB4pfCIFhJIwzEWQxLkT1tyfQ6wMSlVuZMnNf2oVugy6g9VK9VvwtSDPjtTLZdI5wA6GGjjrt5259Y3Zb8wThHaExeqQ1-UWBcqqM4c7ixZ9jh5-ttyzr432w63
Request Chain 379
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL_gje3LgIv6_agmzQ-3AgM&google_cver=1&google_push=AavPq0MK_bD-Ma1_PvcuDrEupsPQz7xGmY4J6ljR7TrLeThbt33aDTTmzb1vLUwZQd6E2mvmQFAsxflpcUHyUhm7hb22HebZqa_ODfsgG7gHP2NfSxy5HPa0vI8TWuezx-X2RWvVTzmjEaYo HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEL_gje3LgIv6_agmzQ-3AgM&google_push=AavPq0MK_bD-Ma1_PvcuDrEupsPQz7xGmY4J6ljR7TrLeThbt33aDTTmzb1vLUwZQd6E2mvmQFAsxflpcUHyUhm7hb22HebZqa_ODfsgG7gHP2NfSxy5HPa0vI8TWuezx-X2RWvVTzmjEaYo&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL_gje3LgIv6_agmzQ-3AgM&google_hm=Y8q8vXyXRKO7KEm-le737QAABJYAAAIB&google_nid=index&google_push=AavPq0MK_bD-Ma1_PvcuDrEupsPQz7xGmY4J6ljR7TrLeThbt33aDTTmzb1vLUwZQd6E2mvmQFAsxflpcUHyUhm7hb22HebZqa_ODfsgG7gHP2NfSxy5HPa0vI8TWuezx-X2RWvVTzmjEaYo
Request Chain 380
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKLcHjVM-Jtch2CcrcOTtVA&google_cver=1&google_push=AavPq0PwYK0-wwDl5IxyBe_xhSnUlSVewrSg_PEQdpXd52hDp3NPdTpN3vaccleOmhOk735INN5ntkC_sFu724wb6OQtl33WJidmjmrQPT_UPLhuKlaY8Ud5_XiBhPRc3lpr4_YRdrtxeLD_ HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKLcHjVM-Jtch2CcrcOTtVA&google_cver=1&google_push=AavPq0PwYK0-wwDl5IxyBe_xhSnUlSVewrSg_PEQdpXd52hDp3NPdTpN3vaccleOmhOk735INN5ntkC_sFu724wb6OQtl33WJidmjmrQPT_UPLhuKlaY8Ud5_XiBhPRc3lpr4_YRdrtxeLD_&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0PwYK0-wwDl5IxyBe_xhSnUlSVewrSg_PEQdpXd52hDp3NPdTpN3vaccleOmhOk735INN5ntkC_sFu724wb6OQtl33WJidmjmrQPT_UPLhuKlaY8Ud5_XiBhPRc3lpr4_YRdrtxeLD_&google_hm=GBMpKGZHfsG0Xkp-SsmyJequ
Request Chain 381
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECqpWalKLHn4DsO-oeAkUZw&google_cver=1&google_push=AavPq0P6dnDmNREeI1BpzSoIIZczbfh0Qs80A0Rpmi8w_FeDr28Q5W5LYH5TXaX3vvetJM-0XMnQMYmeoVSR2dbO70qxNtVX8ODuucnb6z1pVpUDrsdX7p8TtzYqNG5nLaLoxCN-9nCsEgAoyg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0uQ2NnOHpoRTJ1RU5GRHZlbU1Ub3RxYlBBdWxGNXUzZ35B&google_push=AavPq0P6dnDmNREeI1BpzSoIIZczbfh0Qs80A0Rpmi8w_FeDr28Q5W5LYH5TXaX3vvetJM-0XMnQMYmeoVSR2dbO70qxNtVX8ODuucnb6z1pVpUDrsdX7p8TtzYqNG5nLaLoxCN-9nCsEgAoyg
Request Chain 384
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHdYd9K6ZAciWfUCZexXDck&google_cver=1&google_push=AavPq0N436YPXtDYW83BSi8MNPaq4NhP7nV5TW_geAhlTnd4UB1FKjd28OsloAo_70SlL6rzOhLJa_LUqSFAvwccjDGVQOmszUMf&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0N436YPXtDYW83BSi8MNPaq4NhP7nV5TW_geAhlTnd4UB1FKjd28OsloAo_70SlL6rzOhLJa_LUqSFAvwccjDGVQOmszUMf%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHdYd9K6ZAciWfUCZexXDck&google_cver=1&google_push=AavPq0N436YPXtDYW83BSi8MNPaq4NhP7nV5TW_geAhlTnd4UB1FKjd28OsloAo_70SlL6rzOhLJa_LUqSFAvwccjDGVQOmszUMf&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0N436YPXtDYW83BSi8MNPaq4NhP7nV5TW_geAhlTnd4UB1FKjd28OsloAo_70SlL6rzOhLJa_LUqSFAvwccjDGVQOmszUMf%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 385
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEA2P43B-Z2Lj3M8tkjhpS8Y&google_cver=1&google_push=AavPq0On5_Uc7DpvNavKJvjU3IQbypm-ITZb2IBCIWK8iKq7JE-rpEG88Hu7eQnWGjMhgjSRpDZwXx8k7WQILxMMSfYKPYUwbmY HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEA2P43B-Z2Lj3M8tkjhpS8Y&google_cver=1&google_push=AavPq0On5_Uc7DpvNavKJvjU3IQbypm-ITZb2IBCIWK8iKq7JE-rpEG88Hu7eQnWGjMhgjSRpDZwXx8k7WQILxMMSfYKPYUwbmY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0On5_Uc7DpvNavKJvjU3IQbypm-ITZb2IBCIWK8iKq7JE-rpEG88Hu7eQnWGjMhgjSRpDZwXx8k7WQILxMMSfYKPYUwbmY
Request Chain 386
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPicjLNIR9JNGPv7anmSmM0&google_cver=1&google_push=AavPq0PsQDIeCmOSekzTnVcTLAWIQLndOsQMFNpfwRNDV_gmp-uZqr1icKKYAcP0efU4coGPEj2DtfJZn9CkhGtOGufAtcpgYjmE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzcxOTA0MTMzODQzNTMzMjAyNg&google_push=AavPq0PsQDIeCmOSekzTnVcTLAWIQLndOsQMFNpfwRNDV_gmp-uZqr1icKKYAcP0efU4coGPEj2DtfJZn9CkhGtOGufAtcpgYjmE
Request Chain 387
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEOqmXhthixcCpVZ6iJS7_SA&google_cver=1&google_push=AavPq0OzaFqLRlIUOP-vxFkkEqwIwuLeScrWUA-Q9lx12eCjspeFBpyhN__bcYoyKwWzsONu2mMJPPNOXLtiveW15YRaqge48lJ1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0OzaFqLRlIUOP-vxFkkEqwIwuLeScrWUA-Q9lx12eCjspeFBpyhN__bcYoyKwWzsONu2mMJPPNOXLtiveW15YRaqge48lJ1&google_hm=Z2Q2OWYyN2E3OGViMDNiYTRiMTU=
Request Chain 389
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEE4sxNVzs7LGFWPfuN1QQC0&google_cver=1&google_push=AavPq0Prgpf9XQhymnRe429BU7xHiMB_NOWEg6_qBTAt3uu2AulVFHf4et3R60FHpS10pKuCov3SgVfranwAJp5J8ynMOzjUb7KAgA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0Prgpf9XQhymnRe429BU7xHiMB_NOWEg6_qBTAt3uu2AulVFHf4et3R60FHpS10pKuCov3SgVfranwAJp5J8ynMOzjUb7KAgA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 390
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEL1kZRHagu0DeTwSwI9gZg&google_cver=1&google_push=AavPq0MLZ_VHLmoISAkC8fU47aN2LYod4fC0HtTR0-jrtB-Jq3EEUF2GTm0VdRmHAdGbGjMibWTt0rBxcoIRTHVby-svjz8O3iRq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0MLZ_VHLmoISAkC8fU47aN2LYod4fC0HtTR0-jrtB-Jq3EEUF2GTm0VdRmHAdGbGjMibWTt0rBxcoIRTHVby-svjz8O3iRq HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 476
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEJc8gPHeesmGNrMgZStcyoE&google_cver=1&gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 483
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 485
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 503
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CL_shLTE1vwCFQ484AodYJsMQA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1674230974_d4a23260-98dc-11ed-911d-22634f140525
Request Chain 512
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3DviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CN7uhLTE1vwCFa-c_QcdCPMMNw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3DviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023012017093480681767013X117703V1226132702MSviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023012017093480681767013X117703V1226132702MSviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117703&partnerid=12218
Request Chain 515
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1674230974_d4903100-98dc-11ed-911d-22634f140525&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 521
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 528
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 530
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 531
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=83752400174015600951403012210028&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=83752400174015600951403012210028&actionid=981741&produktid=&dt_url=
Request Chain 533
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=83752400174015600951403012210028&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2104477020
Request Chain 536
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=83752400174015600951403012210028 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=83752400174015600951403012210028 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 553
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENy5K5TIvkv9STxLT66N9rA&google_cver=1&google_push=AavPq0NIRFBTHTGyECbhKf0GWh85uR1DwVu68GtuI24TTtLUbWF5xS0KUfMfttrVF9Y9xiyOga-fNSsHpKy5N3BiWo_08RD2PXJsYw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WThxOHZnQUEyNnRySndBXw==&google_gid=CAESENy5K5TIvkv9STxLT66N9rA&google_cver=1&google_push=AavPq0NIRFBTHTGyECbhKf0GWh85uR1DwVu68GtuI24TTtLUbWF5xS0KUfMfttrVF9Y9xiyOga-fNSsHpKy5N3BiWo_08RD2PXJsYw
Request Chain 554
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPpNYTE8pMyiVnjjRcVxTuU&google_cver=1&google_push=AavPq0MuP3rOk5Lnp5sa-dYL7y-Gx_IfTQaZN8jOFLqkHuJrELdVOKHuPZAZIOvHvsGSWDTfHg8p4eQA6cZ1rbk_oIb2riWlkx_nuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MDc2NzI3NTAxNzA0MjA2MQ%3D%3D&google_push=AavPq0MuP3rOk5Lnp5sa-dYL7y-Gx_IfTQaZN8jOFLqkHuJrELdVOKHuPZAZIOvHvsGSWDTfHg8p4eQA6cZ1rbk_oIb2riWlkx_nuA
Request Chain 555
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGvfWEzsScvhW9mguCCE5Q8&google_cver=1&google_push=AavPq0Mz-32VQZeXuXkZv9_3U_1ZAWSkekBrzpcEK-4As6W1rzuQwEdFlD1U9zSOUVqvKf71iU_3Kx7GxxPWMI06oFNbgd8ZT0zMNg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Mz-32VQZeXuXkZv9_3U_1ZAWSkekBrzpcEK-4As6W1rzuQwEdFlD1U9zSOUVqvKf71iU_3Kx7GxxPWMI06oFNbgd8ZT0zMNg&google_hm=eS1sTFlRUVQ1RTJwRy5PVHFHN2hyU1lUNi5KN0RFOWtVeX5B
Request Chain 556
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL_gje3LgIv6_agmzQ-3AgM&google_cver=1&google_push=AavPq0MO9mYzyK3C8b04sKO9S1kKkRv5umVptaKOYdZOFJmL46reChkJr8dUfLSfGzJ2rgDJb6bXzv4Rdc3LBes5fesJ9zZvWdOskw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL_gje3LgIv6_agmzQ-3AgM&google_hm=Y8q8vXyXRKO7KEm-le737QAABJYAAAIB&google_nid=index&google_push=AavPq0MO9mYzyK3C8b04sKO9S1kKkRv5umVptaKOYdZOFJmL46reChkJr8dUfLSfGzJ2rgDJb6bXzv4Rdc3LBes5fesJ9zZvWdOskw
Request Chain 557
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEOqmXhthixcCpVZ6iJS7_SA&google_cver=1&google_push=AavPq0MwHeTAsHOlMahHTx8U_kEf5f-NKbHnzW57Q0WBNIU7sVYDYAOwQedBZs-eUETERIhdtqGQR7hMwE9RvU4OyGpwvCwaKiSXEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0MwHeTAsHOlMahHTx8U_kEf5f-NKbHnzW57Q0WBNIU7sVYDYAOwQedBZs-eUETERIhdtqGQR7hMwE9RvU4OyGpwvCwaKiSXEw&google_hm=Z2Q2OWYyN2E3OGViMDNiYTRiMTU=
Request Chain 558
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEMfCQZFJwTzkQDD7rhOMZg&google_cver=1&google_push=AavPq0PD0itHdjBYP8jrnDQzYI449u8oseFwmmO8VruJK9qOkAfn_KuTzEflWnrlnbTcBcgnUwjeykcZnEeefdgqzWWiHA2TgRbEiyU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d6a150f5-36dc-49d6-bf28-5da25dcbf756&%%GOOGLE_PUSH_PAIR%%
Request Chain 579
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPjmqLTE1vwCFYD2EQgd8rsLIw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023012017093580681767225X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2023012017093580681767225X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
Request Chain 582
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=COrqqLTE1vwCFQOIdwodP0EIdg;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023012017093580681767227X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
Request Chain 585
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1674230975_d4ed1e10-98dc-11ed-b41e-2266f55646ad&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 599
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=60c28c14-4e92-4b86-a65c-fced014233fc
Request Chain 602
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2930553025957810747
Request Chain 603
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=teGXuYRATmdgaXdHAJtNPlFfBSM
Request Chain 629
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 635
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 637
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 642
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 646
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 648
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 655
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 659
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 661
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 672
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=7116506a-86b5-460f-be2c-3c838ddad97e
Request Chain 675
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2930553025957810747
Request Chain 676
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=teGXuYRATmdgaXdHAJtNPlFfBSM
Request Chain 694
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 700
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 704
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 708
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 710
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 716
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 720
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 722
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 728
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 734
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 736
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 745
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=e80ce781-cc2f-4d73-9c30-85f241dc9279
Request Chain 748
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2930553025957810747
Request Chain 749
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=teGXuYRATmdgaXdHAJtNPlFfBSM
Request Chain 769
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 775
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 777
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 781
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 785
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 787
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 793
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 797
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 799
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 805
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 809
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 811
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 822
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=07475443-c017-4e9a-9747-40c6bad0455a
Request Chain 825
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2930553025957810747
Request Chain 826
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=teGXuYRATmdgaXdHAJtNPlFfBSM
Request Chain 846
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 850
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 852
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 858
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 862
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 864
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

853 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
adncaraota.com/
Redirect Chain
  • http://adncaraota.com/
  • https://adncaraota.com/
665 KB
60 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
586ababf0995e76ffaab0f4283fd44b679945b87b9172e616e010d91f6d30c17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
78c913290d85163e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
unsafe-none;
cross-origin-opener-policy
same-origin-allow-popups;
cross-origin-resource-policy
same-origin;
date
Fri, 20 Jan 2023 16:09:29 GMT
link
<https://adncaraota.com/wp-json/>; rel="https://api.w.org/" <https://adncaraota.com/wp-json/wp/v2/pages/478652>; rel="alternate"; type="application/json" <https://adncaraota.com/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
geolocation=(self), payment=(self)
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxYwcof4ghvRvfgT1X6FUbrjHekGtxVGvyfKM4cg%2F%2BmaeJsXsTPetZntrkpQ1lB64R0T20iLOsD0HR2oFAGNGbJ2Dwarlss5GjiUiMkDQcTccMEy%2BOgDUvKZfr26TN3V4obwy2%2F9yHgJL42iXg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-lsadc-cache
hit
x-permitted-cross-domain-policies
none;
x-xss-protection
1; mode=block;

Redirect headers

CF-RAY
78c91328ca379bf5-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 20 Jan 2023 16:09:29 GMT
Expires
Fri, 20 Jan 2023 17:09:29 GMT
Location
https://adncaraota.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jAQ04WvoXh385HZsCtAF%2FQVRY1TmqTDWuwpBd6JtHdMZ5Kc1gtbI3EysGHPrfxj3a3RvECLH5pv9PVUNxJFT%2FlsN%2FBMnfKIR%2BbiOIf%2B6XSlt9qEHn%2FjsgNpahwMoA7TlTrK8vdB8kzKsDNtb9A%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.min.css
adncaraota.com/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adncaraota.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
content-encoding
br
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Mon, 04 Jul 2022 12:10:37 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
W/"15b64-62c2d8bd-85102b0129052e35;gz"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVf2oq9OctkVTRQlyqLAg7hnLd9Iqb%2F9E3UJ2dUj3JV7%2BzU%2BGI7rmf5vHDH2U%2F0HhYUVCBpz0tOJBO1x4S972AYNq8RKJbmiIlyuOK8NlD48sUaYMmMfHbmZnscRAkApGzcrSLbdfwtFXv0QrA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
cf-ray
78c9132a4f0d163e-FRA
expires
Wed, 18 Oct 2023 05:08:00 GMT
mediaelementplayer-legacy.min.css
adncaraota.com/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adncaraota.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
content-encoding
br
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
W/"2bf8-5f735862-b3ee7be3daf5a1e1;gz"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65DYT3yqEmzAMbejKLN8%2BCKS1K3vHzUMH4rIEBQ2FHNizbqKRSVXrF9kqVinnSsHfToT5oOqsXkzVN%2FGrNF%2BrDUksZlW2yu9qiGA7bEhxBoJ0D6lw5J1F39OvjOVbB%2B7KYenyXhNfKLr1plPZg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
cf-ray
78c9132a4f11163e-FRA
expires
Thu, 31 Aug 2023 10:10:15 GMT
wp-mediaelement.min.css
adncaraota.com/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adncaraota.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.3
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
content-encoding
br
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
W/"105a-5cfaccce-7979537517be1507;gz"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qHIZXbWhSa6sp%2FHCHwnPqp0CsuPfBQFUqpClP7%2FBn6iR0OaV%2FoN81IINpJmA86kjj8iR0lQDDFXIPr3NU6uSX5P%2F68XgtUK99nOSwcUKQzztjySxFkLQR2w6ac52xYl8QukSf5hlsuZ32dzNRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
cf-ray
78c9132a4f13163e-FRA
expires
Wed, 18 Oct 2023 05:08:00 GMT
style.css
adncaraota.com/wp-content/plugins/td-composer/td-multi-purpose/ 		37 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adncaraota.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6ea45b81e47c58269b68289d05535e19x
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
content-encoding
br
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sun, 21 Aug 2022 23:58:21 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
W/"92ec-6302c69d-36df8d1bcd02fb74;gz"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qprXa2G4UHTHT7SLN5XjxSwqt8ht0DEMlj1rEhEOLEuhU6fJ3lCukvToZgkQh3t7m5VgaUu6Jh9s9kRnX5bFbWqqLMORtGUAAO%2BL2rcg2vAHn%2B57TetSyALad2PP0lp6zqNuQNZuf8dltp1XzA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
cf-ray
78c9132a4f16163e-FRA
expires
Tue, 29 Aug 2023 06:10:13 GMT
css
fonts.googleapis.com/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRoboto%3A600%2C700%2C400%7CSource+Sans+Pro%3A900%2C400%7CMontserrat%3A400%7COxygen%3A700%2C400&display=swap&ver=11.5.1
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
689ce64440b4c5e67453bc766df1d3403564c83456add5bdafb87d9c88979611
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 20 Jan 2023 16:09:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 16:09:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 20 Jan 2023 16:09:30 GMT
style.basic.css
adncaraota.com/wp-content/plugins/ajax-search-lite/css/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adncaraota.com/wp-content/plugins/ajax-search-lite/css/style.basic.css?ver=4.10.2
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d7af35b7be5f569339957a842b7ebf4041f6b9dff0e6ae917858f034cef7ff0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
content-encoding
br
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sun, 21 Aug 2022 23:25:04 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
W/"5d91-6302bed0-3b89a1a2c7cab536;gz"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2BwcDVk5KHnR2Gpi8KLStVNlFIatvLaDXPUYrFlpelTwN%2Bz7663fFaQg6js%2B6dcXjZZo%2FAm%2BG0ZGm54Z3pDFCaPNZvkbAqvbTE%2BAV5Xbp5gdykgG%2F%2BWFaJxl4w9Fqs92Bt9DwuuDpinxXbv4JA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
cf-ray
78c9132a4f19163e-FRA
expires
Tue, 29 Aug 2023 06:10:13 GMT
style-curvy-black.css
adncaraota.com/wp-content/plugins/ajax-search-lite/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adncaraota.com/wp-content/plugins/ajax-search-lite/css/style-curvy-black.css?ver=4.10.2
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c80505133c2b387dbe571c9b908be7e815b86ec57d1cb8de7f1b8212cb0d304
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
content-encoding
br
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sun, 21 Aug 2022 23:25:04 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
W/"1927-6302bed0-e49a67e717c81b91;gz"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FTSSh6q5A17uLwtbk%2FBjg7dwfoa7jbAawwUtIMTH%2FeKVYH1Mb2wDQJBJcB0h%2FO6l4MaJx8pHUAlOoT9x%2FOSD1Z0cbeZ1zOH8yqjpMgnbZg07%2FFFYaGxURfidWhplpu70cooRJLEd%2BkpN6tIAw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
cf-ray
78c9132a4f1c163e-FRA
expires
Tue, 29 Aug 2023 06:10:13 GMT
style.css
adncaraota.com/wp-content/themes/Newspaper/ 		147 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adncaraota.com/wp-content/themes/Newspaper/style.css?ver=11.5.1
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0bfab163b0b139943e2adcc4c126125461d95899402d2729577668a46bcb2e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
content-encoding
br
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Fri, 27 May 2022 12:51:40 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
W/"24a56-6290c95c-5311783d53688c9a;gz"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IsfFt2Z%2B0uyD93ihjV7QOTCDVhq%2BFuIjFGjouJS5gLqm0S2XKAHuEZxkLVqUo3zYFUwfKxas8m8g36pkYK85XmeQT9V3%2BodtD5rRsZUi2NpjOUiAYJMtytrb7mj5CyVibAInJghIuepW5V8mfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
cf-ray
78c9132a4f1f163e-FRA
expires
Tue, 29 Aug 2023 06:10:13 GMT
td_legacy_main.css
adncaraota.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 		159 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adncaraota.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6ea45b81e47c58269b68289d05535e19x
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a90f3071f749920d5c06cd9fbbd71919955e7d38736a8ef285b31a19b9e9ea85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
content-encoding
br
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sun, 21 Aug 2022 23:58:29 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
W/"27b2d-6302c6a5-4e1e98b541c00ba;gz"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWSpQAjkMq%2FmvG%2BT1tGZ9Rsznh1f%2BxXXHiDw8qo1O4jGcCCnL03kyFQbZ6u07k6uqWDbfstT8xTcDjStjfvZfAVT4tq6iQD7VyYClS62RYIOaSYeVaajtCOJI2ZAngI7g21cv664GdrhyQBbYA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
cf-ray
78c9132a4f21163e-FRA
expires
Tue, 29 Aug 2023 06:10:13 GMT
jetpack.css
adncaraota.com/wp-content/plugins/jetpack/css/ 		84 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adncaraota.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.2
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48fdcad6248cad75d16876289b4543334d70d7aab6c06f79160034568468f813
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
content-encoding
br
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sun, 21 Aug 2022 23:25:30 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
W/"14eba-6302beea-cc9e521bd40c4a64;gz"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vivUbFkV5bxI9nyQxe8kexwDCo1QbVLNVjvONm4BRvmZ0NP5kwEik7cPwmbMFNswWL7ZPdG4DpT%2FcdpsCgyR0prBdhtmPGF8b0VuJIipOBEjlxG7ZaZvz4K0wXTNWsB9p5CcEGHWj2EftPBsQA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
cf-ray
78c9132a4f22163e-FRA
expires
Tue, 22 Aug 2023 06:02:22 GMT
jquery.min.js
adncaraota.com/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adncaraota.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
content-encoding
br
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
W/"15db1-6048e0ac-953a69cf7b9ca8bb;gz"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPBo23P0gtsdUBB7LPQ5TMxIcpWmck%2FwlDFXJf2Re7FlzLqtX0wvBHbLFxRpCBRy%2BhxJKcByek4XdmTkMxQQMqHqGxEDh4h7tK2PqpoCD%2BZosLobvhqkzDYfz%2FxHK2mqVf47fBAygfag0Cwg4g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
cf-ray
78c9132a4f23163e-FRA
expires
Thu, 31 Aug 2023 08:45:39 GMT
64e9ac17963d90335ac41facfcd9bd1e.js
adncaraota.com/wp-content/litespeed/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adncaraota.com/wp-content/litespeed/js/64e9ac17963d90335ac41facfcd9bd1e.js?ver=34efd
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5651b43b4e8e488d108feb52c447449fb94668c833bc8099951ffa55e0d7e9a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
content-encoding
br
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sun, 11 Dec 2022 00:15:02 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
W/"2bd8-63952106-4c6beabfcd05de9a;gz"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=II2QWJpltmRgVFneDPWMkU3NwNdavJNjF3gLhvrxfPRVflrXqvPFmXg4%2FhTGR8SSFTsNB9XhqiD7F5XHv3w%2BcI6n9uJufcnLEp%2FqX7IJ0l6OoqPoX1kJJWUF53jesG%2F3tJG62YQVLNz8fur88A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
cf-ray
78c9132a5f28163e-FRA
expires
Mon, 11 Dec 2023 06:15:03 GMT
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-89380884-1
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7dbb49ddcd3b1e721208e2c26313ab67fe407a4efd941f1191b39f87d674dd79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43991
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 20 Jan 2023 16:09:30 GMT
pub.min.js
free.xjs.lol/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://free.xjs.lol/js/pub.min.js
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.178.23.114 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
99f43e50f4179af4ebf4c93668866d5a5607914fa0a5daa087354c3159d3fa03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Fri, 09 Sep 2022 11:46:08 GMT
server
nginx
etag
"631b2780-5ca"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
content-length
1482
expires
Sat, 21 Jan 2023 16:09:30 GMT
newglobal.sdk.min.js
tags.newdreamglobal.com/admanager/ 		179 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=www.caraotadigital.net
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.193.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16411906e723c15abd78a54488794aef148a12e4b777456f50efa50f6b68ce4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Oct 2022 18:17:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5503
etag
W/"63503f46-2cae3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fnw55MPKZ17Z8Jh3zB79X63c%2BuE%2BLZt6Wjp06oJACfaBrC%2BdyYXJoNz91vI%2B0KXpFmtPSqeQDWv3FvYSpEaWRqmLcAXmtl2JgvC3tsid3v2hJMc8Z0mfCWlsnDDTFO06QoNRQyXLAA7v5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800, s-maxage=86400, stale-while-revalidate=86400, must-revalidate
cf-ray
78c9132c8d942ba6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo-300x77-1.png
adncaraota.com/wp-content/uploads/2021/10/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2021/10/logo-300x77-1.png
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2be6e959e64d13635ca90a168d613e69ca369a3b901fc0ba391bf496b74876aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
age
1134161
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17420
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Tue, 05 Oct 2021 15:32:38 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"440c-615c7016-20075cdd03280e53;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfdnezIvhH4mBNuyDC5ZRi5Eek9WZ9Qy4qTAYoraam1TSWKJGSaVC7E0KLZNC4QynAP4d7o6lIR7xZH%2FKDW6JRpL38KyG6tJqMAZIZZA4ZGD12Fzqq0SxkOd7yA5owQmApiqZ%2FOvurYjdY3Mqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9132c4f48922b-FRA
expires
Tue, 29 Aug 2023 06:12:49 GMT
547473adb931eb626126b99697468140.js
adncaraota.com/wp-content/litespeed/js/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adncaraota.com/wp-content/litespeed/js/547473adb931eb626126b99697468140.js?ver=8c609
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25580bfd22d2f81f1890997d54a8ce7512aa189bdcb27aa9484768c86c8716b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
content-encoding
br
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sun, 11 Dec 2022 00:15:02 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
W/"49e0-63952106-fa0cc29651d08821;gz"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taZQ%2BTL%2BZgN3kZCaY%2F1%2Bpcmy%2FIHtxRfqEtHNYuC4VgrVyHMEZWGq6w5dXbQIuodx637d%2FvNUw%2B9OXQyzUXUkFO%2BS5xQSCU0N7bSQw2rHORG71OIjgw3JIS4hXhAE0yCcydNDFiC9XTYJsyTDag%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
cf-ray
78c9132c1eff922b-FRA
expires
Mon, 11 Dec 2023 06:15:04 GMT
0074160948a4955d147b7e81f9905275.js
adncaraota.com/wp-content/litespeed/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adncaraota.com/wp-content/litespeed/js/0074160948a4955d147b7e81f9905275.js?ver=73e8c
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45e0deda0bb673ef2511f37bab5b0f731ed0e348d6c3de1087c25173b42cffea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
content-encoding
br
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sun, 11 Dec 2022 00:15:02 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
W/"1495-63952106-e58438f259c752e3;gz"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hct8zm7Vdu2NqCkbrH%2BBKiYG7K0OhIZiMp4r%2Fb5kz5DG8DDknjF4d656k5ia21Jn44tV9av10uCwXRFpdeeuXP83AM0bUVSat8b%2BrKpbwpwdWPqtPYXHhe0Bb6fcwLWuNmPuI%2BGGOczZ3jOFRg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
cf-ray
78c9132c2f08922b-FRA
expires
Mon, 11 Dec 2023 06:15:04 GMT
28de4da28414088b5d2dadc0639da381.js
adncaraota.com/wp-content/litespeed/js/ 		274 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adncaraota.com/wp-content/litespeed/js/28de4da28414088b5d2dadc0639da381.js?ver=6ace3
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47d0207062ee7293f73e74183aab3403d0ada6eee7c68d393ad7f298e41c867
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
content-encoding
br
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sun, 11 Dec 2022 00:15:03 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
W/"449d5-63952107-2f17cc3af423b901;gz"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mid9DmFKhG0sr5GbaJc6RLxkJCNJHgdvmKNlT5a%2Ba%2FGVISPpRrU%2BwBq65RqoLfTlNox0VQvenXqguEpvvlZEE6ktZaHyYNk8RFaHsLWCil0npMn9cCOLj%2BiX16T%2BK%2BfMmOrw2JEV6P3G1ENqYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
cf-ray
78c9132c4f37922b-FRA
expires
Mon, 11 Dec 2023 06:15:04 GMT
c10f3a217d6e32b89920e6655106b57e.js
adncaraota.com/wp-content/litespeed/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adncaraota.com/wp-content/litespeed/js/c10f3a217d6e32b89920e6655106b57e.js?ver=8fc21
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a34a98a2d0b2823ca5b8d3602c02efa1ba0364d3bdb4549499cfb4f594a2f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
content-encoding
br
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sun, 11 Dec 2022 00:15:03 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
W/"ba6-63952107-a090f8d65848ed90;gz"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBGSeoi9ejYY8cHe%2B8fgKsOQng7HmAOGTWdFYbn8%2FMzAD9s04v0oSSUHmWwPlmgNj%2B1SX2fLkD2kcgTr2CTJw63nbpe9JG6xl0JUG2IOz394vn2HsNrrNLAMUnhH0BvbNNOP1UvX6SWYT2KHHw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
cf-ray
78c9132c4f3b922b-FRA
expires
Mon, 11 Dec 2023 06:15:04 GMT
c2b802f8bb343ffc6e32bd85d2e388cc.js
adncaraota.com/wp-content/litespeed/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adncaraota.com/wp-content/litespeed/js/c2b802f8bb343ffc6e32bd85d2e388cc.js?ver=3df1e
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfccafe0e38530273a45e5940e9ea883576a7ce1ffdf0f0b03945e847a23cec6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
content-encoding
br
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sun, 11 Dec 2022 00:15:03 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
W/"8e34-63952107-edc1de2d173ee907;gz"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2IUY4WbFzpjxWG3p2UHwfxsRtJycpMEyYwvl0DwTLMCKRWJ7qcyJPRGjoWm%2Ba6SN15KgS5TJ0YSwMsIw%2FskVUSGifdc5XQIUjVoBgTyoXebvIFv10uYJTLQ6mevfpUrygfiWzr9SgUSv6gegg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
cf-ray
78c9132c4f3e922b-FRA
expires
Mon, 11 Dec 2023 06:15:04 GMT
f2a8dcb69164aaf939d59a19e79c05d3.js
adncaraota.com/wp-content/litespeed/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adncaraota.com/wp-content/litespeed/js/f2a8dcb69164aaf939d59a19e79c05d3.js?ver=fe6e2
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a8be80052338003d7a5383011dd4b800b2ea657cc221e533202251ec7c9693
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
content-encoding
br
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sun, 11 Dec 2022 00:15:03 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
W/"4d9f-63952107-9bb77148f15a16b1;gz"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVQpH4hQFqvkMiauQwQQiMaRH9bW2YDjvCmvPoY%2FJYj3tWvdziGLSY4Sd8Qt%2FluhzKytH3VGFYXV8aiMIzo0Et3WfMoL9aZu9PRY15l%2BiRjVhwPs08BPgMDgpfZFcJIq8UuJbLT6L72XKLC9EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
cf-ray
78c9132c4f3f922b-FRA
expires
Mon, 11 Dec 2023 06:15:04 GMT
fa11c2ef29472a6160653ede83a5c398.js
adncaraota.com/wp-content/litespeed/js/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adncaraota.com/wp-content/litespeed/js/fa11c2ef29472a6160653ede83a5c398.js?ver=abce9
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39c820bba5e4e99b06b23c660de74b9d8110b86007e8645b5a21110f56aa57c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
content-encoding
br
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sun, 11 Dec 2022 00:15:03 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
W/"9cc9-63952107-69806d2d63a9df8d;gz"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gaSaOAwrFLv%2BazSxsdvdWkNJm2X02OapARKYyqSdkiqf6ycRYQfbVTZ2dGd8u6P285WBAZSlzy3AIxuO0E5MkzXyKQ8VmYnU5ITmWOR7ZDd7S2vE95kkHFAWDI8i28iLZUfQcLAi9ChXKfFDuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
cf-ray
78c9132c4f41922b-FRA
expires
Mon, 11 Dec 2023 06:15:04 GMT
8648e725bcab68bf34906bd7c6dc87a1.js
adncaraota.com/wp-content/litespeed/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adncaraota.com/wp-content/litespeed/js/8648e725bcab68bf34906bd7c6dc87a1.js?ver=84971
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e41e4e859658c300c741db4cbd6e3ecdfdc585dc5a5e7bb43c95af08828f2fbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
content-encoding
br
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sun, 11 Dec 2022 00:15:03 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
W/"5c5-63952107-a528837bc475d483;gz"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25iWuJIMPRloIFmX7Ad%2B1o%2BnoUqlcUjfTwvf9zxLcnkZKq7o4Sv8TrsqeTajpOkb6XDLzhsq6N4rqYYXCue62xR69pr41AIcntjNQtNO4fbd%2FmNYXj%2F1WIAX9aUqblnkXejkA%2F%2BA43PpLgFH4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
cf-ray
78c9132c4f42922b-FRA
expires
Mon, 11 Dec 2023 06:15:04 GMT
8d4b2cacf48855756895b9a27bd4929d.js
adncaraota.com/wp-content/litespeed/js/ 		71 B
873 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adncaraota.com/wp-content/litespeed/js/8d4b2cacf48855756895b9a27bd4929d.js?ver=29aff
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65d02dbb4c42a46f94539c26aa591fa11b4514ee88238f4bcf97c14cdb4ac6b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
content-encoding
br
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sun, 11 Dec 2022 00:15:03 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
W/"47-63952107-9d76b5c29031223b;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKyfcTa%2BGDNT7T78hC2%2Fu8%2FwEmheJNUaHff1oZGMRcGOhG%2FAsBC%2B6QGvkN6vv023zqc76O104LSfwtFQRZQ9Gg3EzfHFr8NGrl%2BWqjTtU3nNsmLK49axtWS%2F9eAFWxtK43VQT44ztivNevFN6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
cf-ray
78c9132c4f44922b-FRA
expires
Mon, 11 Dec 2023 06:15:04 GMT
1e21415ac873607aa7a0823974f95fd8.js
adncaraota.com/wp-content/litespeed/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adncaraota.com/wp-content/litespeed/js/1e21415ac873607aa7a0823974f95fd8.js?ver=0c29e
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8125a847e5c88bf83c55156399834fc731cc4312912489ff4839fe9a6c583e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
content-encoding
br
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sun, 11 Dec 2022 00:15:03 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
W/"13c0-63952107-ad3888612d935012;gz"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtuHpuohwH3m2ku948W8iD%2FMh7X4VH%2BinBw3RzRv9HW%2F6K%2BZ5R1o%2FN4L5B0ca0vshtxrO7BaXd9Kjbupz3s0oI2SwWbwP1nqykdedWa4d01lfNZezDAzzk2wsHeoiX5KEO7bQNqKOeJ4IssNaA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
cf-ray
78c9132c4f46922b-FRA
expires
Mon, 11 Dec 2023 06:15:04 GMT
0477ed2860e8285fe66c033dc6642aa6.js
adncaraota.com/wp-content/litespeed/js/ 		41 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adncaraota.com/wp-content/litespeed/js/0477ed2860e8285fe66c033dc6642aa6.js?ver=68fdd
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a66e353f9533a2c9c20b1df9da3bb3f19db620ab9773a7e1594cf67b79b7b82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
content-encoding
br
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sun, 11 Dec 2022 00:15:03 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
W/"a410-63952107-9417b1411ff54e86;gz"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMM%2BMS05b9FAvL0t9HPfqKKdYnAgfVdSl6HtIv5BiBLJJUVopBR%2BncyQ4ihZNHoYAdY6clWrUgTeqe74KZVJ5FuKEtfMbnGDqi6AoI2xY4BJF75bBIhcmZ2YdyCmkDVxgdb7MlLkd7N%2B8Z96mg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
cf-ray
78c9132c4f47922b-FRA
expires
Mon, 11 Dec 2023 06:15:04 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.0.3
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
3312
etag
W/"ae63ef8ff03da61fffaa7f165729897a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
78c9132c69d89277-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 23 Jan 2023 16:09:30 GMT
e-202303.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202303.js
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nc
HIT hhn
date
Fri, 20 Jan 2023 16:09:30 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 14 Jan 2024 09:18:26 GMT
atrk.js
certify-js.alexametrics.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-98.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 02:09:54 GMT
Content-Encoding
gzip
Via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C2
Age
11627977
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=26920000
Connection
keep-alive
X-Amz-Cf-Id
43aWmrqe7liWJ3VpEKmay6x1Q4QrAiKG5-s-F_kk2MDFojpLUL6bYw==
fa46d72636d271b3974b6be01333c50e.js
scripts.cleverwebserver.com/ 		131 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/fa46d72636d271b3974b6be01333c50e.js
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f14036c090fa298c52773b84223d9bb0f55ed6bfa48cae4fdcc23265f1f852f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
x-amz-version-id
TMWOiQzBLUu17EN3b0yO009hQzsebW8.
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 26 Dec 2022 01:36:14 GMT
server
cloudflare
x-amz-request-id
NWPDF7M0F1KE2KVM
etag
W/"cdb8b37033e8938b68518e1f91f7a060"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
78c9132c8a842bc6-FRA
x-amz-id-2
x26V9Wty4lO8zOEMGIMt0opZDt/586ilpld84fpwYbeLw8tzaXPHngtrl5TVAwLf4l/CeW4iOuI=
expires
Fri, 20 Jan 2023 16:39:30 GMT
apple-center.png
adncaraota.com/wp-content/uploads/2020/08/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2020/08/apple-center.png
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b36ebc1362d3555129167a16bedc847a673641830ca69de91ae720f696f101a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1477
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Tue, 22 Sep 2020 19:43:20 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"5c5-5f6a53d8-49c9c0b7a5652a6a;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCwm9eMWYvd4U8fV5wEC6pIIRW3yFZEFerexAHedm7mF3bNG%2FUCDNVkQhxW7%2FTj3X5mjeH2kV7ZDcb%2FD8jtlBrx0IekLwLjvkLqzHuzO5qLHTdtsOeHuUemgVPGNhYadhoW1XducAm30xVj3JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9132c4f4a922b-FRA
expires
Tue, 29 Aug 2023 07:16:18 GMT
newspaper.woff
adncaraota.com/wp-content/themes/Newspaper/images/icons/ 		28 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://adncaraota.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?20
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/wp-content/themes/Newspaper/style.css?ver=11.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://adncaraota.com/wp-content/themes/Newspaper/style.css?ver=11.5.1
Origin
https://adncaraota.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
content-encoding
br
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 12 May 2022 10:15:10 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
W/"703c-627cde2e-d39c7971214bc3a9;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Syx0AgwSZrctJ%2BqSzCdgpSPSyyd%2BMA4qwV3qDBTNAIkbnMoKDtwjqdZE6dfA7rbDYpOaxW7P1%2F8e7%2FRWT8xUS0bLPmlZFYr7gIKTssxwANy8ZCOAti5ZltN4e%2FtX6i59tpbHWTuXvsUUsSYhIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
cf-ray
78c9132c4f4b922b-FRA
expires
Wed, 23 Aug 2023 06:47:27 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRoboto%3A600%2C700%2C400%7CSource+Sans+Pro%3A900%2C400%7CMontserrat%3A400%7COxygen%3A700%2C400&display=swap&ver=11.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://adncaraota.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 05:09:29 GMT
x-content-type-options
nosniff
age
39601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Jan 2024 05:09:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRoboto%3A600%2C700%2C400%7CSource+Sans+Pro%3A900%2C400%7CMontserrat%3A400%7COxygen%3A700%2C400&display=swap&ver=11.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://adncaraota.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 13:14:53 GMT
x-content-type-options
nosniff
age
10477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Jan 2024 13:14:53 GMT
apple-left.png
adncaraota.com/wp-content/uploads/2020/08/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2020/08/apple-left.png
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5709d01258ca876940de2d4adb2d22944bdd08294acc62aeda0d8233330177bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1949
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Tue, 22 Sep 2020 19:43:20 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"79d-5f6a53d8-76176968e5247d69;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efGjVCUSzeOjGBP4Rha4oIerF5Asgzf%2F%2FmsdzL5XI233Pu1tOrMiidHLLwwV2G8%2Fq1KYsftFt4NP6JmljQzVXwJ4a8GHvMeAnVVJbLCiIypJFNt8UwlvXIERNAJxvvlG1OMqjA0GCkMnUpOzVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9132c6f70922b-FRA
expires
Tue, 29 Aug 2023 07:16:18 GMT
/
www.iapac.to/ Frame A8E1
Redirect Chain
  • https://bit.ly/3KXLqnq
  • https://www.iapac.to/
266 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b91ea362857bc25fc32d81a80617bf2e2cde60459413475977da961ec5008c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://adncaraota.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
78c9132eaca42be9-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:31 GMT
link
<https://www.iapac.to/wp-json/>; rel="https://api.w.org/" <https://www.iapac.to/wp-json/wp/v2/pages/2101>; rel="alternate"; type="application/json" <https://www.iapac.to/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FVGdE7VCCJkBnVLUIHxwFAA9R9Rb3A9tFhfUDtklpOM3I5dDHkFs7mS44O9bdcO7Vbh0a65vRGelk7YZzyDJPaGPmlGaoNpsuBH073e%2Fug0a01nAMdunSMmaUmwajurq9Zza2%2F9Qp1sKrA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
108
content-type
text/html; charset=utf-8
date
Fri, 20 Jan 2023 16:09:30 GMT
location
https://www.iapac.to/
server
nginx
via
1.1 google
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRoboto%3A600%2C700%2C400%7CSource+Sans+Pro%3A900%2C400%7CMontserrat%3A400%7COxygen%3A700%2C400&display=swap&ver=11.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://adncaraota.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 22:49:22 GMT
x-content-type-options
nosniff
age
235208
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 22:49:22 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRoboto%3A600%2C700%2C400%7CSource+Sans+Pro%3A900%2C400%7CMontserrat%3A400%7COxygen%3A700%2C400&display=swap&ver=11.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
080e18a8c761c3d30b7ec08aa65f87109a0228367eafd0a12fcefda58d10e8ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://adncaraota.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 17:14:22 GMT
x-content-type-options
nosniff
age
428108
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12408
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:54:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Jan 2024 17:14:22 GMT
atrk.gif
certify.alexametrics.com/ 		0
0
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.231.111 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-231-111.us-west-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
server
Server
adx
pubads.g.doubleclick.net/gampad/ 		2 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/1014896/geoip&sz=88x31&tile=2&dpt=1&c=2486491674231232573
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=www.caraotadigital.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e11066131581f19cd6717950c6483495007f3daab3b91dff4d07cd2619a3fba1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6
x-xss-protection
0
google-lineitem-id
4496728011
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138217650401
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://adncaraota.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89380884-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Jan 2023 14:21:47 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6463
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20085
expires
Fri, 20 Jan 2023 16:21:47 GMT
/
ui.cleverwebserver.com/ 		159 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db2963b3811bd47f67796a7784449445df013ca299929405afbfb2267fd95ea9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
78c9132dcd3f2bc6-FRA
content-type
application/javascript
2sDcZG1Wl4LcnbuCNWgzaGW5.woff2
fonts.gstatic.com/s/oxygen/v15/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oxygen/v15/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRoboto%3A600%2C700%2C400%7CSource+Sans+Pro%3A900%2C400%7CMontserrat%3A400%7COxygen%3A700%2C400&display=swap&ver=11.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5740bce57f68562d42e8ca6f6eb70dca3bc33be11ef0361e78274d360f41adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://adncaraota.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 14:10:40 GMT
x-content-type-options
nosniff
age
439130
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16172
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:30:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Jan 2024 14:10:40 GMT
www.caraotadigital.net.js
tags.newdreamglobal.com/admanager/cfg/2.0.0/ 		40 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.newdreamglobal.com/admanager/cfg/2.0.0/www.caraotadigital.net.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=www.caraotadigital.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.193.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64bd7474c39b90eb35f70dd654579311f3fc32ab42e13021cbfd0aa1a9b4a269
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-host
www.caraotadigital.net
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 20 Jan 2023 16:09:30 GMT
etime
0.0001 s
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET,POST,OPTIONS,HEAD,DELETE,PUT
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7D3BEMO25URuKsGX%2F21XG%2BIX3b77ukB0G8Jd%2BXnYjyKQyIh6QNNF6KOWOPph40cRr0LED9TBYimNMXbn5NVIL%2FONTnRjVzcMZQlkknrXeISsimEU%2F0l6UZ9eZajOMxup3KsTPTTV7EmPJA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Server, Content-Length, Content-Range, Date
cache-control
max-age=300, s-maxage=1800, must-revalidate, stale-while-revalidate=300, stale-if-error=600
x-server
ndg-grey-goose
access-control-allow-credentials
true
x-service
2.0.0
vary
Accept-Encoding
cf-ray
78c9132e19d09b31-FRA
access-control-allow-headers
DNT,X-CustomHeader,Origin,Keep-Alive,User-Agent,Content-Type, Accept,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Pragma
expires
Fri, 20 Jan 2023 16:14:30 GMT
/
lp.cleverwebserver.com/betano/de/sports/grp1/ Frame A308
Redirect Chain
  • https://sender.clevernt.com/transporter/64971.php?ppuc=1&ppu=0&id=651020&ref=aHR0cHM6Ly9hZG5jYXJhb3RhLmNvbS8%3D&ruri=&r=607724083&tok=33419711310201791433&t=1674230970&cmpId=&fb=0&wl=1&iv=-1&ctr=DE...
  • https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=651020&group=64971&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNWJfOTA0Y18mYWZmaWQ9NDMxJnNpdGVpZD04MjUmYWRpZD05MDQmYz1WRUFCSll...
1 KB
692 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=651020&group=64971&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNWJfOTA0Y18mYWZmaWQ9NDMxJnNpdGVpZD04MjUmYWRpZD05MDQmYz1WRUFCSllZRk1SQkFBREU%3D&ref=aHR0cHM6Ly9hZG5jYXJhb3RhLmNvbS8%3D&r=607724083
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
808718570cb51650c65f4bcdca017b5b84824f0557412dc175c0838f935edff7

Request headers

Referer
https://adncaraota.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=1800
cf-cache-status
MISS
cf-ray
78c9132f48392bc6-FRA
content-encoding
br
content-type
text/html
date
Fri, 20 Jan 2023 16:09:30 GMT
expires
Fri, 20 Jan 2023 16:39:30 GMT
last-modified
Thu, 19 Jan 2023 22:27:09 GMT
server
cloudflare
vary
Accept-Encoding
x-amz-id-2
iRksBHiWw3xvka8rmqoAThMPGvNPCq06YStAbIJ0HYRNGMx6t++RUmMVuSC5fMJaEXvkvb9Zhpw=
x-amz-request-id
G9N0SEENT776X2RH

Redirect headers

cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
content-type
text/html; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:30 GMT
expires
Fri, 27 Jun 1986 23:00:00 GMT
last-modified
Fri, 20 Jan 2023 16:09:30 GMT
location
https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=651020&group=64971&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNWJfOTA0Y18mYWZmaWQ9NDMxJnNpdGVpZD04MjUmYWRpZD05MDQmYz1WRUFCSllZRk1SQkFBREU%3D&ref=aHR0cHM6Ly9hZG5jYXJhb3RhLmNvbS8%3D&r=607724083
pragma
no-cache
server
nginx
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46336d17bc0deae32fd48d3697163d7845b46f846ef4b247fd01358d7f349a20

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
/
call.cleverwebserver.com/ 		43 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://call.cleverwebserver.com/?id=64971&c=DE&r=null&l=77&b=Chrome&os=Win10&mob=0&v=1.33.6&ref=aHR0cHM6Ly9hZG5jYXJhb3RhLmNvbS8%3D&ruri=&iv=-1&ctr=DE&sz=1200&wn=null&res=1600x1200
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
78c9132e5e4d2bc6-FRA
content-length
43
content-type
image/gif
collect
www.google-analytics.com/j/ 		4 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1540672396&t=pageview&_s=1&dl=https%3A%2F%2Fadncaraota.com%2F&ul=en-us&de=UTF-8&dt=Noticias%20de%20Venezuela%20y%20el%20Mundo%20-%20Caraota%20Digital&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=955039167&gjid=1052350395&cid=563312922.1674230971&tid=UA-89380884-1&_gid=1013771205.1674230971&_r=1&_slc=1&gtm=2ou1i0&z=1627467811
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://adncaraota.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2641
etag
W/"2f96824aee4bf927e734cc519e3e726d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
78c9132ead259277-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 23 Jan 2023 16:09:30 GMT
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A11.2&blog=189966777&post=478652&tz=-4&srv=adncaraota.com&host=adncaraota.com&ref=&fcp=704&rand=0.8350232029570257
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 20 Jan 2023 16:09:30 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
collect
stats.g.doubleclick.net/j/ 		4 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-89380884-1&cid=563312922.1674230971&jid=955039167&gjid=1052350395&_gid=1013771205.1674230971&_u=YEBAAUAAAAAAACAAI~&z=1775254494
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 20 Jan 2023 16:09:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://adncaraota.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
web
onesignal.com/api/v1/sync/063e64e5-2c1e-4735-8374-7e343c03b045/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/063e64e5-2c1e-4735-8374-7e343c03b045/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f92254fef830040210b7cc346ceaf3771b4a1a39a27575a4c0cc40c6a6ef68f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
9c53b759-217e-4d7b-bb68-10bcd6acd3f3
x-runtime
0.019199
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"0f92254fef830040210b7cc346ceaf37"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
78c9132f0db09277-FRA
access-control-allow-headers
SDK-Version
expires
Fri, 20 Jan 2023 17:09:30 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-89380884-1&cid=563312922.1674230971&jid=955039167&_u=YEBAAUAAAAAAACAAI~&z=708088058
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-89380884-1&cid=563312922.1674230971&jid=955039167&_u=YEBAAUAAAAAAACAAI~&z=708088058
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
style.css
lp.cleverwebserver.com/betano/de/sports/grp1/ Frame A308 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/betano/de/sports/grp1/style.css?v=3
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=651020&group=64971&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNWJfOTA0Y18mYWZmaWQ9NDMxJnNpdGVpZD04MjUmYWRpZD05MDQmYz1WRUFCSllZRk1SQkFBREU%3D&ref=aHR0cHM6Ly9hZG5jYXJhb3RhLmNvbS8%3D&r=607724083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e16cf57d5864a0923be893617f104cda5486ea3b4eb1f8a1d402a9debd74eb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=651020&group=64971&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNWJfOTA0Y18mYWZmaWQ9NDMxJnNpdGVpZD04MjUmYWRpZD05MDQmYz1WRUFCSllZRk1SQkFBREU%3D&ref=aHR0cHM6Ly9hZG5jYXJhb3RhLmNvbS8%3D&r=607724083
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Thu, 22 Dec 2022 17:33:45 GMT
server
cloudflare
x-amz-request-id
MRBWD0WV2F5EAQYE
cf-polished
origSize=10303
etag
W/"073bb6043f3339ac3a807ec409b6e0af"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=1800
cf-ray
78c9133009d12bc6-FRA
x-amz-id-2
2UdpL9Zix9j7AFd7jFwieCK1LNSxldqaQj1mVale3MFFmzYtOh+umR5SxxJakoK2fv7gZwWZetE=
expires
Fri, 20 Jan 2023 16:39:30 GMT
anzeige.svg
lp.cleverwebserver.com/betano/de/sports/grp1/imgs/ Frame A308 		1 KB
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/betano/de/sports/grp1/imgs/anzeige.svg?v=3
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=651020&group=64971&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNWJfOTA0Y18mYWZmaWQ9NDMxJnNpdGVpZD04MjUmYWRpZD05MDQmYz1WRUFCSllZRk1SQkFBREU%3D&ref=aHR0cHM6Ly9hZG5jYXJhb3RhLmNvbS8%3D&r=607724083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98af5e2d044165db4fe04e7a288c125ad78d50bd9e212ca6e520e5a55140e869

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=651020&group=64971&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNWJfOTA0Y18mYWZmaWQ9NDMxJnNpdGVpZD04MjUmYWRpZD05MDQmYz1WRUFCSllZRk1SQkFBREU%3D&ref=aHR0cHM6Ly9hZG5jYXJhb3RhLmNvbS8%3D&r=607724083
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 22 Dec 2022 17:33:45 GMT
server
cloudflare
x-amz-request-id
MRBGBVDTMQ0W4K01
etag
W/"3e9d1a10a1056de77db1bab72b55ef1c"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
78c9133009d62bc6-FRA
x-amz-id-2
34TStPYpWQ2Abnkoqi2ouOB+KQWPdiBTucw6lEcS9/S2Jp5cAE+MYeEoz3sJceAKjjQKXXTfjTE=
expires
Fri, 20 Jan 2023 16:39:30 GMT
copy.svg
lp.cleverwebserver.com/betano/de/sports/grp1/imgs/ Frame A308 		59 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/betano/de/sports/grp1/imgs/copy.svg?v=3
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=651020&group=64971&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNWJfOTA0Y18mYWZmaWQ9NDMxJnNpdGVpZD04MjUmYWRpZD05MDQmYz1WRUFCSllZRk1SQkFBREU%3D&ref=aHR0cHM6Ly9hZG5jYXJhb3RhLmNvbS8%3D&r=607724083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
633b156edd6a32c425a6208ab23dd393267ba2ee301308afe7c64aca4d4dc223

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=651020&group=64971&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNWJfOTA0Y18mYWZmaWQ9NDMxJnNpdGVpZD04MjUmYWRpZD05MDQmYz1WRUFCSllZRk1SQkFBREU%3D&ref=aHR0cHM6Ly9hZG5jYXJhb3RhLmNvbS8%3D&r=607724083
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Dec 2022 17:33:45 GMT
server
cloudflare
x-amz-request-id
MRBZ9MBSQAVGAV6S
age
966
etag
W/"7f803ad83ee753fad0274978d34e95d1"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
78c9133009d92bc6-FRA
x-amz-id-2
NJotnUCBjit5tnv9YvOpHEv3/AUdP/DQQCtdVsvAF8Rgd8s1iLjVDiEnwKsr3V3jyC1R0WNn6x0=
expires
Fri, 20 Jan 2023 16:39:30 GMT
copy-push.svg
lp.cleverwebserver.com/betano/de/sports/grp1/imgs/ Frame A308 		59 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/betano/de/sports/grp1/imgs/copy-push.svg?v=3
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=651020&group=64971&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNWJfOTA0Y18mYWZmaWQ9NDMxJnNpdGVpZD04MjUmYWRpZD05MDQmYz1WRUFCSllZRk1SQkFBREU%3D&ref=aHR0cHM6Ly9hZG5jYXJhb3RhLmNvbS8%3D&r=607724083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d63715c3e74f56f56f02445733f7d1e1ba3332d37d4e2cb0cfac2b14ef85dc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=651020&group=64971&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNWJfOTA0Y18mYWZmaWQ9NDMxJnNpdGVpZD04MjUmYWRpZD05MDQmYz1WRUFCSllZRk1SQkFBREU%3D&ref=aHR0cHM6Ly9hZG5jYXJhb3RhLmNvbS8%3D&r=607724083
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Dec 2022 17:33:45 GMT
server
cloudflare
x-amz-request-id
MRBXKG6DDC3TJ6XB
age
966
etag
W/"ce447a43d49084fb0a8eb2d04e2cec1a"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
78c9133009db2bc6-FRA
x-amz-id-2
swDsk5tSJfDEAfDQz5dcTtI6lXkUO0BL0lalMdjV32beKb7Uez6CM7kv142HoLOSGXNB0Nbayf8=
expires
Fri, 20 Jan 2023 16:39:30 GMT
rocket-loader.min.js
lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame A308 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=651020&group=64971&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNWJfOTA0Y18mYWZmaWQ9NDMxJnNpdGVpZD04MjUmYWRpZD05MDQmYz1WRUFCSllZRk1SQkFBREU%3D&ref=aHR0cHM6Ly9hZG5jYXJhb3RhLmNvbS8%3D&r=607724083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=651020&group=64971&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNWJfOTA0Y18mYWZmaWQ9NDMxJnNpdGVpZD04MjUmYWRpZD05MDQmYz1WRUFCSllZRk1SQkFBREU%3D&ref=aHR0cHM6Ly9hZG5jYXJhb3RhLmNvbS8%3D&r=607724083
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 13 Jan 2023 23:34:08 GMT
server
cloudflare
etag
W/"63c1ea70-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
78c9133009dc2bc6-FRA
expires
Sun, 22 Jan 2023 16:09:30 GMT
css
fonts.googleapis.com/ Frame A308 		8 KB
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/style.css?v=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
19d4fa5e5f7164cfa51ca5e06216f551c4905d14ee02301a5ad2bb70272b7a3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 20 Jan 2023 16:09:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 14:19:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 20 Jan 2023 16:09:30 GMT
clever-core-other.js
lp.cleverwebserver.com/ Frame A308 		1 KB
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/clever-core-other.js
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc75c92c970b9b9b4ea98bdce25142d32aee462d66d6e04090e78e299957f365

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=651020&group=64971&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzgyNWJfOTA0Y18mYWZmaWQ9NDMxJnNpdGVpZD04MjUmYWRpZD05MDQmYz1WRUFCSllZRk1SQkFBREU%3D&ref=aHR0cHM6Ly9hZG5jYXJhb3RhLmNvbS8%3D&r=607724083
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
P5EC229YF2ADY7KX
age
495
cf-polished
origSize=2002
x-amz-id-2
4ERg/P1L/tDYBQr7n50+awF353gqt75ZV8ruJDfehWBY8AundYsYht/ZAXo6opcts0+cA2sAuQk=
cf-bgj
minify
last-modified
Thu, 19 Jan 2023 22:27:21 GMT
server
cloudflare
etag
W/"0625f7f83d53fd3b06d4460137a2bc86"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=1800
cf-ray
78c91330dbc82bc6-FRA
expires
Fri, 20 Jan 2023 16:39:31 GMT
bg-mobile.jpg
lp.cleverwebserver.com/betano/de/sports/grp1/imgs/ Frame A308 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/betano/de/sports/grp1/imgs/bg-mobile.jpg?v=3
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/style.css?v=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c765a4d7cb40a19bd835baffa38cdff9c608ba2c391348f8dbd982e043fa54a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/betano/de/sports/grp1/style.css?v=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
N4GRBNR0JVVRQQ8K
cf-polished
origFmt=jpeg, origSize=143697
content-disposition
inline; filename="bg-mobile.webp"
content-length
106594
x-amz-id-2
WmLJitGo6SEFO81i2zjrRiL9G+ZQlpes71BUeXlLJQPks54JhnY+4sAs7wBH+GyneAGkL4q1rn0=
cf-bgj
imgq:100,h2pri
last-modified
Thu, 12 Jan 2023 16:13:57 GMT
server
cloudflare
etag
"ca4026f2a473e6f0f1b5f0fd097c0312"
vary
Accept
content-type
image/webp
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
78c91330dbce2bc6-FRA
expires
Fri, 20 Jan 2023 16:39:31 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame A308 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lp.cleverwebserver.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 22:49:22 GMT
x-content-type-options
nosniff
age
235209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 22:49:22 GMT
stickynonload.js
tags.newdreamglobal.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.newdreamglobal.com/stickynonload.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=www.caraotadigital.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.193.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56d25cdb8fcd743018954ccbdec1701c7cf814243719132103e8d6b39634dbf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 13 May 2021 17:07:08 GMT
server
cloudflare
age
33525
etag
W/"609d5cbc-dbf"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQtMESP9t1QDK7iostUM9LQoj4yf3fClHi%2FQAYAdCXqba5jjdxwF6vSvlBmryyi9qCyhE2wjWFGK5XaMve3DqqNVlr4gaRC%2FmexthS5Mssmmq09s3yVKs9vQFtslzcnWuyeUPtWepfKrSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=86400, stale-while-revalidate=3600, must-revalidate
cf-ray
78c91331283d2ba6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
gtsur.newglobal.dfp1.2.0.min.js
tags.newdreamglobal.com/viewability/ Frame 0DB5 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.newdreamglobal.com/viewability/gtsur.newglobal.dfp1.2.0.min.js?v=1.1.4.3
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=www.caraotadigital.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.193.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5078fe3251e3f037b896dffa0fbbfdc2450d21ac8da9e3794f77aed7a1a7918

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Jan 2022 13:08:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
40644
etag
W/"61d6e9ce-3c9f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4EzBEdXavz%2BkQU5Jb0hzq4Dnly%2BvKfcsfoPnErEAbC3CKBoAjzDm48wGntUB4uu%2BL5RMggU%2BNMmS%2B1ZmDB%2FnUwF%2BXWTvvJzZoJzl3RqZYb76LOc7omnhT5CTxaqkweqVoyC3ZEMkLYjwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=86400, stale-while-revalidate=3600, must-revalidate
cf-ray
78c9133128512ba6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
gpt.js
www.googletagservices.com/tag/js/ Frame 0DB5 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=www.caraotadigital.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fa1cd1ead9e7d49e3226830297e4303c8f5cf9ec854afdfd33d2b0782e02fb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27773
x-xss-protection
0
server
sffe
etag
"1457 / 974 of 1000 / last-modified: 1674216530"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 20 Jan 2023 16:09:31 GMT
connatix.playspace.dc.js
cds.connatix.com/p/216099/ Frame 5BF2
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/216099/connatix.playspace.dc.js
1 MB
232 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/216099/connatix.playspace.dc.js
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bb5a8101ef0e236335a8b755d9b9c4d20251574bbcc81db1ad26a24ebd579321

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
br
last-modified
Fri, 20 Jan 2023 14:28:38 GMT
age
5917
etag
"224542c15fbbeeed63b7b369c8be5744"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
237452

Redirect headers

location
https://cds.connatix.com/p/216099/connatix.playspace.dc.js
date
Fri, 20 Jan 2023 16:09:31 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
access-control-max-age
86400
tag
a.teads.tv/page/130124/ 		770 B
824 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/130124/tag
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=www.caraotadigital.net
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2ae87de7e1d989a91608161cc59a43be6814c831f708dcb18ea75ca9a3467b35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
482
expires
Fri, 20 Jan 2023 17:09:31 GMT
caraotadigitalus_17709.js
ads.vidoomy.com/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/caraotadigitalus_17709.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=www.caraotadigital.net
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.19.54.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-54-139.us-east-2.compute.amazonaws.com
Software
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
23a52160454c8881beb890d62b32823d1a9e73eafef0d26b5081601d1cdff270

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:31 GMT
Server
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
4994
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9da88e942e6aee489526e53e74f2eebe0788e57037a3056a4e883014f326d7d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
Betano-DE.aspx
www.betano.de/promos/de/ Frame 832B
Redirect Chain
  • https://gml-grp.com/C.ashx?btag=a_825b_904c_&affid=431&siteid=825&adid=904&c=VEABJYYFMRBAADE
  • https://gml-grp.com/C.ashx?btag=a_825b_904c_&affid=431&siteid=825&adid=904&c=VEABJYYFMRBAADE&AutoR=1
  • https://www.betano.de/promos/de/Betano-DE.aspx?btag=a_825b_904c_VEABJYYFMRBAADE&utm_medium=431&utm_source=2&siteid=825
  • https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=825
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=825
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/clever-core-other.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1948b809a04912efd39b9d82e7029245446aab614b635d9a59aa5c70746926a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lp.cleverwebserver.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
55
cf-cache-status
HIT
cf-ray
78c913331be99a2d-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 20 Jan 2023 16:09:31 GMT
last-modified
Fri, 20 Jan 2023 16:08:36 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-farm
ce4
x-xss-protection
1; mode=block

Redirect headers

age
0
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
78c91332ab0d9a2d-FRA
content-type
text/html; charset=utf-8
date
Fri, 20 Jan 2023 16:09:31 GMT
location
/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=825
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-cacheable-status
302
x-content-type-options
nosniff
x-farm
ce4
x-xss-protection
1; mode=block
pubads_impl_2023011101.js
securepubads.g.doubleclick.net/gpt/ Frame 0DB5 		383 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64f9e98a68d94c6ee1bdaee26992bd796d293641ad202e3d311c146dabe3b67d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 15:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1012
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132552
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 09:35:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 Jan 2024 15:52:39 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 0DB5 		113 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=adncaraota.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99d671015b498de1c0a5a9600f801e7c108fdc4b1e3432f91b8d4beb9c4f2b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75
x-xss-protection
0
expires
Fri, 20 Jan 2023 16:09:31 GMT
teads-format.min.js
a.teads.tv/media/format/v3/ 		594 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/130124/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
319b4b95139277e09f7940a3ca91e18ced75b6b087805fe6ac8924f51ae70d49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
br
last-modified
Thu, 19 Jan 2023 09:22:33 GMT
x-amz-request-id
S7W9PJR4A5GEV4HE
etag
"052fbed992fd55de0d86d718a0a02cf1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
8
accept-ranges
bytes
content-length
132572
x-amz-id-2
WAohBSS5WWtybslv8jCEo0qbcFNVeDfMPDz3OEEdeWLNXtButI5IySU0jCdc+LGkKUmGMCbTuug=
expires
Fri, 20 Jan 2023 16:39:31 GMT
integrator.js
adservice.google.de/adsid/ Frame 0DB5 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=adncaraota.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0DB5 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adncaraota.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 0DB5 		692 B
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2714852773784309&correlator=3026855064342136&eid=31071150%2C31071600&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fif&iu_parts=12119045%2Cflotante&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=1707536325&sfv=1-0-40&prev_scp=site%3Dadncaraota.com%26geo%3Drm&sc=1&cookie_enabled=1&abxe=1&dt=1674230971368&lmt=1674230971&dlt=1674230971062&idt=279&adxs=650&adys=9582&biw=1600&bih=1200&isw=1600&ish=1&scr_x=0&scr_y=0&btvi=1&ucis=xfxgwyqi41gm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fadncaraota.com%2F&ref=https%3A%2F%2Fadncaraota.com%2F&top=https%3A%2F%2Fadncaraota.com%2F&frm=23&vis=1&psz=1600x50&msz=300x-1&fws=4&ohw=300&ga_vid=563312922.1674230971&ga_sid=1674230971&ga_hid=929813263&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98d60902450f33760e812c292cba852a01906856a630f14bfe597135b7087de3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://adncaraota.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
851d37d4b44b7dd00bfaaa7f382c6c5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 758D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://851d37d4b44b7dd00bfaaa7f382c6c5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adncaraota.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 16:09:31 GMT
expires
Sat, 20 Jan 2024 16:09:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
track
t.teads.tv/ 		23 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=160652a4-057b-4db7-89ae-76e1f5512961&pageId=130124&pid=142895&debug_metadata=ZlCpuF0pGt&fv=1122&ts=1674230971414&f=1&referer=https%3A%2F%2Fadncaraota.com%2F
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=160652a4-057b-4db7-89ae-76e1f5512961&pageId=130124&pid=142895&slot=corner&fv=1122&ts=1674230971419&f=1&referer=https%3A%2F%2Fadncaraota.com%2F
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Fri, 20 Jan 2023 16:09:31 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
ad
a.teads.tv/page/130124/ 		540 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/130124/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fadncaraota.com%2F&auctid=160652a4-057b-4db7-89ae-76e1f5512961&formatVersion=1122&env=js-web&netBw=9.4&ttfb=191
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3778272d51b41b5325e7adfe8c54c2e4c0df8ad20bb052a5f7cc6d37943a5911

Request headers

Accept
application/json; charset=UTF-8
Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
364
expires
Fri, 20 Jan 2023 16:09:31 GMT
css
fonts.googleapis.com/ Frame 832B 		8 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700,900&subset=cyrillic,greek
Requested by
Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c5e699934cfe12bf4a603217c46f701a31d4e6a3e11c0f32a83e2668b4d15e1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 16:09:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 20 Jan 2023 16:09:31 GMT
source-4.css
cdn.gmlinteractive.com/static-files/promos/css/ Frame 832B 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.gmlinteractive.com/static-files/promos/css/source-4.css
Requested by
Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b210 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5c7bf7bd941608a78b93872b8ac2508dc754dc6bf26271de549092826d7faa18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Apr 2022 10:05:18 GMT
server
cloudflare
age
5999
etag
W/"04382a58b4dd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-farm
14
cf-ray
78c91333ae949bc2-FRA
logo-de.svg
cdn.gmlinteractive.com/static-files/promos/ Frame 832B 		18 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.gmlinteractive.com/static-files/promos/logo-de.svg
Requested by
Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b210 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1353d3cfd641b4848f94b3bd3c3f936536718e2f53c91095d5f3cb9793e3354e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 Mar 2021 12:32:44 GMT
server
cloudflare
age
1958
etag
W/"03e13a4bb11d71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-farm
15
cf-ray
78c91333bebe9bc2-FRA
formats.js
ad.lkqd.net/vpaid/ Frame 56B2 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
gzip
x-sp-metadata
HS256.CMuVq54GEoUBCiQ5ZWFiN2RhMS1hMzFlLTQwMWYtYjdiZS0yNjk4NTgwYTZjODIQmOLbkZXR/AIaBgi7+aqeBiIKODEuOTUuNS4zNSiyugIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDU5OWJjYTAzLTk4YjEtNDgyMS05MzY0LWM0NWI5ZGNiYjcyNBi1lwIiGAgCEhRjZHMyODkuZnI4Lmh3Y2RuLm5ldA==.7j+Ac7KVnjw9rCt8kyLcHyYtZ4XfNy7CKTi0y481Zeg=
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1674230971.cds290.fr8.hn,1674230971.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame 2022 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
gzip
x-sp-metadata
HS256.CMuVq54GEoUBCiRiM2EyMzZlZC02MmQ0LTQ0OGQtOTYyMC1kYjRkOTBjYTY0N2UQmOLbkZXR/AIaBgi7+aqeBiIKODEuOTUuNS4zNSiyugIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDUyNzExNDRlLTQ2NjEtNDgyMi05OGQzLTc0NzU2NzQ0OTE3Nhi1lwIiGAgCEhRjZHMyODkuZnI4Lmh3Y2RuLm5ldA==.jM3GsyXB6phWvH9U+aBnU5kMOk/jzTfKyVbYWlc0fYg=
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1674230971.cds290.fr8.hn,1674230971.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
auto-user-sync
ads.stickyadstv.com/ 		43 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:31 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1674230971923016-342
Expires
Fri, 20 Jan 2023 16:09:31 GMT
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=692970506.23986851878994094.6441208
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=692970506.23986851878994094.6441208
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3Dd6a150f5-36dc-49d6-bf28-5da25dcbf75...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=5a0163ca-bcbb-4500-a947-113b34a33c4d&expires=30&ssp=vidoomy&bsw_param=d6a150f5-36dc-49d6-bf28-5da25dcbf756&gdpr=&gdpr_consent=
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=d6a150f5-36dc-49d6-bf28-5da25dcbf756
43 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=d6a150f5-36dc-49d6-bf28-5da25dcbf756
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Server
3.123.54.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-54-53.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
content-encoding
none
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
43

Redirect headers

location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=d6a150f5-36dc-49d6-bf28-5da25dcbf756
date
Fri, 20 Jan 2023 16:09:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58610/occ
  • https://ups.analytics.yahoo.com/ups/58610/occ?verify=true
  • https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-XDbybhBE2uE6_mhjWQ0GPg4Pi.FHEaScEfeQnEE-~A
43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-XDbybhBE2uE6_mhjWQ0GPg4Pi.FHEaScEfeQnEE-~A
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Server
3.123.54.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-54-53.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
none
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
43

Redirect headers

location
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-XDbybhBE2uE6_mhjWQ0GPg4Pi.FHEaScEfeQnEE-~A
date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=www.caraotadigital.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
315f3bfce8194c7da7fe7670b94aea00ca4f08051bccf68229806f4deb545a96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27768
x-xss-protection
0
server
sffe
etag
"1457 / 21 of 1000 / last-modified: 1674216530"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 20 Jan 2023 16:09:31 GMT
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adCall&pid=142895&pageId=130124&auctid=160652a4-057b-4db7-89ae-76e1f5512961&vid=00000000-0000-0000-0000-000000000001&env=js-web&bsg=uncat&bsias=uncat&rpm_reason=12&p=1biElNhzHQSeaMv9V-2N3C6i&cts=1674230971461&cs=885573586658741188705&fv=1122&ts=1674230971516&referer=https%3A%2F%2Fadncaraota.com%2F
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Fri, 20 Jan 2023 16:09:31 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
gtm.js
www.googletagmanager.com/ Frame 832B 		313 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Requested by
Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8a20a547740ca269c5b876c6c5c28f4e628a513dfc1a1d987065af962a5dba42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99721
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 20 Jan 2023 16:09:31 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0DB5 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d36bf948c72a91f8e605bbf3e1b80a78978ad70ef5ce130b3c5326c16179533c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11002
x-xss-protection
0
pubads_impl_2023011101.js
securepubads.g.doubleclick.net/gpt/ 		383 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64f9e98a68d94c6ee1bdaee26992bd796d293641ad202e3d311c146dabe3b67d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 15:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1012
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132552
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 09:35:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 Jan 2024 15:52:39 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		215 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=adncaraota.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f7b92fabec21b0fe79c58794253b214f4bfe1d5a1f86f1a708e98cb7a0b0b45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130
x-xss-protection
0
expires
Fri, 20 Jan 2023 16:09:31 GMT
prebid7.25.0.js
tags.newdreamglobal.com/admanager/ 		473 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=www.caraotadigital.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.193.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ae1bc187a25252e5c4dcb33e066bfdcd29c2369b971072e08c07a7c1dff9a3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6322
cf-polished
origSize=485049
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 17 Nov 2022 11:24:26 GMT
server
cloudflare
etag
W/"637619ea-766b9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdTJ4JXMCEHg1%2Fi1vXVdtB8INVyhoNBRoK8HgrGv%2BaFk7gD3uawQ0Sh9F3%2BVR9T5zujSIIEwQOziqjFmlH9OsjX5aKp78HPkRRCQuz6cfsSm9BWsebjplfhw%2FUNbJBUTr43PIvGLphCmVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=86400, stale-while-revalidate=3600, must-revalidate
cf-ray
78c913345b109007-FRA
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/ Frame 832B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?random=1674230971611&cv=11&fst=1674230971611&bg=ffffff&guid=ON&async=1&gtm=2wg1i0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D825&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f475a72b76b33337f011368d533d32a18606f397e6db25adcd47d63f0df88e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
912
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame 832B 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Jan 2023 14:21:47 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6464
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20085
expires
Fri, 20 Jan 2023 16:21:47 GMT
scevent.min.js
sc-static.net/ Frame 832B 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.120.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-120-247.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
4873b20f1a4561114f55aa1114e0bb530bd87e12054a8159446b4aff75c48c2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
gzip
via
1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P2
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
13268
x-amz-cf-id
TfJmokq9vBbO8tJTOiZnPR7jhrFId6RPm3q7QYyDMWk-PJuQCCfPUg==
fbevents.js
connect.facebook.net/en_US/ Frame 832B 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ef8f067f829af7c95936a36f38e54c98ab090f937f5557e4c78829ed8fcf5ffd
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 20 Jan 2023 16:09:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27859
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
TERtDw84qxnAPZqMCbf7+2k8x/q5V/DFw5v6v70nxXcqnMRM6E6a0IU9T7lPSoaLsDz/DPfVaU5ytNrQ5z/ITw==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
activityi;dc_pre=CM_S3rLE1vwCFa9GHgIdtW4F6g;src=12738953;type=despo0;cat=despo0;ord=4584660124607;gtm=2wg1i0;~oref=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26ut...
12738953.fls.doubleclick.net/ Frame 85F1
Redirect Chain
  • https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=4584660124607;gtm=2wg1i0;~oref=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%2...
  • https://12738953.fls.doubleclick.net/activityi;dc_pre=CM_S3rLE1vwCFa9GHgIdtW4F6g;src=12738953;type=despo0;cat=despo0;ord=4584660124607;gtm=2wg1i0;~oref=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FB...
460 B
607 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12738953.fls.doubleclick.net/activityi;dc_pre=CM_S3rLE1vwCFa9GHgIdtW4F6g;src=12738953;type=despo0;cat=despo0;ord=4584660124607;gtm=2wg1i0;~oref=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D825?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
4096a6628067ac9e305e96b2d7e1e67e3c8e29a9c867aae3b4002a065739d0c3
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.betano.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
268
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 16:09:31 GMT
expires
Fri, 20 Jan 2023 16:09:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 16:09:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12738953.fls.doubleclick.net/activityi;dc_pre=CM_S3rLE1vwCFa9GHgIdtW4F6g;src=12738953;type=despo0;cat=despo0;ord=4584660124607;gtm=2wg1i0;~oref=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D825?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
trackpoint-async.js
s2.adform.net/banners/scripts/st/ Frame 832B 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 10:23:25 GMT
server
nginx
x-amz-request-id
tx000004b52a83511f9122d-006385e0d4-32940f80-default
etag
W/"83eb5fafaa212c785f7393188ff817aa"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
bat.js
bat.bing.com/ Frame 832B 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 20 Jan 2023 16:09:31 GMT
last-modified
Mon, 05 Dec 2022 17:15:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5B70F603C0954A6281ACB8F5273C5562 Ref B: FRA31EDGE0615 Ref C: 2023-01-20T16:09:31Z
etag
"027e538cd8d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11460
mgsensor.js
a.mgid.com/ Frame 832B 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mgid.com/mgsensor.js?d=1674230971643
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcc6b633543bcc378409b05b180dd30d3d8104624c0948612f7ea501b103fe25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
3f73c269-a968-46d6-a7d7-ac5937f5d96b
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cf-ray
78c913354f32732a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ Frame 832B 		208 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W0C280Z7PP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
afb5164ee1c645847bf848aa89321cf08cb03285cc8dc2b59ab3947f9f859573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74735
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Jan 2023 16:09:31 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0DB5 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 16:09:31 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame C2B5 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Fri, 20 Jan 2023 16:09:31 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1674230971.cds290.fr8.hn,1674230971.cds288.fr8.c
x-sp-metadata
HS256.CMuVq54GEoUBCiQwZGE1Mzc5ZC1hYzI0LTRmMDktOWQ3Mi0wNGNlM2VjMGFiNzcQmOLbkZXR/AIaBgi7+aqeBiIKODEuOTUuNS4zNSiyugIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDA5NTc5NzNhLTBmNTUtNGY3NS05NzBjLTc3ZjE3ZjE5NDRiNRjaDiIYCAISFGNkczI4OC5mcjguaHdjZG4ubmV0.cqXHb63ghPQvhn0BeqEbPlnKQafmomKwdIOsk/wzHDY=
ad
v.lkqd.net/ Frame 2022 		180 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1149380&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fadncaraota.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56318%2C1%2C&c4=true&c5=&c6=56318&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=52869533&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
usync.html
ad.lkqd.net/cookie-sync/ Frame 8DEA 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Fri, 20 Jan 2023 16:09:31 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1674230971.cds290.fr8.hn,1674230971.cds288.fr8.c
x-sp-metadata
HS256.CMuVq54GEoUBCiQ2NmY2ZThiNC1kZjJiLTQxMjMtYTk2ZS05MTI2OGFlMThlMWUQmOLbkZXR/AIaBgi7+aqeBiIKODEuOTUuNS4zNSiyugIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDAxZjdiOGFlLWJhNmMtNDA5ZS1hNTc0LTczYTg1ZGI4YWQwOBjaDiIYCAISFGNkczI4OC5mcjguaHdjZG4ubmV0.pTL+eYxPCao/m2Ifty0WjYUeVnojj5xAeNOxK483jzc=
ad
v.lkqd.net/ Frame 56B2 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1149379&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fadncaraota.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56318%2C1%2C&c4=true&c5=&c6=56318&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=53221981&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
d6ce1e9f88828a127605a5789cabae0675ed332f11606aa866419c7d4cb20b7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1404
main.min.css
www.iapac.to/wp-content/plugins/jck-woo-quickview/assets/frontend/css/ Frame A8E1 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/jck-woo-quickview/assets/frontend/css/main.min.css?ver=5.9.5
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d014a487d1035bdf8f9c6ac043819594839e27a2ba90dd9f287b851db93f0bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 18 Sep 2019 04:10:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5d81ae32-41d5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bj1x1%2BNegrtizFHdi%2BZTKkEgMC2O9UC2hiYzoJt%2F3JV5w7MHC9iB%2BwqQtkpSC26lNxoIeV1%2B0mqEHk4dPQZn%2FaS45Z0yS47xvziO5W%2Bhjd5kSRYx3SGgtFiqXRD6wP9%2B8jFxmP%2F9BYYXcpc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
78c913354b322be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
style.min.css
www.iapac.to/wp-includes/css/dist/block-library/ Frame A8E1 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-includes/css/dist/block-library/style.min.css?ver=5.9.5
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 14 May 2022 13:08:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"627fa9bb-145db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2F225xhkMf0F3LEXMc3YHjcu%2BV5KgvystF0DgLYawUe461voYUj6tyot7x%2F72USMv5aKqKaNz68zEnjAlPfk3xqRog8XwMHSLbxy6ccwVS%2BMOB6v9DwSegMXrHZ5YjS2sSp9Bdc9oG5JZrc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
78c913354b332be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
wc-blocks-vendors-style.css
www.iapac.to/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ Frame A8E1 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.4.3
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b7693154069c53a16468d09d89c9eba5da6c0dfc69cf4d7eb675e32ba663361
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 16 May 2022 11:18:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6282331d-1345"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2FRy7zE%2BY4le4n0uSh8U1crdlW65s6dDfTnP23NFBc7BprWMvTLGp0cfoE8XMcAsvMj9ZIHTxKQSdpX5mjztSo8gWoDc89cKoSCNGiRLblR2xx%2FGydTeonIwbCmy6PdWVvehmeArDDxBZDc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
78c913354b342be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
wc-blocks-style.css
www.iapac.to/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ Frame A8E1 		204 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.4.3
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4e0d1e486e663ad600a8c68224f47051bbc27412e497a07e7a769fcde1a4269
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 16 May 2022 11:18:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6282331d-33162"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nojmXrhnNJO1ELW6QkhQIJsXTtQoDw0LXooHyeREHDCGwzrYWvzqQ6egirWMIH4ZjRXBnQrRSvVzuDSNeprdegnE7jF0HfpoG%2BjHvTrXUETImBp0SQsfukdMmxu61H3QMGBms23NHLFlxM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
78c913354b382be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
jquery.selectBox.css
www.iapac.to/wp-content/plugins/yith-woocommerce-wishlist/assets/css/ Frame A8E1 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
875614250bc202cfce4176b3abc9bbc5ae9932c76e83145e1247928d295cd694
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 18 Sep 2019 04:10:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5d81ae23-df4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8ybMqw0YAG15uqXLcf%2Bm1nRKBQha1b1heYO5ApwbreB5ssaNcTayVhM1nzBPaUX1DiO6uxJ%2BZDjAvUOni8tT3PPzf9ocmIwZx9X27FvNvpjhrhdB21f9mXganiSwD1vxjhRgy897uzX0gE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
78c913354b3a2be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
font-awesome.min.css
www.iapac.to/wp-content/plugins/yith-woocommerce-wishlist/assets/css/ Frame A8E1 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 18 Sep 2019 04:10:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5d81ae23-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3c6ZmVBlIVIMbmCceWyA%2BtKx7YHNZh4C8TFwy%2BoUovmY9CsT8e0DtPLph49y3z%2Bk9oLR5rfzPdGuR89G6NqrJzxueDZIdM4qPkQLWunRz6GB4njbfzEBuPbOODglCUdPSoKrP1bHE3G7QU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
78c913354b3c2be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
style.css
www.iapac.to/wp-content/plugins/yith-woocommerce-wishlist/assets/css/ Frame A8E1 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=2.2.13
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2391d0dc61f4497df3a74fbda5a4859550985f894ef16da096e2b1d5a73af09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 18 Sep 2019 04:10:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5d81ae23-3ccd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dwv10EpY76H1JPXn7RzLihR5mea%2BPeJ%2FHhU1t%2BY6ggZ09Hb0z2e%2F2SwOavZ3qycur6XtsxtSCl%2Bw7kyNELWswYYB6smlrLKPemXp%2BFAZVu%2BpSjQr8EmZJQQnB84%2F%2FdF8wLEuMY27mDsW44%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
78c913354b412be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
styles.css
www.iapac.to/wp-content/plugins/contact-form-7/includes/css/ Frame A8E1 		2 KB
965 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 18 Sep 2019 04:09:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5d81ae12-695"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AUtWuWtKYmcYL9qN7XI7AwUHcyVJVf49siUbWFb9Vtr3OzPjMHkguZb9W%2FMN%2F68qyJpeOkvB0iQvMrG9g3BbIKTmXQDLy2iFWelUgkq4wLdEHIchg7wjGUqS2GyYkBAIt8HAfrAS%2BeLLiRw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
78c913354b442be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
settings.css
www.iapac.to/wp-content/plugins/revslider/public/assets/css/ Frame A8E1 		39 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7668ad2d758ed874c4111801a36f17f643cbbf8f65e238656e629a177daea5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 18 Sep 2019 04:10:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5d81ae18-9b8c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nbS4DYKlmw7SBpMVn4mLQiOEHqSIkzj%2FBnW2hqCyEMgYMws0s6yY4e8MzV0hiGkqZAvNf4Wi%2Fp1VC%2BCmQxjLyrF4%2B%2B3p%2Fv70kVHhF%2BWCklAPXaGss6QJf%2F4JL7%2B6pY4UJ4t69RUjoHsoeV0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
78c913354b472be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
woocommerce-layout.css
www.iapac.to/wp-content/plugins/woocommerce/assets/css/ Frame A8E1 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.5.1
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd18a408a35aa5d393458657eb24fb56ab754ece3f88bd78a038e5793d3f6991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 16 May 2022 11:18:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6282331e-4591"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yZFS36VdAUUMcI%2BouVwAVHG%2FV8%2FMJVWy7Oh4pBZSoh%2BZ%2FJp5urqH6qwMMXobgdxU6o7oEEptWvw6PmZJqpDpSTJLLdA%2FDE9%2F%2B2qYvmcuPImOEqm6ceD4riyWjZfk0sqTaYIJp0yUj%2FlPys%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
78c913354b4a2be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
woocommerce-smallscreen.css
www.iapac.to/wp-content/plugins/woocommerce/assets/css/ Frame A8E1 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.5.1
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 16 May 2022 11:18:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6282331e-1b83"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56rlpiCPpEh%2FNofhN6Bxpq31hGtsNaPBRDSnCzmYA7ujIM4oSwACw5nghohmqYIwqlpFwanMfn4Ajo1I3Uwgd4XI4XTuHfQGUJWTgklIFolfT659h7Bpz98fxJEM6qF%2FSozTnnPCjYAS1Pg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
78c913355b622be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
woocommerce.css
www.iapac.to/wp-content/plugins/woocommerce/assets/css/ Frame A8E1 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.5.1
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3322ccb3912f7a9485eb1d75971fd5e1eb49c6575ff5ad985fb5496333e8c8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 16 May 2022 11:18:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6282331e-f523"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2L4rWiqEDubk0gSczG4%2FZdyD4e5WiPXcpfBZvq81Nr8kq6MT9pMHk6wC3fRHg%2FF8DYcmUrhgDRyEycRtBlSbUT0%2Fap2YNXxX5h3NrX5df9L2cCnzMdiZJFaY5GUsItquGI%2FpFfns775SbN4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
78c913355b652be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
colorbox.css
www.iapac.to/wp-content/plugins/yith-woocommerce-compare/assets/css/ Frame A8E1 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=5.9.5
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14a77bc82e039ce4be0d9ba9b0237495b0a9578d34eb92d444093d440f6190ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 18 Sep 2019 04:10:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5d81ae37-ee4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPh3RM91favKFcnn2KdNruJnh%2Bt6pdDyE1BqNK0U%2B4KtRFU%2FS75ubTcg3Iyvi81jh6D4m9bq3WoOSnPHtUxPtqcRbVMcPVWzrJIhRHeAB257pS0QaO3zBZM5wvCNd7CClM8T1RicN1cBRyw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
78c913355b682be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
prettyPhoto.css
www.iapac.to/wp-content/plugins/woocommerce/assets/css/ Frame A8E1 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=5.9.5
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9097a2c579616889e829be95554ebf90ec5900045f4d2282cce31d5a999acc03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 16 May 2022 11:18:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6282331e-2441"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDzcJ0Rfhvoz9sdEZza4YMjuDBl97HjGijVbWXpk%2FKOyRaVrc4rgL03CoolkBz9%2BEYj%2F3AmTiPXMWgoGCudPmhuC6D1zvX%2FbHz32NWjk6nexEH%2B6iHg27%2BNBxn0HRmOczvcyQPsLUTyYv3M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
78c913355b6b2be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
js_composer.min.css
www.iapac.to/wp-content/plugins/js_composer/assets/css/ Frame A8E1 		473 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.7
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18fd322583b992be8df5cc0713fee5fc2ec1f43004f1d838cfe1a76d49cb8f4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 18 Sep 2019 04:09:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5d81ae0f-76596"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tHofVW5wWyNIES1R9%2FGJKRC503mdjC6O%2B7HPzAdPo9%2FBxA8U0kRVGxYd3TfyQmV%2F%2FWBg%2Brv%2BFNwLUM6jKNpIKHEDfSCaqZEBnUG2wl48dEp61WGRfrmDjDnxUypeZX3tuyWXnfTDA1HzmM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
78c913355b712be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
tooltipster.css
www.iapac.to/wp-content/themes/woodstock/css/ Frame A8E1 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/themes/woodstock/css/tooltipster.css?ver=3.3.0
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9715e377be39dbdbf51427ed460a879b2af1dbd6af62a00e2d013f2ba2be1ff2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 20 Oct 2016 06:23:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"580862ef-2353"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZEfXFHChQFsTKf7OQ3yx0O9cElGx6vDrUUWZq%2BKaWnpE6YWKfEieTwu826d00tKc4h4xt%2B5Kyy%2F5ZdTiV0AftDwotvelUo4Si8%2FgxuXJjzb4OX7GSXoOVd%2FnDvBGubJrzF0Lw4yKwJ0Id4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
78c913355b742be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
fresco.css
www.iapac.to/wp-content/themes/woodstock/css/fresco/ Frame A8E1 		36 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/themes/woodstock/css/fresco/fresco.css?ver=1.3.0
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
811e3c1818cf214f70e385407c6ddd120b3f7e919d297f2bd0fe5d2410f499df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 20 Oct 2016 06:23:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"580862ef-91c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1NTKIF4aueKxdUvzcUy09SfLszzKfwBW%2Bgnp0o1V1rTXAgqFlUazwU9m%2Fn9PV0mP05WdhH8A42Om1MT4SxgcujH6EoL2Auh9otfzLJSrBL8ybVEAX7gPo4hqyzmCjDfzD4Twk9WYPzMvgg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
78c913355b772be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
easyzoom.css
www.iapac.to/wp-content/themes/woodstock/css/ Frame A8E1 		1 KB
794 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/themes/woodstock/css/easyzoom.css?ver=1.0
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5f8441263d80cc3de4171fa50088b3a21cab396a44f8c9c019b154affa46e62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 20 Oct 2016 06:23:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"580862ef-49e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0p1Xxu77X2CFGcH1E2mKFeRJ%2FuECaGHeSE8pXmMeskhqQ%2Fj3UHsCaMMnPzor55T10pHcPeVo3ZVWdsV%2F0%2B6gnuj5lLGLBg%2BIaRV0%2FU5iaQ3ufJ27x7jncWSX%2FZXCp4oLMwg6rgJ6FHovgE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
78c913355b7b2be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
idangerous.swiper.css
www.iapac.to/wp-content/themes/woodstock/css/ Frame A8E1 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/themes/woodstock/css/idangerous.swiper.css?ver=2.5.1
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
520e55ee027a47cb6de8d51884f3df3557572a543e20762a5d8bce0c1b058df0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 20 Oct 2016 06:23:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"580862ef-b35"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTzDVHz2tpFbHRR1LgLAZjCfRAaYc%2BmG%2BkNHtnGJSECPL0LP2d6TDmaSiqGjEnvSOLfRFIEmUsBm5lO7YtSmMJ%2BGll3E9fUAjlZGa%2FOddYpnWSMwVAq%2Ba2HVTEwlfkOcr%2BLqddwqYjBVgBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
78c913355b7d2be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
nanoscroller.css
www.iapac.to/wp-content/themes/woodstock/css/ Frame A8E1 		1 KB
913 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/themes/woodstock/css/nanoscroller.css?ver=0.7.6
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf120d67ccb2fc607b731e34e750411ccbf85676322171d1f84c00a3e00123f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 11 Mar 2019 09:54:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5c86303f-555"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBcTAY8J%2BniWF9t85Vd1Cr9R6ld%2F0hoDo6Y7UGrczBGgeiFgjcY3bEHVmnNsW6%2BejBkzVONWS4gXnmG6LvgG%2F1pyNUbGGvW8TQwiW5EhasFSPrX5HdtbJRnnfM%2BOfQ6wgcJebs45hZuE6CA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
78c913355b802be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
select2.css
www.iapac.to/wp-content/plugins/woocommerce/assets/css/ Frame A8E1 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/woocommerce/assets/css/select2.css?ver=6.5.1
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6610cfb284c5370ed1cd73333301a0fd21d0149efdcd366dd7b8fe35a5949806
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 16 May 2022 11:18:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6282331e-3917"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wSEO0mdsZ2RwCACdnGeppakZWSuMn%2BsGCY85wyxhuy6dEugyb6LuXYxn802Nspsn%2FqB%2BxGxKaTjQqUBmTogeUJ1ZoxSFVztLmyHVLiu0n25cyTj3z5Zlm%2Bzlqn%2FhlBMgn4F0F1tG5H6IgzQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
78c913355b812be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
app.css
www.iapac.to/wp-content/themes/woodstock/css/ Frame A8E1 		685 KB
92 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/themes/woodstock/css/app.css?ver=1.0
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29c87a6d59d762cd22e651bcbbb53118bdce7c40222e4695925ba9f774d440f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 16 Jun 2020 09:43:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5ee89425-ab2dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7xsuCDo2rMsJJyF3mJK0VsUhuYaHNnjbVVH%2BhvAJlNrMb%2BNV1C0%2Bd3TSxypHo3SIgW%2Bsn%2FNallXxOpeJ3pMTllN%2F6mnBSRjjJqo1lH2stQHSDt56o9HgP0L3MjHu%2FB%2BnYgYRXmwfP4SkW4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
78c913355b832be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
style.css
www.iapac.to/wp-content/themes/woodstock/ Frame A8E1 		839 B
783 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/themes/woodstock/style.css?ver=1.0
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1f047da89de24239ae5a2263f5a9f80446edc0bb39c04e0ca9be5180cd93719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 22 Apr 2019 09:07:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5cbd8459-347"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=306EghXhioAH9hxWgxQTgSWm5EjOVzMOARUwwqznccBxvf1c2ru5TLzhYYSDKTcje6OBfEbZnCvctuDBcOY0%2F0VMSneH1xOtU0likbvKnz4whgdPajfCnz%2BHv2KHX2Q4gAufD8aBaDxvvmI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
78c913355b842be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
css
fonts.googleapis.com/ Frame A8E1 		15 KB
891 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A100%2C300%2C400%2C700%2C900%2C100italic%2C300italic%2C400italic%2C700italic%2C900italic%7CPlayfair+Display%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic&subset=latin%2Clatin-ext&ver=1595318494
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4f790a75578636271e575f2b9af507c997e9986cc39257888056878f8116b176
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 16:09:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 20 Jan 2023 16:09:31 GMT
jquery.min.js
www.iapac.to/wp-includes/js/jquery/ Frame A8E1 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 14 May 2022 13:08:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"627fa9bb-15db1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifG4CjfuqWxUYsLhLCjYw8ErljZmPAjSwgckLFh7kiwzSZLoVZyji2SfqElul429Da1FJ8RM1ZPK3JIFqbH5OGRCtsWOY%2BOVTkg4tXSDnCnnIS3Z7XKkbFBN%2FkV4LXnwda67NqDnK1mmbfw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c913355b852be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
jquery-migrate.min.js
www.iapac.to/wp-includes/js/jquery/ Frame A8E1 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 14 May 2022 13:08:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"627fa9bb-2bd8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQ1omyE%2F1OFxuBItO%2Fyf%2FvU%2BhcBulVnBK7v6Rc30ug3z6aWUKSUIgiNrKhJCHl%2B1OKs1PUBH%2FRTsZUdSdtoR%2BkP6nC4exHEPeoXo2zVx3aWbW8dbKM%2BcrkMZ3BLnr17xtH%2FRMufMOOyO3TE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c913355b872be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
jquery.themepunch.tools.min.js
www.iapac.to/wp-content/plugins/revslider/public/assets/js/ Frame A8E1 		108 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1dff8b0c66227748951c4ff891f146f49c5a382ac8e3d6e3c2e9cf8aa560dc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 18 Sep 2019 04:10:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5d81ae18-1afe4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIFjyvO1N3VZfUGuKmWyQISWaIf6klN0GFh1PEvKawWMuoxe2uONxY8tcYBoZ82aJvN3j3%2BGEK0yr7yydEGkCpAlIlYOnLXk5M2zycvGERpwgshhn23IY0zHmU1AdcS44Cz54k32C7arZZE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c913355b882be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
jquery.themepunch.revolution.min.js
www.iapac.to/wp-content/plugins/revslider/public/assets/js/ Frame A8E1 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27ead7f47a3fb4d1e7cbef0c68e28bde7ea18923cf41d8ca82ba13584eebc710
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 18 Sep 2019 04:10:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5d81ae18-fdb5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzp9s5EPP2%2FjPI0CeiRbjI95w60v5xDYIXlCGCN61yA1lWZRy6rrnjYmCA1kDSskrzbj3bFsemRL8uVoArAR6Oa5mfyaiiNkQyXMuhG%2BXQtWF%2BHpixYYY%2FA%2B8gAnkcnG18Nue%2FFrxI8skRQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c913355b8b2be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
jquery.blockUI.min.js
www.iapac.to/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ Frame A8E1 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.5.1
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 16 May 2022 11:18:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6282331e-253d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxO%2FG5GMCHraSLppE6M9sfkVyKBdyhSutJDi7OfZsU2SUd9P%2BIwgf4Aes2S6iH1IGmugKozQ0fyiRGIGWOt9izjSCunUlfXmdo9aEzElGrMzKzhnYdwdVgu%2FZ8ZnrLbxu99tN6eLPYgLmGE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c913355b8d2be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
add-to-cart.min.js
www.iapac.to/wp-content/plugins/woocommerce/assets/js/frontend/ Frame A8E1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.5.1
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 16 May 2022 11:18:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6282331e-bdd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDfKBVVEULe7EAl3q1MatBqEnTs6TT7fJu%2BNwQi650nj7jESszsHOhRw3PwjRgEiFfoQFp6r2FBlrXQS2iuDlA3%2BC7%2FeF4Mq7J%2BVbktYnVLhfVytdlBuw07%2BjzybaMpcWOgWjWi7I9h8QZU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c913355b8f2be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
woocommerce-add-to-cart.js
www.iapac.to/wp-content/plugins/js_composer/assets/js/vendors/ Frame A8E1 		895 B
667 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.7
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2685c1caf9a3e6616da70c63212ff6d6a6747e4929edf55832ebd18ef7a43ccf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 18 Sep 2019 04:09:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5d81ae10-37f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJjpUWdM9QJASq8zWYM%2B66ZJRIvtIadBbIPZD4OpX1NDceiw8Kri3tQwN%2BpVKsNAHuMjfyND%2FaOPVgSFeCRWdKLtpyh5UO5AK45qlU0N1Fm01ZzuduhcKsM7czGAXA7hFqNQztZW4b3%2FB6k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c913355b912be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
index.js
cdn.jsdelivr.net/gh/Imagecompress/cdn/ Frame A8E1 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/Imagecompress/cdn/index.js
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95303813f1b2177a68b737a6a05425741398624c074f90f052cd2feea2ed8e35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
37849
x-jsd-version
0.0.9
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230110-FRA, cache-yyz4555-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"406f-Viyl6pdpE7cSGuoJHnzV6eg8b7w"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qofqKbA4MPiEVUEYDKc3gayWa7YjP196aInaeMX0ZuB%2Bro6FjUT8ieWxxFe%2BQe5XmMEBYK5QoP%2FxCrhBcNw0KJTZWYIb0lOJZpys13mli%2BREmhPjEIw45%2B%2BE%2BNYq2scxqDhJtgZH4f7doO20p8s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
78c91336ef4b9b7c-FRA
20877041.js
js.users.51.la/ Frame A8E1 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.users.51.la/20877041.js
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software
CloudWAF /
Resource Hash
839570576ef780747ae2196acd47d9243fd64a8f2c24462b7de166364c9e03af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:32 GMT
Content-Encoding
gzip
Server
CloudWAF
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=360000
Access-Control-Allow-Credentials
true
Connection
keep-alive
js
www.googletagmanager.com/gtag/ Frame A8E1 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-253996200-1
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
89ccbdd0cc312573d297a97071805ff85a2e7126af5369f958c32eb45accdb67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44062
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 20 Jan 2023 16:09:32 GMT
logo-ia.png
www.iapac.to/wp-content/uploads/2020/07/ Frame A8E1 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iapac.to/wp-content/uploads/2020/07/logo-ia.png
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27d77819fd284e307e2ec7f89d543554a7b52df3c79af75914bf3bb7b168e9c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
677728
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3565
last-modified
Tue, 21 Jul 2020 08:00:42 GMT
server
cloudflare
etag
"5f16a0aa-ded"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gF4xK%2FWfXC1avndGZ0N2YO2rPh0vskZe6L%2FaivENmFvnf1ZHcnoR%2FPdQDd8%2BjrmcUf0t5O8pALdYEwqJABdIVRB%2F9aTd9HL8uuDiUxfPQu7Tc0HFUfTSk4tV1mZ9emPsiCeJvPsR2lQpQc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
78c9133c9e549ba7-FRA
expires
Sat, 11 Feb 2023 19:45:02 GMT
45083-1-100x100.jpg
www.iapac.to/wp-content/uploads/bestwatchesi/Rolex/Datejust/ Frame A8E1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iapac.to/wp-content/uploads/bestwatchesi/Rolex/Datejust/45083-1-100x100.jpg
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca86bed615e44b2afda71d3deeacf617f45c29188627816d86477559bb7d439b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2695
last-modified
Mon, 23 May 2022 08:25:26 GMT
server
cloudflare
etag
"628b44f6-a87"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifU5JbRAzjTixpdZ2ovqYJqv%2FFAC23aevf7CJcWQ%2BrzLtfwfCRA3qcIwlJsV12%2B09CoQiAStzXWNz%2FdBy9yApwEKcadCBujCSLjF9c6t%2Bj6Xi4JPjAaoaCNE%2BRpYoo00ac2auGBcyNZY%2FFA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
78c9133c9e569ba7-FRA
expires
Sun, 19 Feb 2023 16:00:20 GMT
wpspin_light.gif
www.iapac.to/wp-content/plugins/yith-woocommerce-wishlist/assets/images/ Frame A8E1 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iapac.to/wp-content/plugins/yith-woocommerce-wishlist/assets/images/wpspin_light.gif
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6764d1ceca55223d425248b80a02eca133fddb83163a2841c9d84965f44206d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2519107
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2209
last-modified
Wed, 18 Sep 2019 04:10:11 GMT
server
cloudflare
etag
"5d81ae23-8a1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zcf%2BhBZ1HuPEnWGU6MmaAZOfBtr0rARpytoqYc3TfXlFCPCCHUbtt7lDkWu7j37TOnKKkjMpSkwARfP3Q8GedRFP9AfG2agU9Rkw7wQijIMVjt3fbJmaVBC0oNLzKeUexsk01%2B2SsPNWz8o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
78c9133c9e589ba7-FRA
expires
Sat, 21 Jan 2023 12:15:54 GMT
payment_cards.png
www.iapac.to/wp-content/uploads/2019/08/ Frame A8E1 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iapac.to/wp-content/uploads/2019/08/payment_cards.png
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5ab475b5011457169092e0fc6652cdf0d109f571e70a7e20b8bce4a85e7986c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
442919
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9910
last-modified
Tue, 20 Aug 2019 00:29:51 GMT
server
cloudflare
etag
"5d5b3eff-26b6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hg3d29QgnyZL2ocQwlywz8jBZZmC9W56MO1T6j7s0UNJ%2BA2D5bdd7hCCNEn3KuH48RyXShJCj8GPOd6CNiJCQLm%2FqaGhK%2BfTe5WtkZifMyECc1c8SHiLzXIhBoYLgrSw4o03ulHEUV11FLw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
78c9133c9e599ba7-FRA
expires
Tue, 14 Feb 2023 12:58:28 GMT
core.min.js
www.iapac.to/wp-includes/js/jquery/ui/ Frame A8E1 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 14 May 2022 13:08:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"627fa9ba-50ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jya7XVWjDayoEgdUOhMIiKy1drqJ4WFoXJPmqwrsHV7XRQ8E9diOkaOu%2FBhaBAAzeqDCrjZ1cx1%2FTwL3%2FjgCO3JHCEooR0ST1EKYEH1IX4UlPlmrBoS5CJ5eTx8Mo8fMnrk%2FEwppi7GLrYU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c91337fcc79ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
controlgroup.min.js
www.iapac.to/wp-includes/js/jquery/ui/ Frame A8E1 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-includes/js/jquery/ui/controlgroup.min.js?ver=1.13.1
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0a51069610f44d6b5b7b82d3c07408c46f07f933931d88adb36ee06e815d049
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 14 May 2022 13:08:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"627fa9ba-113f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPd4BXxYUBiVgqCe98UBYLpPA9JVndphvrC9Hf6UznfGDxkeUvt5uXAcoVUR70UAfD%2B7ddF7p7kQuyTo6Y3TL4IuVg0SHs6SvBkKpBJTiBDULS0RyslxTyJ792RXdUwW8nqQR3Yafb6n9Cs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c913391edd9ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
checkboxradio.min.js
www.iapac.to/wp-includes/js/jquery/ui/ Frame A8E1 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-includes/js/jquery/ui/checkboxradio.min.js?ver=1.13.1
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10094e3448750a4d28c63270c34a48a713985bcc5602ffc783e2a3e187d9ccff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 14 May 2022 13:08:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"627fa9ba-10eb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mr%2BBXomaTaHn%2FSgaUkGMpp3RuPyilZhAr2w%2Bwwypjc8GItC2MmRezEMSasFKsTPJmNIlkSfNk6ZyChEfqKz9WxdLAcdhv0Q%2BLIAXAwsauIwA2NF66naSE9dTaiVKiDKEH9PVI125WZazogo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c91339b82f9ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
button.min.js
www.iapac.to/wp-includes/js/jquery/ui/ Frame A8E1 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-includes/js/jquery/ui/button.min.js?ver=1.13.1
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fb98e63c635f4259abc952989b3835e17deba7edbda965ab4ce43d08ac9ed51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 14 May 2022 13:08:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"627fa9ba-17f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NMpIMiokthrtuxK1s7x5goMqz1IKeFaC%2BBiQ4BFC%2FiEkc8VVJGtFVnK8ok37Bh1dmcOq70C0hGF8sa5sLuUxoJllO46kqxT9UJDXJ%2FM3v6zu6FMGPUi3mgB4eaPAK%2B1U4BJOC2eLBLVye0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c9133a49879ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
spinner.min.js
www.iapac.to/wp-includes/js/jquery/ui/ Frame A8E1 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-includes/js/jquery/ui/spinner.min.js?ver=1.13.1
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02093b937ce34d695215347c10766f46fafb76f84215ce92215705fb124bec03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 14 May 2022 13:08:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"627fa9ba-1dcf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdKI%2BUia0O%2F107ktd1wkUGQouL%2Fct0NGPtn%2FWCWIxg0nDCTu6EnRPzn76RHuVIr1%2FfyClz%2BJ1IXVlnpZAnoRBjZq9HiJa%2Bz%2BhwNjR%2FdwPbCu5EKawHOxfYN2T4Y2mkL7btojgg746Xg9PsE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c9133aeab39ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:19 GMT
effect.min.js
www.iapac.to/wp-includes/js/jquery/ui/ Frame A8E1 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c953f80cf0bb98945638528f71bafd7e837aac873b241533013b5170535e78fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 14 May 2022 13:08:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"627fa9ba-43cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBGW5w7ypk%2BafgN2P5y5%2BtxGL5NtK4Ij5OTUucVb33C%2FKoLtYk298%2BQyGTVgxtGGRDAET9g0GJ4IdOgnd0Fii37zgpw4ZNfomOwOrxIhOsxmg6mwPO5YzQrUIU9hrjGHhBON%2FnhONd%2FX8gw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c9133bcc7e9ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:20 GMT
underscore.min.js
www.iapac.to/wp-includes/js/ Frame A8E1 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 14 May 2022 13:08:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"627fa9ba-4a7d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4byRxrkfa6Ugn9sHslQDiELyP0AHME2ypSmjn6LZLPT8dRy9YAWEPAq3V8ZkSI9IpYBk4ytOIdbMS6o4F8POVXNZPJ2ootb%2FCZPDsbIlHba1ntCcRtTtqvl7llBvLiCXCEOqnuQIlM8uxs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c9133c5dc19ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:20 GMT
wp-util.min.js
www.iapac.to/wp-includes/js/ Frame A8E1 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-includes/js/wp-util.min.js?ver=5.9.5
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 14 May 2022 13:08:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"627fa9ba-53c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZukGZgPV18NslqFChv%2BogrM7wpX3a37jVuK%2BP1dj7ymw%2BEXoDwahIjRQggjsisOmLXRo8I20qjO56IusfF2RhKzwWJ28Ao2jjl8IEa2tg2DuuLrpYk2Ud6uIKXBoNFK%2Bmv9agi9WEalMO00%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c9133c8e1b9ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:20 GMT
main.js
www.iapac.to/wp-content/plugins/jck-woo-quickview/assets/frontend/js/ Frame A8E1 		88 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/jck-woo-quickview/assets/frontend/js/main.js?ver=5.9.5
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14dc9ad1cc88c36a20050674541f9061a1addcd0f81f596e6de3392ce83ef5b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 18 Sep 2019 04:10:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5d81ae32-15ecd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNXKm3Fck0gqvWENaeGm6gzm78V7683tVsTHVm7KPb%2Bb6uLMWjKn9N99DBH1Rt7gnD1U9A6cgzTuTTClS9m%2BWiYmREixRuLPL5lfsWYF9rreEdiau2OhW8kfjT%2BVChkOUWmML3Lj3Y3BGv4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c9133c9e229ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:20 GMT
comment-reply.min.js
www.iapac.to/wp-includes/js/ Frame A8E1 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-includes/js/comment-reply.min.js?ver=5.9.5
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 14 May 2022 13:08:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"627fa9ba-ba3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0AbmC03yDmpf0i6m8G1Wo%2FvWWL%2FU7fCtMXOsPUNz3ZtoI6FuImvZfMEnWZJalOvS4qShZ81kNmLouOp1hzdEwyvONtJckG63GGmNFeWbFQABNpt7xVle4BLvDUR1MRNOMQg%2FHqMtnxZpiA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c9133c9e379ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:20 GMT
jquery.selectBox.min.js
www.iapac.to/wp-content/plugins/yith-woocommerce-wishlist/assets/js/ Frame A8E1 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdfbb661e5d5f32edf12ea356c0e6d457c96cc209d6601b310cc277bb950e8b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 18 Sep 2019 04:10:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5d81ae23-3d78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAtl2IGSombQVT3eAtHAlDF2pQQ9%2BNIdBwHW6xXjvt5iu9rLHRj2KQ9YZIQDtRHon0rubIrUUKIA4r7yA%2FzZFlmZswKIPNBY%2BsRWfRpsD85aQy993JL5j28Aoxhg26hfsbYhig4C8Ux1jb4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c9133c9e3a9ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:20 GMT
jquery.yith-wcwl.js
www.iapac.to/wp-content/plugins/yith-woocommerce-wishlist/assets/js/ Frame A8E1 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=2.2.13
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2395683ce82442577bf579c2e04c631b752ca49ab04fe3efdf2283166a11ae5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 18 Sep 2019 04:10:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5d81ae23-2962"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTE87IQc8cAt%2BBJW5VUmoy8dGHcB4A4vs2oROMpdMwClR4pDVQoObhPoICHrg%2FiojXFyjO1oyXS5Qg%2FAgEQkP9PCwfzRPQeajclZ1uogIRAvgNYwVfJBsTU3nw6w990187opAOqHQv4IJdM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c9133c9e3b9ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:20 GMT
scripts.js
www.iapac.to/wp-content/plugins/contact-form-7/includes/js/ Frame A8E1 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 18 Sep 2019 04:09:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5d81ae12-3868"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdXWyxYilqXrC4LEvl9LYEoL5gXsr%2F88eBBEe%2B4eko73wEecwRETHsNedtMS2a0gD8FN1j9jTXFJzCnq3lTbmADtxejuTQPgQ6W7TxZseIL16as69JlGC3X45xeldvu0tWLiMMjC3qAxB30%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c9133c9e3c9ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:20 GMT
js.cookie.min.js
www.iapac.to/wp-content/plugins/woocommerce/assets/js/js-cookie/ Frame A8E1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.5.1
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 16 May 2022 11:18:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6282331e-72a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JndNbW8bgquTs5xt%2B367mox5t1G73NvUYrhwdT9gX2JM6QZHymZ2Gfz833Uwqj2pQEjojnHIu%2BNvvLehAZwOZFDSPgZ2A8Vx3%2F6yfyQc%2BW2%2BG%2BLV2OtbUHZLWmNswRLBTlINieCJDSPbI5k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c9133c9e3e9ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:20 GMT
woocommerce.min.js
www.iapac.to/wp-content/plugins/woocommerce/assets/js/frontend/ Frame A8E1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.5.1
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 16 May 2022 11:18:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6282331e-85b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afaYXxbjAffRkBL9UZ76AsvDnGOElA8d25wIxAFQwd1gwUkLSRxwLTrRTOTSX51FFT1pUqh%2B%2Ba26jUgSjGDEvUaGYBVBC%2Bb3kPlCY%2Ftn7%2F2A9PkgxckTUSWX8Pklr6Ve68IrbumruF39HOc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c9133c9e409ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:20 GMT
cart-fragments.min.js
www.iapac.to/wp-content/plugins/woocommerce/assets/js/frontend/ Frame A8E1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.5.1
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 16 May 2022 11:18:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6282331e-b7a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olg3Xz82GAh3aRA41Z%2BnMGHXlMKmpjakzHwSkIk3CqfP30yOMzSzHONKLe4frYtTdzHKxKesW0QwgPTaHdB%2FzUrhoVnmIIyz26XrGzUhVKy6UppMk4rFc9e%2FplXvTVElSpz8WmcA5Nv%2Fioo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c9133c9e429ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:20 GMT
woocompare.min.js
www.iapac.to/wp-content/plugins/yith-woocommerce-compare/assets/js/ Frame A8E1 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.3.13
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e9e228389f4fd18d520866b8f759b6827622048cccd7700b4e947005833cbe1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 18 Sep 2019 04:10:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5d81ae37-11b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bwej20JV2mf4EMZ%2By8eqcnVcnCkyE1sn0Tn2J%2F%2Fwd7xO4w%2FujS8WOepPCp0igpeAT8Gu8JXA54Crv6LdOCcsF2%2FJ9QT5zAXvT6Z3FxxC1Z2RRVsU0AcSMHUOGON3NLr9esBiRGbu0DyxTJ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c9133c9e449ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:20 GMT
jquery.colorbox-min.js
www.iapac.to/wp-content/plugins/yith-woocommerce-compare/assets/js/ Frame A8E1 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cd7a0d2c9eb03966a0dc60658526c20fa4e8ee4a0660da469f55edaf9a18c9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 18 Sep 2019 04:10:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5d81ae37-2e7c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGVpqAdfkFeg7kpyMOMNbz7o8SpD9LG2DK%2B9VfQT5RZkthB7Fk8dfGHiVcOBfMY0rqbK5fYaXesOOxbSA2pr3TKuGlG7UgH7c6lrUcPWi%2BfhWpvNG9%2BlU%2FmuDOkK68VfyEyMLrDRGXdwIls%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c9133c9e459ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:20 GMT
jquery.prettyPhoto.min.js
www.iapac.to/wp-content/plugins/woocommerce/assets/js/prettyPhoto/ Frame A8E1 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ef1fc50a9d78f044028f3ba7378c5bbec0188de74a5217491040f9ba435fca4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 16 May 2022 11:18:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6282331e-5422"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bME2AylAdTFU1Z7jkTLUc1HrydVgOWOyWjUC2CPwY6rdwnl4B%2B2FEKatxueiV8MO6%2BnhN0y4hKcEzcOFB0faOl%2Fb7bags1KCMfQaGzdTrw5r9c2Q%2FObBZAkF2%2FF1O9Tv9EoZhSuGZn8hPDo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c9133c9e479ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:20 GMT
wstock-plugins.js
www.iapac.to/wp-content/themes/woodstock/js/ Frame A8E1 		335 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/themes/woodstock/js/wstock-plugins.js?ver=1.3
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b226b3707b90e3542e8776ddd7e32e7f42f0586de4059bf3876de98c7aea595
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 19 Oct 2017 08:43:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"59e865cf-53d4e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d39u1LNXR8Pzl%2FvMlDeooaji1aTg7VIbceWiNFnbRAwTcquVZmCekBY0lgfguBVI3WvOMykfJ5uapBcG5NTuPoMnARKhCY%2Bu53Slijk0UHI8DD7UHsKO%2BX%2FRFSqrhbLtmLovlvkb9raTBJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c9133c9e499ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:20 GMT
jquery.autocomplete.min.js
www.iapac.to/wp-content/themes/woodstock/js/ Frame A8E1 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/themes/woodstock/js/jquery.autocomplete.min.js?ver=1.9.9.5
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4669f93c23967fa33e4b9acfa2f9fc8d47cee2808f44a64ac48a14b230438504
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 05 Mar 2019 18:03:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5c7eba06-31de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTzs2SahqvyNmnV0vZgxNfA3KuHjKktI4BDwU285kExycTBMqnqIHFnk7cIyc2MQIGqH0YOfoH3JwI6n3fGjNCpG55ypGvQhbkBOlG1UjwDE8STUZc8DdqvKwLwLitxIQkOwJBfUYmqCguA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c9133c9e4a9ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:20 GMT
wstock-custom.scripts.js
www.iapac.to/wp-content/themes/woodstock/js/ Frame A8E1 		50 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/themes/woodstock/js/wstock-custom.scripts.js?ver=1.4
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e5ea255737aa9f7af3c5fb9ae79ecdbbf59d8657a7e767f2784e054e6189283
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 14 Mar 2019 07:29:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5c8a02ce-c689"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OE76YxoRhOprC0csyFauz00HRtvQTMU5XMkNpQwaamSbJxJp5QykNFyIurF6RoS59abJcwEXcoLqfdG6dsXCt7xaryRrhHcByCIxV%2BObV4ZqYHD7QoyO4atUF4Ppe5FubDXkIgLLjukUEuM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c9133c9e4e9ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:20 GMT
new-tab.min.js
www.iapac.to/wp-content/plugins/page-links-to/js/ Frame A8E1 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/page-links-to/js/new-tab.min.js?ver=3.1.2
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
582278063c6f97f70b739bc1530060e16e176bb7b792ec5bd542d2083ed6b21c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 24 Oct 2019 08:45:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5db164b6-f3f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXLSYaJ%2B9bIbwpWpCWgEgTVXkimnUZxD0hz4biJtp8EFPQYv62pEiCtSPG9F88z02ugLabehMB%2FKRaeH4xcwygZH7JncjbF9vw%2Bft2QcHZSJlLyihqWb7p%2FgImDlN7tnHRCZwmjfPm7eCEM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c9133c9e4f9ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:20 GMT
js_composer_front.min.js
www.iapac.to/wp-content/plugins/js_composer/assets/js/dist/ Frame A8E1 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.7
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0bcb73a9ca9483f3d74255ce1a77f5fbc491f09a5516929e55b4c38c2e9ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 18 Sep 2019 04:09:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5d81ae10-4cfa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bydh%2BRJ4H%2Fhix891uGB8I%2F6jxLsGvV8nJkmWCo%2FsxjsoGWWiOb3Plf%2FKKRDLJmjTDe4CMWSGyc6pOvGPlq8CrwI7PfPMNwwRR4h0%2F2veEVAYgGbGeSQ1hdutRl7KDg%2BsB3mBbAcGvdQ3Glg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c9133c9e539ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:20 GMT
counter.js
www.statcounter.com/counter/ Frame A8E1 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 19 Jan 2023 16:55:02 GMT
server
cloudflare
age
27925
etag
W/"63c975e6-aa70"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c9133cd8a59bd7-FRA
expires
Fri, 20 Jan 2023 20:24:07 GMT
wp-emoji-release.min.js
www.iapac.to/wp-includes/js/ Frame A8E1 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 14 May 2022 13:08:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"627fa9ba-4705"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Is1M5IgcAx8d6BsyGGdzzuIXVILUHl8vZk49UhFI%2FVSNR61uTkbEP7th5I8JdRO5TSW1Xi%2FGF2q1vGxaK%2BOk%2BnsDOJkGXCr%2BPBttLcNEyrEvkpetXAn8E9zZUaC7%2FY2Clz9d%2FfbvztKR0bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
78c9133c9e5b9ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 21 Jan 2023 04:00:20 GMT
ngb_hb84.js
tags.newdreamglobal.com/service/ 		45 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.newdreamglobal.com/service/ngb_hb84.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=www.caraotadigital.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.193.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab445da64dec12a85d693a0462bd7e17c3c9748fb3f80473a22b73642eaf3e8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2643
cf-polished
origSize=67514
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 19 Jan 2023 16:39:52 GMT
server
cloudflare
etag
W/"63c97258-107ba"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgajBhDgNE8ldiyijoZRDoo%2FXfR4%2B6oOk%2Fh7M0qbamJc23rHWCfjnj%2FxQUemqSJgAY%2BxAkJ7E2SQTRYzln4onIZ8jqTdOTJClnEEG11H5K6aTzIi64bAnuL0ImrV%2FGSykKADm4RY7FSl2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=600, s-maxage=3600, stale-while-revalidate=3600, must-revalidate
cf-ray
78c913359dc49007-FRA
linkid.js
www.google-analytics.com/plugins/ua/ Frame 832B 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 20 Jan 2023 17:07:19 GMT
apple-right.png
adncaraota.com/wp-content/uploads/2020/08/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2020/08/apple-right.png
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a84a863c58683c2eac788db2d984f7b9052c2f7ac15a16600ba5298c0b303b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2125
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Tue, 22 Sep 2020 19:43:19 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"84d-5f6a53d7-12330839e4b2e166;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZoF38PeP7SQfC1BKzSkhkqpIh7HMxjWsdbaUWSay3igAcvtAJDhv%2FHWpocd7joUWEvkIc4yPbpci5VoGr92szMgCsE3%2F8FCcVtLiR6UoQpLCiJVjaStyzgXtz2uj71rohdqNkr%2BW64Ej%2Fj3aeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c91335ad2a922b-FRA
expires
Tue, 29 Aug 2023 07:16:19 GMT
cs
cs.lkqd.net/ Frame C2B5
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3cb1150c-343f-4c4c-b45d-f77253664b1f
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3cb1150c-343f-4c4c-b45d-f77253664b1f
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3cb1150c-343f-4c4c-b45d-f77253664b1f
date
Fri, 20 Jan 2023 16:09:31 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame C2B5 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame C2B5 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame C2B5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3434956184223306299
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3434956184223306299
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3434956184223306299
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame C2B5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Uoc0NV_dSTpD4brib741C1FfBSM
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Uoc0NV_dSTpD4brib741C1FfBSM
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Uoc0NV_dSTpD4brib741C1FfBSM
Date
Fri, 20 Jan 2023 16:09:32 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
i
tr.snapchat.com/cm/ Frame 5C1E 		0
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&u_scsid=a8b3ac8e-fc53-4a5f-b63b-bedaf9dd0e2a&u_sclid=2111be86-1343-46bd-b447-ca33de8f9ca0
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://www.betano.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Fri, 20 Jan 2023 16:09:31 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
59013e41-1b63-4d8e-a887-ea6d3795d988.js
tr.snapchat.com/config/de/ Frame 832B 		146 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/de/59013e41-1b63-4d8e-a887-ea6d3795d988.js
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
f89c6e01dda9dce70ce27a525200928133bf6c1fd7267af651ace7f81c297b2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://www.betano.de/
Origin
https://www.betano.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
server
API Gateway
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.betano.de
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p
tr.snapchat.com/ Frame 832B 		68 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Flp.cleverwebserver.com%2F&bt=1d53c387&if=true&m_dcl=409&m_ic=1&m_pi=409&m_pl=0&m_pv=v2&m_rd=698&m_sl=691&rf=https%3A%2F%2Flp.cleverwebserver.com%2F&trackId=6a8d198a-790a-4f3c-8f63-8fa1f67c85d8&ts=1674230971822&u_sclid=2111be86-1343-46bd-b447-ca33de8f9ca0&u_scsid=a8b3ac8e-fc53-4a5f-b63b-bedaf9dd0e2a&v=2.0.0
Requested by
Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
cs
cs.lkqd.net/ Frame 8DEA
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=98f99a3b-963b-403b-a979-a12c25e08aca
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=98f99a3b-963b-403b-a979-a12c25e08aca
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=98f99a3b-963b-403b-a979-a12c25e08aca
date
Fri, 20 Jan 2023 16:09:31 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 8DEA 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 8DEA 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 8DEA
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2930553025957810747
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2930553025957810747
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2930553025957810747
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 8DEA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=teGXuYRATmdgaXdHAJtNPlFfBSM
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=teGXuYRATmdgaXdHAJtNPlFfBSM
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=teGXuYRATmdgaXdHAJtNPlFfBSM
Date
Fri, 20 Jan 2023 16:09:32 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
dc_pre=CM_S3rLE1vwCFa9GHgIdtW4F6g;src=12738953;type=despo0;cat=despo0;ord=4584660124607;gtm=2wg1i0;~oref=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3...
adservice.google.com/ddm/fls/z/ Frame 85F1 		42 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CM_S3rLE1vwCFa9GHgIdtW4F6g;src=12738953;type=despo0;cat=despo0;ord=4584660124607;gtm=2wg1i0;~oref=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D825
Requested by
Host: 12738953.fls.doubleclick.net
URL: https://12738953.fls.doubleclick.net/activityi;dc_pre=CM_S3rLE1vwCFa9GHgIdtW4F6g;src=12738953;type=despo0;cat=despo0;ord=4584660124607;gtm=2wg1i0;~oref=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D825?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://12738953.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3E82 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adncaraota.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4156
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 15:00:15 GMT
expires
Sat, 20 Jan 2024 15:00:15 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 611C 		783 B
967 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9c35ea1fe5c59fa818975e32505a31e50c73e57694b72111e153505b12202817
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OmI2QiMXPtxJ2sikHhoyOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adncaraota.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-OmI2QiMXPtxJ2sikHhoyOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 16:09:31 GMT
expires
Fri, 20 Jan 2023 16:09:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
137000673.js
bat.bing.com/p/action/ Frame 832B 		0
119 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/137000673.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Fri, 20 Jan 2023 16:09:31 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 01EE6B66AE2144B0AFF4BADDD03FDA05 Ref B: FRA31EDGE0615 Ref C: 2023-01-20T16:09:31Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame 832B 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=137000673&Ver=2&mid=03962dd4-877e-4530-992f-adf6693cc7b5&sid=d30246e098dc11ed8eeeed24c9cb043b&vid=d30247d098dc11edb260f787a83b2e24&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Flp.cleverwebserver.com%2F&r=&lt=410&evt=pageLoad&ifm=1&sv=1&rn=187124
Requested by
Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 20 Jan 2023 16:09:31 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F1CDDE109C1341989FF47589EAAE12E5 Ref B: FRA31EDGE0615 Ref C: 2023-01-20T16:09:31Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
identity.js
connect.facebook.net/signals/plugins/ Frame 832B 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.94
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 20 Jan 2023 16:09:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20722
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Gl5HJKdeUCq01oHsGc5XPOsCgFO7d6NZIIQjeL1hs9Z0sCmqy5qTA6IcjcpaYcVDsXRa0TRDBa0dNSCIY3Vdxg==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
234568464078651
connect.facebook.net/signals/config/ Frame 832B 		378 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/234568464078651?v=2.9.94&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f94fcbaa5dcb411470fe6ffff74b74f8c056643381f2bb230f6876c6984fee2e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 20 Jan 2023 16:09:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110555
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
lhvzVuzMpqjgdS5W0qPLxovBuBFy7UW77AWwbS/hlM4Y1jT4JLUjZKx9uqp4MMVHXUDLkaGSdWLoGB3gv0Rxjw==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/763238947/ Frame 832B 		42 B
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/763238947/?random=1674230971611&cv=11&fst=1674230400000&bg=ffffff&guid=ON&async=1&gtm=2wg1i0&u_w=1600&u_h=1200&frm=2&url=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D825&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&fmt=3&is_vtc=1&random=3957622105&rmt_tld=0&ipr=y
Requested by
Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/763238947/ Frame 832B 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/763238947/?random=1674230971611&cv=11&fst=1674230400000&bg=ffffff&guid=ON&async=1&gtm=2wg1i0&u_w=1600&u_h=1200&frm=2&url=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D825&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&fmt=3&is_vtc=1&random=3957622105&rmt_tld=1&ipr=y
Requested by
Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		179 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/service/ngb_hb84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1a74eef6e94e2e8414e313d3dac9c34b11fccf52909e9eb833ce2cf70ced650

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 15:58:33 GMT
content-encoding
gzip
via
1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront), 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
last-modified
Thu, 19 Jan 2023 20:39:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-C2
age
658
x-amz-server-side-encryption
AES256
etag
W/"09722bdf068e1f62e3d9a9e39a8dde87"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
KWkq3T7M1Q5p1dLsB8M4sv-IimWovxKMAJvzlX9aJrh94olKJZU-hQ==
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:31 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
2331499
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BiFVTzCxl%2FpghHi7ZsMuZ9lsd1hpUK3it9gbWaKRkPQjQBw5Wt8wZklZjONSA%2FZZQ4%2Fs6kTGNhAT7IH6KNzi%2BjNhWu%2FLsGqCtLlze6FEvGcSEUB39e1fgiDUsdrzC816U3QD4aPcHCnP%2BMpL"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
78c91336dd4f6909-FRA
/
track.adform.net/Serving/TrackPoint/ Frame 832B
Redirect Chain
  • https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=213522896195&ADFtpmode=2&loc=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx...
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=213522896195&ADFtpmode=2&loc=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE...
121 B
600 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=213522896195&ADFtpmode=2&loc=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D825&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Requested by
Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=825
Protocol
H2
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9d1d32f6fd1ed2900029c8afdf804a635950357b2c472d542333a1f6e4aa123e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
194
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
content-type
text/html; charset=utf-8
location
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=213522896195&ADFtpmode=2&loc=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D825&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
hls.ab55e91cf2e7990a858b.js
cds.connatix.com/p/216099/ Frame 5BF2 		0
47 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/216099/hls.ab55e91cf2e7990a858b.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
content-encoding
br
last-modified
Fri, 20 Jan 2023 14:28:39 GMT
age
5917
etag
"9c52aeec94b8e17f4fb52a552635b8b4"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48350
prebid
mp.4dex.io/ 		0
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:32 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://adncaraota.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
78c91337bf52bbc7-FRA
expires
0
c
prebid.a-mo.net/a/ 		0
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:31 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
131
server
envoy
vary
origin, Accept-Encoding
/
shb.richaudience.com/hb/ 		5 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.208.101.55.162.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
da8b00f157aa030065e2d6a06149909cd367c6ebe8613a0ee506e636b1f7aae0

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 20 Jan 2023 16:09:19 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://adncaraota.com
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		5 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.208.101.55.162.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
da8b00f157aa030065e2d6a06149909cd367c6ebe8613a0ee506e636b1f7aae0

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 20 Jan 2023 16:09:19 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://adncaraota.com
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		5 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.208.101.55.162.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
da8b00f157aa030065e2d6a06149909cd367c6ebe8613a0ee506e636b1f7aae0

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 20 Jan 2023 16:09:19 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://adncaraota.com
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		5 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.208.101.55.162.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
da8b00f157aa030065e2d6a06149909cd367c6ebe8613a0ee506e636b1f7aae0

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 20 Jan 2023 16:09:19 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://adncaraota.com
access-control-allow-credentials
true
hb
hb.undertone.com/ 		0
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3636&domain=adncaraota.com
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-59.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:32 GMT
via
1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://adncaraota.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
x-amz-cf-id
HOkaLCeTY12dYDfpQZtIzDgGcF1rrtYvGih9J_1VrIoITewFJmLlTw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
v2
i.connectad.io/api/ 		107 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7692abe2c59e1a9db3d398b11d2ae8c53034c853a72f4942191ece3d277f58f5

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://adncaraota.com
content-type
application/json
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
78c91337b9eb92ba-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bid
ap.lijit.com/rtb/ 		24 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.25.0
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.14.3 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
ce2fa11eff42b673dc8ae241abe3041fec938d59f9529aab5223eeba69da51d2

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 20 Jan 2023 16:09:32 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://adncaraota.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
imp
g2.gumgum.com/hbid/ 		368 B
788 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1674230972065&to=0&aun=ngb_si2764&pubcid=81d288fd-f16b-4763-830c-d899b561ad71&gpid=%2F12119045%2Fbox2_p&maxw=300&maxh=250&si=80726&pi=3&bf=300x250&schain=1.0%2C1!newdreamglobal.com%2C32%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.caraotadigital.net%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.25.0%22%7D&ogu=https%3A%2F%2Fadncaraota.com%2F&ns=9626
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.42.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-42-161.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
721d15716663b5588d40b75b955521d14f1cf1c4dcded1251f5f25a5fdefbe20

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:32 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://adncaraota.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		368 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1674230972066&to=0&aun=ngb_si2762&pubcid=81d288fd-f16b-4763-830c-d899b561ad71&gpid=%2F12119045%2Fstickybottom&t=dwmiwddo&pi=2&schain=1.0%2C1!newdreamglobal.com%2C32%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.caraotadigital.net%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.25.0%22%7D&ogu=https%3A%2F%2Fadncaraota.com%2F&ns=9626
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.42.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-42-161.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
29ff3bb5b4d5344fa4221eca0cb675ee1ba9c7f3963dfdec469bbeccd50e8091

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:32 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://adncaraota.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		368 B
791 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1674230972066&to=0&aun=ngb_si2759&pubcid=81d288fd-f16b-4763-830c-d899b561ad71&gpid=%2F12119045%2Fflat2_p&maxw=970&maxh=250&si=80732&pi=3&bf=970x250%2C728x90&schain=1.0%2C1!newdreamglobal.com%2C32%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.caraotadigital.net%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.25.0%22%7D&ogu=https%3A%2F%2Fadncaraota.com%2F&ns=9626
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.42.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-42-161.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
558a02d951572852b6e6d2400ef43a834452c74bb02fe96accb880f49bcf1ca9

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:32 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://adncaraota.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		368 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1674230972066&to=0&aun=ngb_si2758&pubcid=81d288fd-f16b-4763-830c-d899b561ad71&gpid=%2F12119045%2Fflat1_p&maxw=728&maxh=90&si=80732&pi=3&bf=728x90&schain=1.0%2C1!newdreamglobal.com%2C32%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.caraotadigital.net%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.25.0%22%7D&ogu=https%3A%2F%2Fadncaraota.com%2F&ns=9626
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.42.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-42-161.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ee3b146d80e3efd0ba957149970944d70f9c27b1248ae13eb728d9ce51a81288

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:32 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://adncaraota.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
prebid.media.net/rtb/ 		338 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU97DM39
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
dbdd6ee7cd1378f51947cc64cb131bca5ce2376938e30337136f49fbaefc7609

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:32 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Fri, 20 Jan 2023 16:09:32 GMT
prebid
ib.adnxs.com/ut/v3/ 		471 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
840d808e452f790eabe4643e3962d7335b267551bfec533c07bf72a89c8be3ac
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:32 GMT
AN-X-Request-Uuid
0c3357a6-3cb2-424d-b18e-0e3017ee8de8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.35; 81.95.5.35; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
471
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xhr
pre.ads.justpremium.com/v/2.0/t/ 		53 B
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1674230972071
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.195.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-195-113.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f3c66ae2b673449b26b585190434659cf344d6bfb0538dbeecd564ffd4088e31

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:32 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15787&adtype=banner&auc=ngb_si2764&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.74%20Safari%2F537.36&l=en&dt=1&pid=62150&requestId=46d2fbb39b0b445&schain=%5Bobject%20Object%5D&bidfloor=0&d=caraotadigital.net&sp=https%253A%252F%252Fwww.caraotadigital.net%252F&usp=&coppa=false&videoContext=
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.54.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-54-53.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:32 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15787&adtype=banner&auc=ngb_si2762&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.74%20Safari%2F537.36&l=en&dt=1&pid=62150&requestId=47254e704673876&schain=%5Bobject%20Object%5D&bidfloor=0&d=caraotadigital.net&sp=https%253A%252F%252Fwww.caraotadigital.net%252F&usp=&coppa=false&videoContext=
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.54.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-54-53.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:32 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15787&adtype=banner&auc=ngb_si2759&w=970&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.74%20Safari%2F537.36&l=en&dt=1&pid=62150&requestId=48e4afd42634d85&schain=%5Bobject%20Object%5D&bidfloor=0&d=caraotadigital.net&sp=https%253A%252F%252Fwww.caraotadigital.net%252F&usp=&coppa=false&videoContext=
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.54.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-54-53.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:32 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15787&adtype=banner&auc=ngb_si2758&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.74%20Safari%2F537.36&l=en&dt=1&pid=62150&requestId=492842fbd3467ef&schain=%5Bobject%20Object%5D&bidfloor=0&d=caraotadigital.net&sp=https%253A%252F%252Fwww.caraotadigital.net%252F&usp=&coppa=false&videoContext=
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.54.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-54-53.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:32 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
v1
prg.smartadserver.com//prebid/ 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com//prebid/v1
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:32 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://adncaraota.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com//prebid/ 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com//prebid/v1
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://adncaraota.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com//prebid/ 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com//prebid/v1
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:32 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://adncaraota.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com//prebid/ 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com//prebid/v1
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:31 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://adncaraota.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
/
ghb.adtelligent.com/v2/auction/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: tags.newdreamglobal.com
URL: https://tags.newdreamglobal.com/admanager/prebid7.25.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
aea270df28a0dfe348914d7599bf3bdea41ab267a82e965c8c71ab9586957146

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 20 Jan 2023 16:09:31 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://adncaraota.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
967
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:32 GMT
server
nginx
t
t.lkqd.net/ Frame 0759 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:32 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame 5E3A 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
content-encoding
gzip
x-sp-metadata
HS256.CMyVq54GEoUBCiQ4Njg4NmNhMS01ODc1LTQ5ZTktYjRkMS1jNGQxYzg2ZWExMzkQmOLbkZXR/AIaBgi8+aqeBiIKODEuOTUuNS4zNSiyugIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGVhODBiMThlLThiYzItNDc4My1iNTE5LWYzM2VhMDYwYmI4YxjF5AMiGAgCEhRjZHMzMzMuZnI4Lmh3Y2RuLm5ldA==.yuptVS+ZcvG8Rvm97W9UZJ7nhkGKsnv65Zau3+ZtskU=
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1674230972.cds290.fr8.hn,1674230972.cds333.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
/
www.facebook.com/tr/ Frame 832B 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=234568464078651&ev=PageView&dl=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D825&rl=https%3A%2F%2Flp.cleverwebserver.com%2F&if=true&ts=1674230972113&sw=1600&sh=1200&v=2.9.94&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&it=1674230971882&coo=false&tm=1&rqm=GET
Requested by
Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 20 Jan 2023 16:09:32 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ Frame 832B 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=234568464078651&ev=PageView&dl=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D825&rl=https%3A%2F%2Flp.cleverwebserver.com%2F&if=true&ts=1674230972116&sw=1600&sh=1200&v=2.9.94&r=stable&a=tmgoogletagmanager&ec=1&o=30&cs_est=true&it=1674230971882&coo=false&rqm=GET
Requested by
Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 20 Jan 2023 16:09:32 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
1x1.gif
a.mgid.com/ Frame 832B 		43 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=714661&type=c&tg=&r=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D825&nv=0&clid=&clidv=0&d=1674230972120
Requested by
Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=2&siteid=825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
78c91337cb87732a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
content-type
image/gif
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fadncaraota.com&pubid=9ebc2692-db4b-4928-9f77-ac72f583423b
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
Server /
Resource Hash
07d17f03c93a871c79bc007d75662feb9f3921f1adb302feb286ffee5dc416ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:31 GMT
via
1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1071
x-amz-cf-id
qjeVwdMVviqxznOWjT_pn3VGUtY2gqe5Apl_OX2IfOtk_zu4JASFjg==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fadncaraota.com%2F&pid=72vlWnMqgA6mr&cb=0&ws=1600x1200&v=23.112.1442&t=1500&slots=%5B%7B%22sd%22%3A%22ngb_si2787%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F12119045%2Finterstitial%22%7D%2C%7B%22sd%22%3A%22ngb_si2764%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F12119045%2Fbox2_p%22%7D%2C%7B%22sd%22%3A%22ngb_si2762%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F12119045%2Fstickybottom%22%7D%2C%7B%22sd%22%3A%22ngb_si2759%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F12119045%2Fflat2_p%22%7D%2C%7B%22sd%22%3A%22ngb_si2758%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F12119045%2Fflat1_p%22%7D%5D&schain=1.0%2C1!newdreamglobal.com%2C32%2C1%2C%2C%2C&pubid=9ebc2692-db4b-4928-9f77-ac72f583423b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
x-amz-rid
79Z2PQTYF6DVYXXE8AEF
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://adncaraota.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
CnLkRP_39rJymB73mwFYS41oaieuVrmO4qP4iMHUznSVTJS9KTISzQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 20:51:04 GMT
x-amz-version-id
1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding
gzip
via
1.1 0434556f8ccac61e8735f7c75767727c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
69509
x-cache
Hit from cloudfront
last-modified
Fri, 23 Dec 2022 01:05:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
c1fSqMujYqbaaH-y_rVu8-LxY4Y1Cy1-tvTnHv-6TfxLZizsfN1pQA==
sodar
pagead2.googlesyndication.com/pagead/ Frame 611C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023011101&jk=2714852773784309&rc=
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
t
t.lkqd.net/ Frame 2C27 		0
0
JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
pagead2.googlesyndication.com/bg/ Frame 3E82 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30376
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16089
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Jan 2024 07:43:16 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:32 GMT
server
nginx
usync.html
ad.lkqd.net/cookie-sync/ Frame 2E23 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Fri, 20 Jan 2023 16:09:32 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1674230972.cds290.fr8.hn,1674230972.cds288.fr8.c
x-sp-metadata
HS256.CMyVq54GEoUBCiRkMzE0ZmIxMC0zNzJlLTRiYTQtYTQzYS0yMDNlMjA0ZDFlOGIQmOLbkZXR/AIaBgi8+aqeBiIKODEuOTUuNS4zNSiyugIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJGYwZmJjYmMwLWM2ZGYtNDAzZS1iYjg2LTFiOTA5ZTIwZDcxZRjaDiIYCAISFGNkczI4OC5mcjguaHdjZG4ubmV0.aVaitxXiqZDaf9QObQ1tJW0XfehoAfd4qds2KSJIVW8=
ad
v.lkqd.net/ Frame 5E3A 		94 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1149379&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fadncaraota.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56318%2C1%2C&c4=true&c5=&c6=56318&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=53221981&m=&rtv=1&thost=adncaraota.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
2417d43626ce95596ede1ee0114a9138f176d8dada471e60fe0505fc99d82ef8

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4717
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1149379&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fadncaraota.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56318%2C1%2C&c4=true&c5=&c6=56318&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=53221981&m=&rtv=1&thost=adncaraota.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Fri, 20 Jan 2023 16:09:32 GMT
server
nginx
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:32 GMT
Content-Encoding
br
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8KG0BEr7oiMr8H7a%2BkjdfU7ord%2Fyl%2BrJyE0SLjauCfOI8xxC6PMDLodFmIl8lDdpSEkbQ4ndvwS3fpcp%2B%2FRKhG%2BRlDTf47%2BcudmAHLq7tG9ccVJB2tZq3rikaZAkh0TQAS2pX%2B%2Bs2ZZc%2FLcV"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
78c913391ce69137-FRA
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
cs
cs.lkqd.net/ Frame 2E23
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=634c81dc-c812-47ad-8fae-9efecd8a8f36
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=634c81dc-c812-47ad-8fae-9efecd8a8f36
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=634c81dc-c812-47ad-8fae-9efecd8a8f36
date
Fri, 20 Jan 2023 16:09:32 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 2E23 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 2E23 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 2E23
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2930553025957810747
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2930553025957810747
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2930553025957810747
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 2E23
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=teGXuYRATmdgaXdHAJtNPlFfBSM
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=teGXuYRATmdgaXdHAJtNPlFfBSM
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=teGXuYRATmdgaXdHAJtNPlFfBSM
Date
Fri, 20 Jan 2023 16:09:32 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 00:57:45 GMT
content-encoding
gzip
via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 20:07:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
54708
etag
W/"322a4a4dadec5839e9040f77edf9282d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
DJd78Q9aoYNPwKVKaqlAbJ-8KM8lvfbSCgbzZV7aI25g1QqxhvpN0Q==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 18 Jan 2023 10:47:57 GMT
server
cloudflare
x-amz-request-id
HF79PDKRZBHBZCEA
age
2833
etag
W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
78c913398ca29a3c-FRA
x-amz-id-2
d6YXv2aqwcTOb9vCXp5wuAtkAcEHI60J3TZSO9HzTC+Is9Wujb9Ah88TDiX3VWoTdGyXWE7zLGs=
map
bcp.crwdcntrl.net/6/ 		60 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.185.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-185-121.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
47fb0ccf10509295971899c1fd58fccf76698037add41816c22674b448d094e7

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:32 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://adncaraota.com
cache-control
no-cache
x-server
10.45.19.190
access-control-allow-credentials
true
content-length
60
expires
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
458ec4591f418e2e66ba18f35e86e1b2d24221c707b240649292e8aa2df1ac0b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		34 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::96f , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
10af6b5460ae34b66af571d7029f5be7b28dab50cbcb6cacc3ccf3a408a20ed2

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:32 GMT
content-length
34
vary
Origin
content-type
application/json
1167.json
id5-sync.com/g/v2/ 		215 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1167.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
7b55e1194e4dabbd5a85a3d854f32054c115d027e2f672318d8d760c1f20c7f9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://adncaraota.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
t
t.lkqd.net/ Frame 762F 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:32 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:32 GMT
server
nginx
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=adncaraota.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adncaraota.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		104 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3838471428749248&correlator=3968453286576893&eid=31068367%2C31071603%2C31071578%2C31071663&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fifs&iu_parts=12119045%2Cinterstitial%2Cbox2_p%2Cstickybottom%2Cflat2_p%2Cflat1_p&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=1x1%2C300x250%2C728x90%2C970x250%7C728x90%2C728x90&ifi=1&adks=482024377%2C1484796961%2C3974791747%2C2766676927%2C1600816335&sfv=1-0-40&prev_scp=site%3Dadncaraota.com%26type%3Dportada%26geo%3Drm%26amznbid%3D2%26amznp%3D2%7Csite%3Dadncaraota.com%26geo%3Drm%26category%3Dhome%26amznbid%3D2%26amznp%3D2%7Csite%3Dadncaraota.com%26type%3Dportada%26category%3Dhome%26amznbid%3D2%26amznp%3D2%7Csite%3Dadncaraota.com%26geo%3Drm%26category%3Dhome%26amznbid%3D2%26amznp%3D2%7Csite%3Dadncaraota.com%26geo%3Drm%26category%3Dhome%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie=ID%3D30f7ce4f07f2d2f7-228f04126adb0081%3AT%3D1674230971%3AS%3DALNI_MbxVJIztUO5Bx1KESS5SuTUxGAdSA&gpic=UID%3D00000bc7235ce172%3AT%3D1674230971%3ART%3D1674230971%3AS%3DALNI_MYPijdJ2ulv6N_HU7PxgHNPd_xn9w&abxe=1&dt=1674230972728&lmt=1674230972&dlt=1674230969961&idt=1751&adxs=800%2C1054%2C436%2C315%2C596&adys=9623%2C2553%2C1117%2C1091%2C113&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fadncaraota.com%2F&frm=20&vis=1&psz=1x10%7C300x10%7C728x-1%7C970x10%7C728x10&msz=1x0%7C300x0%7C728x-1%7C970x0%7C728x0&fws=0%2C4%2C516%2C4%2C4&ohw=0%2C1600%2C728%2C1600%2C1600&ga_vid=563312922.1674230971&ga_sid=1674230973&ga_hid=1540672396&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0508879415f71a0365c46e1e8a0215a2d813b4214f97007cdea6fa4e2e8af177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20675
x-xss-protection
0
google-lineitem-id
-2,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://adncaraota.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0ADD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adncaraota.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 16:09:32 GMT
expires
Sat, 20 Jan 2024 16:09:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
adx.adform.net/adx/ 		65 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fadncaraota.com%2F
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://adncaraota.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/ 		65 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fadncaraota.com%2F&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://adncaraota.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		832 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C49613117680613780811477911212%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b87960aa5a6d9939cb6150071ab997f8c40b9f1babc6407137b58f9084a28831

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:32 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
832
x-sticky-vk
1674230972711067-429
Expires
Fri, 20 Jan 2023 16:09:32 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		832 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C49613117680613780811952650280%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7794166bc12ed958f2381df56441d380c91e3228355ffd0a68ecf134d1814369

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:32 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
832
x-sticky-vk
1674230972716077-579
Expires
Fri, 20 Jan 2023 16:09:32 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		815 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C9228498694961311768061378081,,&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2f4b8d0ccc453598a51ce23aa9c20088a8198c820686a54d1b18e94068a4b3bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:32 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
815
x-sticky-vk
1674230972724073-379
Expires
Fri, 20 Jan 2023 16:09:32 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		816 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C11723508924961311768061378081,,&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
81a9d6c6141ccf3cedf315b1d56113eee52017068c53dae46f357cdc4b571777

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:32 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
816
x-sticky-vk
1674230972722097-358
Expires
Fri, 20 Jan 2023 16:09:32 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1003 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fadncaraota.com%2F&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C4961311768061378081907482411%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ecc8fde05f670acbd603d4e5eb4e84110aefc2b2c068c724964c3ef72a106709

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:32 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
618
expires
Fri, 20 Jan 2023 16:09:32 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1004 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fadncaraota.com%2F&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C49613117680613780811427136676%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0a7d2f94018c8bd2bf09011fbcb636ec29b139dd31efcc3e87d6e202fb6baf84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:32 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
619
expires
Fri, 20 Jan 2023 16:09:32 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1003 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fadncaraota.com%2F&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C4961311768061378081386783407%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c0c3e14ffa0963a91bcb39b11292d899230a6ab9e36205d5df32de122989f330

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:32 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
619
expires
Fri, 20 Jan 2023 16:09:32 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		816 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C17806171504961311768061378081,,&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d5ad358b8cc22850af96aa13a72af3eb531113a0a0b65df2c4c560185a4bd967

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:32 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
816
x-sticky-vk
1674230972748066-352
Expires
Fri, 20 Jan 2023 16:09:32 GMT
go1
ia.51.la/ Frame A8E1 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ia.51.la/go1?id=20877041&rt=1674230972889&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=Iapac.to%2520is%2520the%2520best%2520Rolex%2520Rep&ing=1&ekc=&sid=1674230972889&tt=Top%2520Fake%2520Rolex%2520Store%2520-%2520Best%2520Replica%2520Rolex%2520Watches%2520For%2520Sale%2520Online&kw=&cu=https%253A%252F%252Fwww.iapac.to%252F&pu=https%253A%252F%252Fadncaraota.com%252F
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software
CloudWAF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:33 GMT
Server
CloudWAF
Connection
keep-alive
Content-Length
0
bj.jpg
www.iapac.to/wp-content/uploads/2022/10/ Frame A8E1 		206 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iapac.to/wp-content/uploads/2022/10/bj.jpg
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8f330dbb5fad8679ce45cc6c04912712f650a0d41c424f6ea18c22ed489fbeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
77844
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
211154
last-modified
Sat, 08 Oct 2022 07:41:48 GMT
server
cloudflare
etag
"634129bc-338d2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBXuxKbz%2FYs%2BB2alFgcvoAZaRGOa6%2FTXuo1Kl9AeJHNvMwEMwiuBd8DT4WLIaK4%2FEDDb%2FOLl%2F4R6Klh0oQ8CpEUt0Rq1SmpZdVP1gu1Hfj739XBPY7AVgxQp%2BofKFBtihaDBSwcLeEcoYf4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
78c9133cbe779ba7-FRA
expires
Sat, 18 Feb 2023 18:22:56 GMT
45083-1_1-500x500.jpg
www.iapac.to/wp-content/uploads/bestwatchesi/Rolex/Datejust/ Frame A8E1 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iapac.to/wp-content/uploads/bestwatchesi/Rolex/Datejust/45083-1_1-500x500.jpg
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9866bdc234e1d469246d7c24b71f8166317d8c641e330ceb83ee4a7b117a0b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38928
last-modified
Mon, 23 May 2022 15:02:55 GMT
server
cloudflare
etag
"628ba21f-9810"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4NSj3HfwH%2BHx19erhn548x9mi1TBIFlWkKwhTRlWHW4aMR99KXobYxqJ9FQkNU9KLMgecUrikqUyDThavg30v%2FJY%2FopEL5%2Bi6Tt82dzkW8xelsOEqgu63i254KyE6ebxzD8oDLd2qbp%2BhdY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
78c9133cbe7d9ba7-FRA
expires
Sun, 19 Feb 2023 16:00:20 GMT
R-J-228398CDP-2-500x500.jpg
www.iapac.to/wp-content/uploads/2022/07/ Frame A8E1 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iapac.to/wp-content/uploads/2022/07/R-J-228398CDP-2-500x500.jpg
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e594a7be0db0d34f5e02752659ef7f5dc6ed39937033c2a203ec6d336eeeee6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43786
last-modified
Tue, 19 Jul 2022 08:46:10 GMT
server
cloudflare
etag
"62d66f52-ab0a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lRJvNgjY3mcz4yR0bgcpNKHN74cIAa8clrbxCGxK3YM7y6q%2B0caxDlMdaAadypCek1VsGEBZoT7XFxDGdN24BXcI%2B%2FuuZSRftBFhlZk76iyu1YfDlr6zBmutCLohnb7vNWcQ9gXe3TEYk90%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
78c9133cbe7f9ba7-FRA
expires
Sun, 19 Feb 2023 16:00:20 GMT
116243BKMDJ-1-500x500.jpg
www.iapac.to/wp-content/uploads/2021/12/ Frame A8E1 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iapac.to/wp-content/uploads/2021/12/116243BKMDJ-1-500x500.jpg
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bd94554377493c9a9beccce2b78d57cfa423501bf3e48edbff437c375f2db94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40316
last-modified
Mon, 23 May 2022 06:29:50 GMT
server
cloudflare
etag
"628b29de-9d7c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tLYAEk2zR0Jd5To3eb6dgVVLUuEow7Y%2BCQ7uQzOfcKZdDhvJenrAAwsD5YHXSTH%2FIoMndWzwtZH55Y1CoaYk7GGXbvxUNp1Gnr9GepqsdQIdXuYExxeFIfVtpHhWrLles7sdQpGOmjFmNs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
78c9133cbe809ba7-FRA
expires
Sun, 19 Feb 2023 16:00:20 GMT
43267-1_1-500x500.jpg
www.iapac.to/wp-content/uploads/bestwatchesi/Rolex/Datejust/ Frame A8E1 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iapac.to/wp-content/uploads/bestwatchesi/Rolex/Datejust/43267-1_1-500x500.jpg
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2e583b93859f1b81b62c0f5bd87a821284fe6fd75854e2a78d9db5e4bb6b6c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
46020
last-modified
Mon, 23 May 2022 08:22:49 GMT
server
cloudflare
etag
"628b4459-b3c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yk8lqaSTxsoUPGwSpLt3FvyHKQvoIm3MqEYmaXoEE1VUAYFpUNZ%2F3n1A8kAVaVvGAyS7sMpCT%2FpUh5TdPHg965Tv2xF6KQ%2Fz2XpLcHUZ200ZHO0RUK2KWfXroO5w%2B2WuWD1N4MfpFrs5bhY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
78c9133cbe819ba7-FRA
expires
Sun, 19 Feb 2023 16:00:20 GMT
4166989_11-500x500.jpg
www.iapac.to/wp-content/uploads/2020/05/ Frame A8E1 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iapac.to/wp-content/uploads/2020/05/4166989_11-500x500.jpg
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93568939cfa0949a5a2620b60dbd958ee1a3c3b65ded5f6850215f9e2a347160
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25799
last-modified
Mon, 23 May 2022 07:47:12 GMT
server
cloudflare
etag
"628b3c00-64c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CVcKeUiE1QuKCzQdgUlJB2NgNT5GhenrSyEBjsZREwQ%2FwsihBFCCU1yaWZPDmcXe6zEy%2BLA7GF8JjmDj9waXLXycz%2BHUUTlHlm6YBkaKA5egfkqE3cmZB591pYYDESqgpVIVgHxg%2BsAcHUs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
78c9133cbe839ba7-FRA
expires
Sun, 19 Feb 2023 16:00:20 GMT
116505BRSO-2-500x500.jpg
www.iapac.to/wp-content/uploads/2022/03/ Frame A8E1 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iapac.to/wp-content/uploads/2022/03/116505BRSO-2-500x500.jpg
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e22fcfd7d416f13407c9972f8a9a9376daa97d7241b4d45aba87a80616af7ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43237
last-modified
Mon, 23 May 2022 05:46:13 GMT
server
cloudflare
etag
"628b1fa5-a8e5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYJyCYDeZ%2BiOz4noCRXe1cEVcKVsgwpRRp6dXOrZ9LZRAX%2FLqidzJE0nJSC8O1jQE5kMD4NBc%2BCeET4iV4%2BisVhrrHumxOo56EmYNQHjchpoCst0b1qnYEbEu6pp4fdLbOp5A4T6xzTAdQk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
78c9133cbe869ba7-FRA
expires
Sun, 19 Feb 2023 16:00:20 GMT
116234WRO-1-500x500.jpg
www.iapac.to/wp-content/uploads/2021/12/ Frame A8E1 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iapac.to/wp-content/uploads/2021/12/116234WRO-1-500x500.jpg
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e84daad91d25b2406ce20c1eb6d8ddf368b723637e49a6dfb22a9eef5cc607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
77844
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40024
last-modified
Mon, 23 May 2022 06:30:47 GMT
server
cloudflare
etag
"628b2a17-9c58"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K3E7O7cVFX3B8U3%2B0W9%2FWAeNCEEv9VUOnKN5CCDuWoVYsmu0cxtKxMxrHdL%2B8yO7Ay6SpHDc6ZWvJr8mtUN4lJBSB7%2FuouXlhvEE%2BOIB7HZ4FRJZj5fvDYkml%2FALAB1Tp1%2Bc6lQ3AjZTmvc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
78c9133cbe889ba7-FRA
expires
Sat, 18 Feb 2023 18:22:56 GMT
116231BKSJ-2-500x500.jpg
www.iapac.to/wp-content/uploads/2022/07/ Frame A8E1 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iapac.to/wp-content/uploads/2022/07/116231BKSJ-2-500x500.jpg
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
037364280dcc434cb6e38775c90993d9aed3cc258ca17c7201ec8d4b7f3778d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43432
last-modified
Tue, 19 Jul 2022 08:53:30 GMT
server
cloudflare
etag
"62d6710a-a9a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNzGFkAclWoY6nKnwwe1YeA2iDeJ1NhWwKvQk3Ke%2Bp9NoYPR%2F56Jn6aWdVCHTGobVJt5X9QNKmEz772jRduUzT9H2QWIiD9BV7b48mGBTxRf4rCsivBMIT308x7f8bs%2FonwExhwCCJIpuys%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
78c9133cbe8b9ba7-FRA
expires
Sun, 19 Feb 2023 16:00:20 GMT
4170718_12-500x500.jpg
www.iapac.to/wp-content/uploads/2020/04/ Frame A8E1 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iapac.to/wp-content/uploads/2020/04/4170718_12-500x500.jpg
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8027f6c61db6a927250829c5aad340669ad102864bf97eab4ca43d77ae98c88c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
160633
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31730
last-modified
Mon, 23 May 2022 07:53:03 GMT
server
cloudflare
etag
"628b3d5f-7bf2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAD9pf8NMSK5upcwcgupKKm7w7vb0ly1n3glK3r2E7QvawT5wNWVntbxovwSuPiHhKgVyoiqH7PNGAVwv%2BFxAeptuydEnyi4IEHgwmrtwwHozfG7%2FaXO4PfZZE1x9oCO%2F4t%2B3gb4RXqPK98%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
78c9133cbe8e9ba7-FRA
expires
Fri, 17 Feb 2023 19:23:10 GMT
4138632_11-scaled-500x500.jpg
www.iapac.to/wp-content/uploads/2020/05/ Frame A8E1 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iapac.to/wp-content/uploads/2020/05/4138632_11-scaled-500x500.jpg
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7affc06449b06acde5f9a2bd18e402ec0e06056f21544b88316078ff29935ca5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38969
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26058
last-modified
Mon, 23 May 2022 07:40:32 GMT
server
cloudflare
etag
"628b3a70-65ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7D3XEDNNXAQV7cL0J43IHb%2FCs71zERa0ZuxDMuu2Lsi6TQyVzO%2FDij42ZscS4FQvDFsoSwTKHGOteEUDMKVHffQDScA76Ev9XZojiZ2AUAFnSBr2L8xeoyMTG5cBGdbPkGsADJG7qIoRvyo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
78c9133cbe8f9ba7-FRA
expires
Sun, 19 Feb 2023 05:10:51 GMT
4175592_11-scaled-500x500.jpg
www.iapac.to/wp-content/uploads/2020/05/ Frame A8E1 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iapac.to/wp-content/uploads/2020/05/4175592_11-scaled-500x500.jpg
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4671186138a8ef784de3704c6df8f640c2f273e15941a4793c5844db2a606d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
160632
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31981
last-modified
Mon, 23 May 2022 07:35:52 GMT
server
cloudflare
etag
"628b3958-7ced"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yi5pXrROjBHkkiu9NaEmHdi2ekRPGSI8joqoZ5Eo65ipXZdNYL7sO1GegSyYTNnYyJUelOkIlwXJ8q8vRbIyv9ZO5H5URwe%2BfNvOReNuhhxTxAN5HogPCGbzAZmydG%2F9QIq2yxIiyRCago%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
78c9133cbe909ba7-FRA
expires
Fri, 17 Feb 2023 19:23:10 GMT
4025532_11-500x500.jpg
www.iapac.to/wp-content/uploads/2020/05/ Frame A8E1 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iapac.to/wp-content/uploads/2020/05/4025532_11-500x500.jpg
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
370fed0964514aabf7661865ed047a2471c9d73de002971e32e417cfb6f0615f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2494180
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25565
last-modified
Mon, 23 May 2022 07:43:00 GMT
server
cloudflare
etag
"628b3b04-63dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5pBL14hVwMZgXVO952Fv95Q62qj2%2F%2FnUoSO4APg%2FXZfxw1sV66Rt%2FKwBLdFswzFyKrrZlU%2FFudtFcCzoMQpV39gC0tm%2Fb8J22z88orghdN71TR13r7zrmcKcDxPAahBkZ%2BPIxsdlEys1Ok%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
78c9133cbe929ba7-FRA
expires
Sat, 21 Jan 2023 19:11:21 GMT
4117271_11-scaled-500x500.jpg
www.iapac.to/wp-content/uploads/2020/05/ Frame A8E1 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iapac.to/wp-content/uploads/2020/05/4117271_11-scaled-500x500.jpg
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2349ae1475ee53cd1d141e44c5d60aa873b89ad04b6a2d118f08a07436d05e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
160632
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21800
last-modified
Mon, 23 May 2022 07:42:26 GMT
server
cloudflare
etag
"628b3ae2-5528"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQ5mm8b7bVW1vr0oa5HnbKR%2BanvkjMRVdIQKEU%2F7vy5kYIcASkipoqFhXqS%2Bc5%2FRonhZsPERNhGZKvUZ5xrZdENL3tVdLfeX4c4XRV5mr6U8nIUcjzqrjTh1DvaItP7e1W4B8HkuYCkSkVY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
78c9133cbe949ba7-FRA
expires
Fri, 17 Feb 2023 19:23:10 GMT
4156998_11-scaled-500x500.jpg
www.iapac.to/wp-content/uploads/2020/04/ Frame A8E1 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iapac.to/wp-content/uploads/2020/04/4156998_11-scaled-500x500.jpg
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cab7ebcb001d65b37f2340f7f5ecfe5a077c480b63e98806df14f07567d8ddf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2496115
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22243
last-modified
Mon, 23 May 2022 07:57:09 GMT
server
cloudflare
etag
"628b3e55-56e3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MKQxwqO%2BEcg3b2iYXy38tCr8Kmk4W6scs7BagcpZjUcsHequhXM0ZUh8lw51j3HjyXOPDJM6I5FzVWZTgIE3%2BV20jnYe1h9DDG23csLFcRCGj3rIaegpwpyb7sCoMyXrV3rXl6BeXjyrWQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
78c9133cbe969ba7-FRA
expires
Sat, 21 Jan 2023 18:39:06 GMT
4164091_11-scaled-500x500.jpg
www.iapac.to/wp-content/uploads/2020/05/ Frame A8E1 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iapac.to/wp-content/uploads/2020/05/4164091_11-scaled-500x500.jpg
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad5ebf276cf9626fcb9ae0b61bdd9113f80f32a9b95567f1af6785b54f852472
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2494180
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24244
last-modified
Mon, 23 May 2022 07:46:14 GMT
server
cloudflare
etag
"628b3bc6-5eb4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQj6v44kM%2B9UTt3ObojB9NOEQsiOyJeJXtUSUH95g14a%2B%2BdGsM%2F0WI78b%2FcbJmQ61muiLTOSO8%2FPZ0SWHfFSQiI%2FPR%2BL1FcWilZblgf2TAH8hC7IKmNiVwM3oSachz7ruP6RlY5%2BLxazWg4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
78c9133cbe999ba7-FRA
expires
Sat, 21 Jan 2023 19:11:21 GMT
4176681_12-500x500.jpg
www.iapac.to/wp-content/uploads/2020/04/ Frame A8E1 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iapac.to/wp-content/uploads/2020/04/4176681_12-500x500.jpg
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf6004b181d3ba9f88b44da6d5a24af6cf6e21fe0790ebfd4761a0eb42e28f00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:32 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1150943
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30623
last-modified
Mon, 23 May 2022 07:56:18 GMT
server
cloudflare
etag
"628b3e22-779f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCTcx%2BxePmDX4kchSh756sJGKi9h9ozYkinVBugQByPAZduEGXkTooULZrIIrXqR1gqRVLYpILJNFCclUKl7R%2Bh4K0XHw8%2FTkotonVopwSe0UVm%2BaAnbI1Lj46VN%2FMMNUsWjN0bHNDhFOLU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
78c9133cbe9a9ba7-FRA
expires
Mon, 06 Feb 2023 08:18:16 GMT
woodstock.woff
www.iapac.to/wp-content/themes/woodstock/fonts/woodstock/ Frame A8E1 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/themes/woodstock/fonts/woodstock/woodstock.woff?421wez
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/wp-content/themes/woodstock/css/app.css?ver=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99406a3b6c92ac6d32b035c72debb20bf0fa0f39cd41d0447eebca703780fadf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.iapac.to/wp-content/themes/woodstock/css/app.css?ver=1.0
Origin
https://www.iapac.to
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
last-modified
Thu, 20 Oct 2016 06:23:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"580862ef-2a1c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzQ0D%2FnD93v7BHj8%2Fg4YrHls3jn%2FVmR77KRgFxcCFonrS61LWTCITKr86Kxl0q9s2K14t3E3htn5mFb4jkeXTAn6cGxWnnQQZwtwuZ9LwOUuROzoUCepSfgxoEAD5hTM8B7ynlEf8hZsPBU%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
accept-ranges
bytes
cf-ray
78c9133ccea29ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10780
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ Frame A8E1 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A100%2C300%2C400%2C700%2C900%2C100italic%2C300italic%2C400italic%2C700italic%2C900italic%7CPlayfair+Display%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic&subset=latin%2Clatin-ext&ver=1595318494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.iapac.to
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 16:59:15 GMT
x-content-type-options
nosniff
age
169817
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35764
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:06:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Jan 2024 16:59:15 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame A8E1 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A100%2C300%2C400%2C700%2C900%2C100italic%2C300italic%2C400italic%2C700italic%2C900italic%7CPlayfair+Display%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic&subset=latin%2Clatin-ext&ver=1595318494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.iapac.to
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 17:08:09 GMT
x-content-type-options
nosniff
age
255683
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 17:08:09 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame A8E1 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A100%2C300%2C400%2C700%2C900%2C100italic%2C300italic%2C400italic%2C700italic%2C900italic%7CPlayfair+Display%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic&subset=latin%2Clatin-ext&ver=1595318494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.iapac.to
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:59:57 GMT
x-content-type-options
nosniff
age
22175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Jan 2024 09:59:57 GMT
star.woff
www.iapac.to/wp-content/plugins/woocommerce/assets/fonts/ Frame A8E1 		1 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/plugins/woocommerce/assets/fonts/star.woff
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d87af7a2528beb59a990e0414df87b4e4115f77f3a4a750f6616ff189b70345a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.iapac.to/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.5.1
Origin
https://www.iapac.to
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
last-modified
Mon, 16 May 2022 11:18:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6282331e-518"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mj4SFqG3QE2%2ByGM1ABSevsLl5Dlo47GMgkvrDJ5nP0quw7IMl3kMsZ6Mgo5uh2Hpgmnms6C26H6oeNduE%2ByDPSzQawmxlZGIB9wZzIH8H7El%2BKd6%2FK5YY6AJ4RA3mSSKMSCyEICk78pFIT8%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
78c9133ccea59ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1304
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame A8E1 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A100%2C300%2C400%2C700%2C900%2C100italic%2C300italic%2C400italic%2C700italic%2C900italic%7CPlayfair+Display%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic&subset=latin%2Clatin-ext&ver=1595318494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.iapac.to
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 07:06:17 GMT
x-content-type-options
nosniff
age
550995
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23236
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jan 2024 07:06:17 GMT
fontawesome-webfont.woff2
www.iapac.to/wp-content/themes/woodstock/fonts/fontawesome/ Frame A8E1 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/wp-content/themes/woodstock/fonts/fontawesome/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/wp-content/themes/woodstock/css/app.css?ver=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.iapac.to/wp-content/themes/woodstock/css/app.css?ver=1.0
Origin
https://www.iapac.to
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
last-modified
Mon, 02 Oct 2017 03:49:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"59d1b753-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JLvp4ttHnkoINbWcRvw9pEjTNaOJSWCQZZ1tiS583bXURvZKpkmctGIG2dAqFg%2FLkbuSJj6Yf75QEJE90JNNUb%2BHsKIJdwP52%2BdeMTDjI2Y0yZ%2BEVVBqpVwS4Jb75bujrdT%2Bs89Mx2%2FOgI%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
accept-ranges
bytes
cf-ray
78c9133cceb29ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v23/ Frame A8E1 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI9w2_Gwft.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A100%2C300%2C400%2C700%2C900%2C100italic%2C300italic%2C400italic%2C700italic%2C900italic%7CPlayfair+Display%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic&subset=latin%2Clatin-ext&ver=1595318494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.iapac.to
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 13:38:33 GMT
x-content-type-options
nosniff
age
527459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17728
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:10:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jan 2024 13:38:33 GMT
nuFkD-vYSZviVYUb_rj3ij__anPXDTnogkk7.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ Frame A8E1 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v30/nuFkD-vYSZviVYUb_rj3ij__anPXDTnogkk7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A100%2C300%2C400%2C700%2C900%2C100italic%2C300italic%2C400italic%2C700italic%2C900italic%7CPlayfair+Display%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic&subset=latin%2Clatin-ext&ver=1595318494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b574669ac419e9857b34bd603555cc632152f8122f6b154d049e13cc0a167b35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.iapac.to
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 18:05:21 GMT
x-content-type-options
nosniff
age
338651
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36104
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:13:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Jan 2024 18:05:21 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:33 GMT
server
nginx
t
t.lkqd.net/ Frame 762F 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:33 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 6C1B 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop162.fr8.t,1674230973.cds342.fr8.shn,1674230973.dop162.fr8.t,1674230973.cds006.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ Frame 0DB5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023011101&jk=2714852773784309&bg=!d3SldDDNAAYDMoyoIzI7ACkAdvg8WkaFy2U0qHYeadm_6e_cwBKisq9OVZfLqXamsgpLlZ4EqWnSzwIAAABdUgAAAAJoAQcKAGMj4nfzNBDut1IfLS4zu4Q1jINhG7d01V17or2K6J9au9KRIzWRWmOFp8KTnfTVrzkJsKeQtfKxBSzSH8rfRYwzlAwR5RS0b8cqjBRkMk0aLjZKRtN7cJ0jw4BcPTAiJFZ7lUKZArR7eAkJLWf8e55kcrim-c6sloHC11Q-TNo2TtTb07rJSVBYrj0QcxhK4myoUD4ML2QdejnJRtND5ui2GmymVnbS_S4wRMU-zCM28xEIvDZgrgHAuj5zShJ2i2Yy8vzId6u0Ej6w-StiY2-VZtXaV0oGh5U-5nWsUWgsmF6xzEAG-PlbZSqkR7V8dNMOADpMmi7Za6hpY6tjpYCXGP_8xt7g8MIwXNsl6EcdYsdcO8CFM46ZZMOngQUe8jv533dOIoCl3udpgTbIavgHMcm7nOh_p0Q3-S_o0C4J9eH6L9s0n93LA6-ceijitUUoUzt0f3AaAFEfZunTgJpdqg_BYB7EuMHU-uOG6Upzxh2AKGW2RamUIDdbs3YZ2LShU_ut-zob6WNdiNly863zsY-KJ16_3GCpEXXtUPRI2oOvL18hBKNPAQ_cknjCpLlFmEDs2XheqWgfIiMLWbtT8ncZRh-oB6W-kb0qWLIn1vjNe-ZbTi4iso4Kxs85agH5zuvB06IoZDrDqe_RPpqaCNDqJ_sQmcRYInLjzrEVYtAEIcGsf6D_rbCdVhNvZ2iKS2zDiC7XpQrpmaxcWvtofOiTg9iw-Z5kvSVqItQqktY_6wUv7r28hMxXgpd09vGA6jkQS_w45n1qWxeCSK-0Hm1tqttvcctESilbOCMTaOjS1tapfznWPURsYrOkKRT9lKPFCnoki0FYPvudYNFj8obSA3ncutM8L1jeDdr7J4FqjGsNZX7RTxoiXoGnNaEkHniQnBX6EUsEeJAph-4gFn7rXzPY0aa6ewe73NhnT8uhY1oJyAO35zL3idGFohD0xnRiN8FP-zcGXJECseEgcsz9DoGSFaOHE_Tv5crjEjprZdxL1EjWHIdRjEX7GqoVUcXkjpz04twuwMhQr0C5hSKsUSIJJrupqw
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
analytics.js
www.google-analytics.com/ Frame A8E1 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-253996200-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Jan 2023 14:21:47 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6466
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20085
expires
Fri, 20 Jan 2023 16:21:47 GMT
t
t.lkqd.net/ Frame 762F 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:33 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:33 GMT
server
nginx
container.html
5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 42F4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adncaraota.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 16:09:32 GMT
expires
Sat, 20 Jan 2024 16:09:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 63D3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adncaraota.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 16:09:32 GMT
expires
Sat, 20 Jan 2024 16:09:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7C98 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adncaraota.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 16:09:32 GMT
expires
Sat, 20 Jan 2024 16:09:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 44D8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adncaraota.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 16:09:32 GMT
expires
Sat, 20 Jan 2024 16:09:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
t.php
c.statcounter.com/ Frame A8E1 		192 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12780676&u1=7CDC784063E44F0C894964CEA7596E8B&java=1&security=8fa0266d&sc_snum=1&sess=a8f3c4&p=0&rcat=r&rdom=adncaraota.com&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=https%3A//adncaraota.com/&u=https%3A//www.iapac.to/&t=Top%20Fake%20Rolex%20Store%20-%20Best%20Replica%20Rolex%20Watches%20For%20Sale%20Online&invisible=1&sc_rum_e_s=3082&sc_rum_e_e=3091&sc_rum_f_s=0&sc_rum_f_e=2653&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.iapac.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.iapac.to
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
78c9133fdf1c9bd7-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
invisible.js
www.iapac.to/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 84C1 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1674230400
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0c7af74a0475c6e4271473be45f0e149f1abf3eef5262aaa4ac9c3e965d5406

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkgEBxYg%2FxedhpBGiS2l0sLtMkAZODDjnOnYmCcwv2rIy5k%2BBH%2B5wuR3fsobn0ro6DIp%2BcV0kZ1N8TTq4FWEN%2FRJu07d4haao8g1Xrx4FKhdhXiSeOjBmCm0AZbfToN34WPl305yZhkReRU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
78c9133fdd569ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 6C1B 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1674230973424
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:33 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop237.fr8.t,1674230973.cds244.fr8.shn,1674230973.cds244.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=74c6ef1e895703ea1ef0512e43736&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buse...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=v2e78_7190767274985939360&gdpr=0&gdpr_consent=null
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEJc8gPHeesmGNrMgZStcyoE&google_cver=1&gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:33 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230973913035-386
Expires
Fri, 20 Jan 2023 16:09:33 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 6C1B 		301 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fadncaraota.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:33 GMT
Server
nginx
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1674230973416073-347
Expires
Fri, 20 Jan 2023 16:09:33 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 6C1B 		67 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C56318%2C1%2C49613117680613780811477911212%2C%2C&_fw_gdpr_consent=&vav=4bf53f8abad5e864e8c6c54c099ef2bc&vaviv=552e2c0541ce039aeb7085c05432f7dd&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fadncaraota.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:33 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1674230973441049-338
Expires
Fri, 20 Jan 2023 16:09:33 GMT
/
www.iapac.to/ Frame A8E1 		745 B
891 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/?wc-ajax=get_refreshed_fragments
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3154b9c7dc15cdd4c6b2554df282ff2d14c57760d5fc77b67b6adcd310619bbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://www.iapac.to/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lw%2FTMP2Q9ltHL6XulgjJyi7iN3cjGExKfvlRctGlhussR%2FphxLYXkVy%2Fgw2csZBVibmLCSOQHz6AZ9EVLr9Uu4lH2H2Lf9Pmi4Ohhr0jfFbFc%2FkqlnMBl3TgwVZ%2BphwqM91Y0gEVsluGFdU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.iapac.to
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
cf-ray
78c913405e2c9ba7-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 42F4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CRfFIvLzKY4u5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEggJP0FtyO975n_5PTAzovyWATwGr0DN87sGuGxn18ZmS-pZpI3GcvsZNKhEGv2XsOTeK5kqXxHrLQ0ml5zu5X8y7sg2Fqp4hYHVMMVuyiKCffnDCA-FaSM5L1LqfI-FovHsQ4TAk9wJawjaEdsp38oRbXKrEsfu7SEYGjdE8A5uh5AkqzajJcZkyjs5PgRGpiFovn91IMGTWHSzt_HMa45wOZ3rTYMJ1OtoxhJ05YC8RLv7cljQb3KKAb5GRkqs7j5tGMzVm2Jyckqj8D5yJumi3i0jhHr_CfH8JJZKj3Xdz4TjBMZIBbGXGrRh5-p_AzAiYKHXq3a8if0g--REXeC_IGkXgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODMzOTQ2OTkzMTYyNDEyOBidsxE&sigh=YNJMxD7XDKY&uach_m=[UACH]&cid=CAQSOwDq26N9neWhdjXXNFDv9gKuk7_5J_wTH3-2Bkn7J_U5uL3kdx5n0MrrDZ6dcNEIWcz7DFZfBJmGCgKJGAEgEw
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 42F4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1ky5wetvdcr9fmx187k8t3zqhw7dfhepmncqt3n5ya4py5mkk9skn7nj3cddqxtzj71x94j6k3wdc5j0y09665sxwgmz1bj4fabtka645tfrhyxdwptv8gb3ama2xd4wz1m94eqjr29msn4vfmwxtewhtv9q9mqw2pgsrcmn3s1k2kvhcw1x10z6hyregw1qr85rhda1jjm205t92zb4p5q8t8qmq6zzg0djz3c714gx5g254xhpp4e4mbjk4sd28h42rcqzbemyhwszzh6q823w7bgqers87b9vsvpn80aprc55mbebxct3p07b7ztdafe6fbjrabsqbnrjgnxbs5fmn0tp5t818efx6cgsqxyb417k9ewa0d3vq29shdcmkbv9f31z40&b=Y8q8vAAMHIsCJ5yZAANQKifJOpGc91fZKYfReg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 20 Jan 2023 16:09:33 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame A638 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1h3xhtpnqy1qnws37t30g25cngef5pg6nswjf1p1fwhtem3rf7n6kp0eg2cq0er6aejj3sjq8xs2xpp0e478akm3a6dkem1y22thmxgfqsft0r3j574x2ns73qcndate3rpaahsh65w6e5afrfsz9p0x7gx4ansezdhvwbb08r6h5ndrm1bdxc5fs429bf09jqr306va8ceb0brnprpfy07j5eys9z38qz4gr3yydkhccphkj34p29mhj9zr6medv1h8ej9yw1b80132cdj43zjwbfedjx7pf611wynrej1k0n2txm277b4swfqdny6vr3fp5m6zxqx69g3fkvy8f0za17s6tk20n8hk46brfr9jh5hb6c6fvbrr3vf9w111a9kjwajcf62cks7ef915p5rfpkpc0qsmx5vrn4q6arp4s8xbnnjpt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmAaWvLzKY4u5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEhQJP0FtyO975n_5PTAzovyWATwGr0DN87sGuGxn18ZmS-pZpI3GcvsZNKhEGv2XsOTeK5kqXxHrLQ0ml5zu5X8y7sg2Fqp4hYHVMMVuyiKCffnDCA-FaSM5L1LqfI-FovHsQ4TAk9wJawjaEdsp38oRbXKrEsfu7SEYGjdE8A5uh5AkqzajJcZkyjs5PgRGpiFovn91IMGTWHSzt_HMa45wOZ3rTYMJ1OtoxhJ05YC8RLv7cljQb3KKAb5GRkqs7j5tGMzVm2Jyckqj8D5yJumi3i0jhHr_CfH8JJZKjn3VSc-84ttLJ6y1Qd1HrCKbUxqWSBm03XW1r7bCq5z0PrfNXWo3EHtfgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1yrPEMCc-JA7UfiUFrOu4Az74ySA%26client%3Dca-pub-8339469931624128%26adurl%3D
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
decefdd980f72ab98d766495bc5a710370622b806e1435c8abf42e788766747b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
78c913411f879a0b-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 16:09:33 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 42F4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 14:51:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
4656
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Feb 2023 14:51:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AE79 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
10485
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 13:14:48 GMT
etag
48472445140208031
expires
Sat, 21 Jan 2023 13:14:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 42F4 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 16:49:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
83991
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 16:49:42 GMT
l
www.google.com/ads/measurement/ Frame 42F4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQoTqT5FW2HN-vdVvwJk0ufk7nPoL8tqj3-2C4x5hQo6FC9gekVY4Zvhog29cvInsLZgO8WpTY3k292Jh_zyq-fcBJVoA
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 42F4 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 14:51:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
4655
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 Jan 2024 14:51:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 42F4 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 16:09:33 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 63D3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CC0WTvLzKY4y5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoE_gFP0CKzjOL1xDWi-2XSRsyi_qG8I-TCZiwbJxlIHM7m-CrMS5NuISwOgZ4nfOEdJZEtQCK9_z4V-wIdIlyNJFgxSlv5Q9nAwbUx4SRCtBMC_fIW0DmgPeVzSr5tqkjASzm6STjucheKy8F6sNYT64klWVunCQkqXWVAxw0-OlYev5zsHXz4GWywHEpfix4zUEkDu08mV9KPIgshYpS-lZGxF3cr9qyLaf7ZkI7Jkfi7npGXcdlXQX7D9EuBXt4ddb7CpIKJ6R4WPucG0hTH0OrgwSSx1SomwVuh9VyCL_uYblJJc0ehLpj9s8qlRaxAeG35rstq7VtqtCLf6EWjE-AEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODMzOTQ2OTkzMTYyNDEyOBidsxE&sigh=FFml-On4tLY&uach_m=[UACH]&cid=CAQSOwDq26N9neWhdjXXNFDv9gKuk7_5J_wTH3-2Bkn7J_U5uL3kdx5n0MrrDZ6dcNEIWcz7DFZfBJmGCgKJGAEgEw
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 63D3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jcwvt7me2qhb797v3a1jbzcj63scw18vgpqkjwzxew9e452g6fmc0ntjac2t2h7e9xe772zv20ngbhf78a8vn70wrqm4a1zj3ew9btyngbf9rf94y32r6p4g4stwt3rt6nv0d0hmvj35t4fd2vgprk753ff561h52pz2v0ed9ynz3ka4f4sdd1j465gjtmdp63beac6spsh1qmg13c3vgvnxkn07qmhsqs1jrkbejbcmjk4kn75nhtyv9wffyhazxjkc9pfntrqp0277xq3w0zkw8mj9q4f0v4f410m4amr4xjgh5qvbq7a8tf6a4hxq82p3ntxrq5gqnj5zy7sp6tg3wsrd31jpkm8cyb49y50txcvqqjnzh2cp2d58wna76fexnfmbse6d0g&b=Y8q8vAAMHIwCJ5yZAANQKtGtRFBGhGNRUsGqhA
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 20 Jan 2023 16:09:33 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 1A0B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1g0mj50s9vfr6dk1dky1nv61bjmywwgb6gd2ypwjqn462x5apwr96yc1c0t7bs7bk2cst81zs1afgj5mncf397n83zymfn1svhebyrxr79br5rc53b38b70wkayfrn41yx78zmh1qhmecwtxw3armc01f53tmr2fb59qgfzparv979ccvkq1wx6vxm6q9y8hj1kgt04bx0tem56d8w81wazt7arb1ggzhkgt3fekd8m0aasn81k6gatgtjm7ccdnahgt5wpjcs5k6g5ta2yr8bdr1xpf0e0nbempkgz6rnsx1t9demh70e4734xy2sxy2q4nzj3a34bw0rmv6mkx50advbkhp9e2vxzw341fbtybc1de7c22eatc4m6k1ksgpnksb5d456c24gh1gv3mf9wy4v7tq9q6gbp1x3dqvbb03wyed654wdnsbaa7c02nqcqms6kk&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5pDmvLzKY4y5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEgQJP0CKzjOL1xDWi-2XSRsyi_qG8I-TCZiwbJxlIHM7m-CrMS5NuISwOgZ4nfOEdJZEtQCK9_z4V-wIdIlyNJFgxSlv5Q9nAwbUx4SRCtBMC_fIW0DmgPeVzSr5tqkjASzm6STjucheKy8F6sNYT64klWVunCQkqXWVAxw0-OlYev5zsHXz4GWywHEpfix4zUEkDu08mV9KPIgshYpS-lZGxF3cr9qyLaf7ZkI7Jkfi7npGXcdlXQX7D9EuBXt4ddb7CpIKJ6R4WPucG0hTH0OrgwSSx1SomwVvj930Q-AIfLprOO9F7ZwoPit6v6KZuYLB5bIL4Fc90mDoKNNrj2wWgMOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3DZq9wNZ8IyDqSVMyRZmEa9_tRoQ%26client%3Dca-pub-8339469931624128%26adurl%3D
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8f1135ea80282d2e0bd6dee5179a0603a6c71e9bbb972f84bea266c91c4b733
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
78c913411f8a9a0b-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 16:09:33 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 63D3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 14:51:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
4656
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Feb 2023 14:51:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 91C3 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
10485
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 13:14:48 GMT
etag
48472445140208031
expires
Sat, 21 Jan 2023 13:14:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 63D3 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 16:49:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
83991
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 16:49:42 GMT
l
www.google.com/ads/measurement/ Frame 63D3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQg58J-cZ2o5JwQjktfygZ8fzVs0_9Z2MX-b23SJQQjI1Bi8eg0MgIycL1OGLvgXxb_cAVzvtVp07BcUCsuj5MiBmjJTA
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 63D3 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 14:51:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
4655
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 Jan 2024 14:51:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 63D3 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 16:09:33 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7C98 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CLO8NvLzKY425MJm5nsEPqqCNuAnPh46bXMCG2YLGAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJ4AIAqAMBqgSAAk_QhgKGmm7NI2VZw9_OCXzHxTPDz2k95QvCpN2OmP810Jdknuxg3ZTeVZ0WOEPVQdo4hSg1S2lkuV2pWofyxF8sKpLOQvKvSEFafiSktuqNPcMcqTYgDsMll5YJX6nv3RmzF5Sm-48RRMzspNXPynxmWnUKrcunUWm3kYBQK5Ut885suNnqWMZqP4v1OrG3itqaX3kt1Z5FXrS0rY-eXqrIwjDxaNKqIgADx7y_wXl7ZkDJ2z3LpYthKaaQtqGNTW9XJvZU-yji1a62n1gcle7dBhTsdx-SlVK8ycDMIoQN58IwNAdn9eUNeQhZzYdymCMkrAXUgASmuRx6q6pO0M_gBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTgzMzk0Njk5MzE2MjQxMjgYnbMR&sigh=CBe7ixQVGGY&uach_m=[UACH]&cid=CAQSOwDq26N9neWhdjXXNFDv9gKuk7_5J_wTH3-2Bkn7J_U5uL3kdx5n0MrrDZ6dcNEIWcz7DFZfBJmGCgKJGAEgEw&tpd=AGWhJmtfJiuR0wOzySCsYAN80hWWAPtT-Gp6GryjTQkgOxKp0_nDHAzMnIHUa8gIEDcs6wnMVOCwPyZfo_VKwXUBjEqSAPbOF0wwSpgcobspUOLSGIZPMiA_sXP7cINT85GEkb2dpvgkSxQcTpcdeY6_gJ3Qpx4oqsPOKLQjdVFw9Us6154haMjEkJyvy1U2tRqS6d8SOn6NKfAKYiqQakQlDRJW7AZ1AqyfLX9Gk5x-GG_QMBb99A6QVYF7Unn0CAEfgOtE1cYXaYhhEBGgEmboHI9zan0vKoz8oqp18iCxR8SojgI1ji2E7Asg8mfFy9tsSbGq4Uvl2qjyw6edeIOvcQFIBAfhuXJ91Ovt4y6uV8sFaHlXzDVdClRvrvRcglxPnvoMvrn6SC0blOHOxZOFeTH4cWL9WMkE5DW40AmG67z-j8_dbWtJuwjn4cshDMoKlLoXO5DKPfXUegWApyNripQQ590UI55VgjXI10s0hfiZeIs6ce3oM1Eyn9VoxRv7HeaIaIt4eqUW9fwzHUpSy8mauRf2wXu-Y4fQ25OKs149K7YgLC7Kw5IkNZGL_lXfVIUruB7TVn4jsxzIqxOU06JLDY498aZa9uxE1wAaYsxrRuO6AiFg3BOe6CiaxAKhT4Ou1rOnfAqPX86oZOZbOKrzEAdeXYS7X7zZGEFhjxypgk3CYKIWElUeZ7EA76qa6Y2tbJcbikAZHpzN20kDpBHBgFK2WtKOF0x-JTbfG0qmJbDs3cxpMdCtEL-c0irNMYGdkqpKj4NHp4Hk8IOygt6lhdyflgXficOruYqWVjCUChy4AKTjvErgdY3i9inaMdtKZLUqPwNQNLnkK86PdXfKv0z4hr2fAI88jE04_KuMOIyF_NLgrwmaV868asVRVlYZ93DMb4WzGyTaeO_j4MNtbPxR9jTepRlW40XrtWSkEtOUANIlt4UOeQWPXnkJFlzzTDYdpbRLdK5KsQAuGtyr2iUIFZdrx4YmoYRDhzKS6AcRmbKChiB3S0NW9YBGkXFVsVs-afiZa1wrP9SrZLMV-LaRCjeXmXGpaL9m2DV3PgjA0IuuHGRc2IDQ8ShvbPAdk__SPWhXU18fRGPaJzRb3lmF14YiCJXXRclK_h0
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
js
tags.mathtag.com/notify/ Frame 7C98 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RoaE56TTVOV1V0WVRsak15MHdOVFpsTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYxNjI5MTM3MTE5MDY4MjQ2OC82NjIyMzM1LzQ1NjIzMDYvNC9LeGYzaGh1TzBpWGE0aUg2aHlXejdONUJuYWNNWDlqY0RFMTZvamVIZS13LzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYxNjI5MTM3MTE5MDY4MjQ2OC9hbXMvMC8zNDUvNzEvOTk5LzMyMi8yYTAxOjRhMDoyYjo6LzAuMDAwLzE2NzQyMzA5NzIvMTY3NDI0MzU3Mi80L3B1Yi04MzM5NDY5OTMxNjI0MTI4Lw/CwzwKip7y2uE-IhhoJsNFPFomrM&nodeid=4012&group=cdg&auctionid=616291371190682468&pbs_auctionid=616291371190682468&shardkey=616291371190682468&sid=4562306&cid=6622335&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.181&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPq6gvLzKY425MJm5nsEPqqCNuAnPh46bXMCG2YLGAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJ4AIAqAMBqgSDAk_QhgKGmm7NI2VZw9_OCXzHxTPDz2k95QvCpN2OmP810Jdknuxg3ZTeVZ0WOEPVQdo4hSg1S2lkuV2pWofyxF8sKpLOQvKvSEFafiSktuqNPcMcqTYgDsMll5YJX6nv3RmzF5Sm-48RRMzspNXPynxmWnUKrcunUWm3kYBQK5Ut885suNnqWMZqP4v1OrG3itqaX3kt1Z5FXrS0rY-eXqrIwjDxaNKqIgADx7y_wXl7ZkDJ2z3LpYthKaaQtqGNTW9XJvZU-yji1a62n1gcle7dBhTsdx-SlVK8i8LtsCixQ8W9kE_MLaWiiRVNxzt4tjvFEcWUL_4HpzBiBTPy10INeYfgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_38vBgchlpw52Tay6jiOjpCsbBGiQ%26client%3Dca-pub-8339469931624128%26adurl%3D
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.377.0 /
Resource Hash
5dfc4db7222f86795ac40122b8191821cee6b746751ebc9ecd80fab9aae08ff3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:33 GMT
x-mm-nodeid
4012
x-mm-handled-by-owner
true
x-mm-bid-request-time
1674230972
Last-Modified
Fri, 20 Jan 2023 16:09:32 GMT
Server
MMBD/3.377.0
Content-Encoding
gzip
x-mm-latency
3 (1)
Content-Type
application/x-javascript; charset=UTF-8
x-mm-dbg
NotCount
Cache-Control
no-cache
x-mm-host
cdg-router-x40, cdg-bidder-x151
Connection
close
x-mm-lag
1
Expires
Fri, 20 Jan 2023 16:09:32 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 7C98 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 14:51:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
4656
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Feb 2023 14:51:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 7C98 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 16:49:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
83991
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 16:49:42 GMT
l
www.google.com/ads/measurement/ Frame 7C98 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRSBYd0yMf60U48NR4KQ6ZHEsmZNt2iU9qBkAA92Ej1sJOqgynwPar9nnbpOP5DyFz28huG18pG0loHnllYIrgUK8Kd7w
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7C98 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 14:51:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
4655
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 Jan 2024 14:51:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7C98 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 16:09:33 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 44D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CSCCMvLzKY465MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoE-QFP0BVQ00imEV9BG-DrtJyhQ_fgudY4BBugd3UDhnouc_srXuKiVyeQanmmspQFQNJhfV8QNqRO5JvV4DnkpRKQBpyTilAhyfrwxVhkXGCv7KXVYnEfWMt211dSguL6rlAd2Lhw574z-v6PhYeiP7a41syAPUhMpN9fIsJ2AlR6gKVKfnUMpuc0noGTQ_HhlAldqa050oovxui-JsFCxZjmbTsC-zaxvNsdqDOtPHxBYIR6t5G2mLp4mrt3vZJf-n0TaTTLUcbkVN7b06zpG_9E_Ftd8c2hohtfiXEZBv9SOysiXPNDKO6ZAhluB62aKt-O184x2p7wjYXgBAGABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODMzOTQ2OTkzMTYyNDEyOBidsxE&sigh=0faMfrZbRSM&uach_m=[UACH]&cid=CAQSOwDq26N9neWhdjXXNFDv9gKuk7_5J_wTH3-2Bkn7J_U5uL3kdx5n0MrrDZ6dcNEIWcz7DFZfBJmGCgKJGAEgEw
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 44D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kmfbyyajntdd61df461qx0g4x6n65r3n92xz33yrx856a89xww61s7h7bttta1xgb0f28vf9heky89fh8yfct797qa7wra4gkggnnxzym5rmg41z4c2kdjyq8c91kb232bzkzm6vvg1sehtmvvkh7k89h1cr6j7680ffrbpvj66hp5dm5z0zvas9dr8z8g8seh33yen6jb7fqdy1aw2ar8y1n6bt6ma0t6vr4q8r66v68gzkqs17t9w4vd9pzyxh6jzd2qmqrgzed0caydp8vbafaakfwqrdcaqz3xt7w5a5ewacxt0z8ceaz78498h3bbsvyy1ajh20t3kf4z23yj40xaz13t8yn2qbxw8t1eja69d7y6gh4b2a76b1fazy2ga3163pm&b=Y8q8vAAMHI4CJ5yZAANQKnpRYzFNVLk42XlQhA
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 20 Jan 2023 16:09:33 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame E688 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jv0tc1d7h0sk421bj98s5b55vqb8jsxj31gteq1x2ckfqccnggcs9ad9h3kh5nmebdn0h7jg5w5zavp1gxq72fyjewkjwgv5jnnafxw1rwhntd4ex2mgj0ycxqz7j5gh7qvkj17tzkrds20j7b3ayz6ynwv4jjnnayyphvskgxgcf63hvf6ewx0e3y4wpv62ac4pfh8f8m36qc5t38pj0y7s5040ksjp85j7z6mp69c4gth921ywhjj0aa64evccsgvzr4brg9fgvbkcegm0xm37bykcqyqy9baww43dwsd8d285tkrz8jn77vz99fqwjy182gc7bn0b9g4k76r4jpv78rbkteg9k77vq969g3d3zyvnkd9q51264byvdbf93bprbx6d87kt4m62z51kf5ewekpse5s4gktt2grfcq6nt2y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBCV_vLzKY465MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoE_AFP0BVQ00imEV9BG-DrtJyhQ_fgudY4BBugd3UDhnouc_srXuKiVyeQanmmspQFQNJhfV8QNqRO5JvV4DnkpRKQBpyTilAhyfrwxVhkXGCv7KXVYnEfWMt211dSguL6rlAd2Lhw574z-v6PhYeiP7a41syAPUhMpN9fIsJ2AlR6gKVKfnUMpuc0noGTQ_HhlAldqa050oovxui-JsFCxZjmbTsC-zaxvNsdqDOtPHxBYIR6t5G2mLp4mrt3vZJf-n0TaTTLUcbkVN7b06zpG_9E_Ftds8-AMMymDjHRgbfE4WKwrspXIkOTLAGzh2_TuCcayeIpD0JvzU0BdC_gBAGABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1WI6wq1uCVTXZJ2ufR1pCBf4xThg%26client%3Dca-pub-8339469931624128%26adurl%3D
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee07ec1e84701538e771c0b836a4ebd946a2a6a491d55f6a13996818f9869c6f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
78c913411f8c9a0b-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 16:09:33 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 44D8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 14:51:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
4656
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Feb 2023 14:51:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 101A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
10485
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 13:14:48 GMT
etag
48472445140208031
expires
Sat, 21 Jan 2023 13:14:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 44D8 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 16:49:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
83991
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 16:49:42 GMT
l
www.google.com/ads/measurement/ Frame 44D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ20hQmPUo2F8NQF2PZm4xOe3H70cs8FdEi8kYYMDf2X6lSe66LW00Qo1JugDMAfIRRbCvaCzdjQmKqgq7_jkE6Lp3qdg
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 44D8 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 14:51:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
4655
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 Jan 2024 14:51:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 44D8 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 16:09:33 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:33 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230973573065-336
Expires
Fri, 20 Jan 2023 16:09:33 GMT
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HVTVR80KEQF04W3B1FCW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:33 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230973643010-347
Expires
Fri, 20 Jan 2023 16:09:33 GMT
/
www.facebook.com/tr/ Frame 832B 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=234568464078651&ev=Microdata&dl=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D2%26siteid%3D825&rl=https%3A%2F%2Flp.cleverwebserver.com%2F&if=true&ts=1674230973644&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.94&r=stable&a=tmgoogletagmanager&ec=2&o=30&it=1674230971882&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.betano.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 20 Jan 2023 16:09:33 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
truncated
/ Frame 5E3A 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 77DB 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop162.fr8.t,1674230973.cds342.fr8.shn,1674230973.dop162.fr8.t,1674230973.cds006.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame A638 		90 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h3xhtpnqy1qnws37t30g25cngef5pg6nswjf1p1fwhtem3rf7n6kp0eg2cq0er6aejj3sjq8xs2xpp0e478akm3a6dkem1y22thmxgfqsft0r3j574x2ns73qcndate3rpaahsh65w6e5afrfsz9p0x7gx4ansezdhvwbb08r6h5ndrm1bdxc5fs429bf09jqr306va8ceb0brnprpfy07j5eys9z38qz4gr3yydkhccphkj34p29mhj9zr6medv1h8ej9yw1b80132cdj43zjwbfedjx7pf611wynrej1k0n2txm277b4swfqdny6vr3fp5m6zxqx69g3fkvy8f0za17s6tk20n8hk46brfr9jh5hb6c6fvbrr3vf9w111a9kjwajcf62cks7ef915p5rfpkpc0qsmx5vrn4q6arp4s8xbnnjpt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmAaWvLzKY4u5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEhQJP0FtyO975n_5PTAzovyWATwGr0DN87sGuGxn18ZmS-pZpI3GcvsZNKhEGv2XsOTeK5kqXxHrLQ0ml5zu5X8y7sg2Fqp4hYHVMMVuyiKCffnDCA-FaSM5L1LqfI-FovHsQ4TAk9wJawjaEdsp38oRbXKrEsfu7SEYGjdE8A5uh5AkqzajJcZkyjs5PgRGpiFovn91IMGTWHSzt_HMa45wOZ3rTYMJ1OtoxhJ05YC8RLv7cljQb3KKAb5GRkqs7j5tGMzVm2Jyckqj8D5yJumi3i0jhHr_CfH8JJZKjn3VSc-84ttLJ6y1Qd1HrCKbUxqWSBm03XW1r7bCq5z0PrfNXWo3EHtfgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1yrPEMCc-JA7UfiUFrOu4Az74ySA%26client%3Dca-pub-8339469931624128%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1h3xhtpnqy1qnws37t30g25cngef5pg6nswjf1p1fwhtem3rf7n6kp0eg2cq0er6aejj3sjq8xs2xpp0e478akm3a6dkem1y22thmxgfqsft0r3j574x2ns73qcndate3rpaahsh65w6e5afrfsz9p0x7gx4ansezdhvwbb08r6h5ndrm1bdxc5fs429bf09jqr306va8ceb0brnprpfy07j5eys9z38qz4gr3yydkhccphkj34p29mhj9zr6medv1h8ej9yw1b80132cdj43zjwbfedjx7pf611wynrej1k0n2txm277b4swfqdny6vr3fp5m6zxqx69g3fkvy8f0za17s6tk20n8hk46brfr9jh5hb6c6fvbrr3vf9w111a9kjwajcf62cks7ef915p5rfpkpc0qsmx5vrn4q6arp4s8xbnnjpt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmAaWvLzKY4u5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEhQJP0FtyO975n_5PTAzovyWATwGr0DN87sGuGxn18ZmS-pZpI3GcvsZNKhEGv2XsOTeK5kqXxHrLQ0ml5zu5X8y7sg2Fqp4hYHVMMVuyiKCffnDCA-FaSM5L1LqfI-FovHsQ4TAk9wJawjaEdsp38oRbXKrEsfu7SEYGjdE8A5uh5AkqzajJcZkyjs5PgRGpiFovn91IMGTWHSzt_HMa45wOZ3rTYMJ1OtoxhJ05YC8RLv7cljQb3KKAb5GRkqs7j5tGMzVm2Jyckqj8D5yJumi3i0jhHr_CfH8JJZKjn3VSc-84ttLJ6y1Qd1HrCKbUxqWSBm03XW1r7bCq5z0PrfNXWo3EHtfgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1yrPEMCc-JA7UfiUFrOu4Az74ySA%26client%3Dca-pub-8339469931624128%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1674054542
age
176126
cf-polished
origSize=92334
x-guploader-uploadid
ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 18 Jan 2023 15:09:31 GMT
server
cloudflare
etag
W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary
Accept-Encoding
x-goog-generation
1674054571046429
content-type
text/css
x-goog-hash
crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BaQAFQpQCGD%2ByKDxtp2KdVyD4gQ0lsEdxqoOM2%2FBcqbEH8ZvA4E5KxypIArINFw3YtTvDZhW1KdxCDYVkZT%2FmRhiNfNN99Ji%2FYBqagUHrBgo0EEhUtLP6o3Anh%2B6zBCfG1Vebk3rVqk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
92334
cf-ray
78c9134178239a0b-FRA
expires
Fri, 20 Jan 2023 17:09:33 GMT
r62eglto.js
ad4m.at/ Frame A638 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h3xhtpnqy1qnws37t30g25cngef5pg6nswjf1p1fwhtem3rf7n6kp0eg2cq0er6aejj3sjq8xs2xpp0e478akm3a6dkem1y22thmxgfqsft0r3j574x2ns73qcndate3rpaahsh65w6e5afrfsz9p0x7gx4ansezdhvwbb08r6h5ndrm1bdxc5fs429bf09jqr306va8ceb0brnprpfy07j5eys9z38qz4gr3yydkhccphkj34p29mhj9zr6medv1h8ej9yw1b80132cdj43zjwbfedjx7pf611wynrej1k0n2txm277b4swfqdny6vr3fp5m6zxqx69g3fkvy8f0za17s6tk20n8hk46brfr9jh5hb6c6fvbrr3vf9w111a9kjwajcf62cks7ef915p5rfpkpc0qsmx5vrn4q6arp4s8xbnnjpt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmAaWvLzKY4u5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEhQJP0FtyO975n_5PTAzovyWATwGr0DN87sGuGxn18ZmS-pZpI3GcvsZNKhEGv2XsOTeK5kqXxHrLQ0ml5zu5X8y7sg2Fqp4hYHVMMVuyiKCffnDCA-FaSM5L1LqfI-FovHsQ4TAk9wJawjaEdsp38oRbXKrEsfu7SEYGjdE8A5uh5AkqzajJcZkyjs5PgRGpiFovn91IMGTWHSzt_HMa45wOZ3rTYMJ1OtoxhJ05YC8RLv7cljQb3KKAb5GRkqs7j5tGMzVm2Jyckqj8D5yJumi3i0jhHr_CfH8JJZKjn3VSc-84ttLJ6y1Qd1HrCKbUxqWSBm03XW1r7bCq5z0PrfNXWo3EHtfgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1yrPEMCc-JA7UfiUFrOu4Az74ySA%26client%3Dca-pub-8339469931624128%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 15:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
263113
etag
W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4pDVbMK9EbsCkgov%2Boee7v1U%2FYyWYV5q8kxrYqCBjjVSnArchycYGmjYrdVE4CHP62PbxICtpQJRIPeFq7UG8hkuBmSyyCXoWA0OBenR5j91GLms6s8IyeJGWuMH5pPGHpWb8s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
78c91341b8959a0b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 17 Jan 2023 15:04:20 GMT
default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame 1A0B 		90 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g0mj50s9vfr6dk1dky1nv61bjmywwgb6gd2ypwjqn462x5apwr96yc1c0t7bs7bk2cst81zs1afgj5mncf397n83zymfn1svhebyrxr79br5rc53b38b70wkayfrn41yx78zmh1qhmecwtxw3armc01f53tmr2fb59qgfzparv979ccvkq1wx6vxm6q9y8hj1kgt04bx0tem56d8w81wazt7arb1ggzhkgt3fekd8m0aasn81k6gatgtjm7ccdnahgt5wpjcs5k6g5ta2yr8bdr1xpf0e0nbempkgz6rnsx1t9demh70e4734xy2sxy2q4nzj3a34bw0rmv6mkx50advbkhp9e2vxzw341fbtybc1de7c22eatc4m6k1ksgpnksb5d456c24gh1gv3mf9wy4v7tq9q6gbp1x3dqvbb03wyed654wdnsbaa7c02nqcqms6kk&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5pDmvLzKY4y5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEgQJP0CKzjOL1xDWi-2XSRsyi_qG8I-TCZiwbJxlIHM7m-CrMS5NuISwOgZ4nfOEdJZEtQCK9_z4V-wIdIlyNJFgxSlv5Q9nAwbUx4SRCtBMC_fIW0DmgPeVzSr5tqkjASzm6STjucheKy8F6sNYT64klWVunCQkqXWVAxw0-OlYev5zsHXz4GWywHEpfix4zUEkDu08mV9KPIgshYpS-lZGxF3cr9qyLaf7ZkI7Jkfi7npGXcdlXQX7D9EuBXt4ddb7CpIKJ6R4WPucG0hTH0OrgwSSx1SomwVvj930Q-AIfLprOO9F7ZwoPit6v6KZuYLB5bIL4Fc90mDoKNNrj2wWgMOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3DZq9wNZ8IyDqSVMyRZmEa9_tRoQ%26client%3Dca-pub-8339469931624128%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1g0mj50s9vfr6dk1dky1nv61bjmywwgb6gd2ypwjqn462x5apwr96yc1c0t7bs7bk2cst81zs1afgj5mncf397n83zymfn1svhebyrxr79br5rc53b38b70wkayfrn41yx78zmh1qhmecwtxw3armc01f53tmr2fb59qgfzparv979ccvkq1wx6vxm6q9y8hj1kgt04bx0tem56d8w81wazt7arb1ggzhkgt3fekd8m0aasn81k6gatgtjm7ccdnahgt5wpjcs5k6g5ta2yr8bdr1xpf0e0nbempkgz6rnsx1t9demh70e4734xy2sxy2q4nzj3a34bw0rmv6mkx50advbkhp9e2vxzw341fbtybc1de7c22eatc4m6k1ksgpnksb5d456c24gh1gv3mf9wy4v7tq9q6gbp1x3dqvbb03wyed654wdnsbaa7c02nqcqms6kk&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5pDmvLzKY4y5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEgQJP0CKzjOL1xDWi-2XSRsyi_qG8I-TCZiwbJxlIHM7m-CrMS5NuISwOgZ4nfOEdJZEtQCK9_z4V-wIdIlyNJFgxSlv5Q9nAwbUx4SRCtBMC_fIW0DmgPeVzSr5tqkjASzm6STjucheKy8F6sNYT64klWVunCQkqXWVAxw0-OlYev5zsHXz4GWywHEpfix4zUEkDu08mV9KPIgshYpS-lZGxF3cr9qyLaf7ZkI7Jkfi7npGXcdlXQX7D9EuBXt4ddb7CpIKJ6R4WPucG0hTH0OrgwSSx1SomwVvj930Q-AIfLprOO9F7ZwoPit6v6KZuYLB5bIL4Fc90mDoKNNrj2wWgMOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3DZq9wNZ8IyDqSVMyRZmEa9_tRoQ%26client%3Dca-pub-8339469931624128%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1674054542
age
176126
cf-polished
origSize=92334
x-guploader-uploadid
ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 18 Jan 2023 15:09:31 GMT
server
cloudflare
etag
W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary
Accept-Encoding
x-goog-generation
1674054571046429
content-type
text/css
x-goog-hash
crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fi26IXLX5Bt%2BJ2t7rhfIMKizv439FHTBtIovcfM8aCbG7vQVDngYXOW5pnbYiECwghwsMjGYglSVTOORNZ3C%2BE0j%2FNyUXBWaE%2BAuiVYqUrKRtZ51r4T6L4QNxPKafc3MOpq8MFlJypc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
92334
cf-ray
78c91341882b9a0b-FRA
expires
Fri, 20 Jan 2023 17:09:33 GMT
r62eglto.js
ad4m.at/ Frame 1A0B 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g0mj50s9vfr6dk1dky1nv61bjmywwgb6gd2ypwjqn462x5apwr96yc1c0t7bs7bk2cst81zs1afgj5mncf397n83zymfn1svhebyrxr79br5rc53b38b70wkayfrn41yx78zmh1qhmecwtxw3armc01f53tmr2fb59qgfzparv979ccvkq1wx6vxm6q9y8hj1kgt04bx0tem56d8w81wazt7arb1ggzhkgt3fekd8m0aasn81k6gatgtjm7ccdnahgt5wpjcs5k6g5ta2yr8bdr1xpf0e0nbempkgz6rnsx1t9demh70e4734xy2sxy2q4nzj3a34bw0rmv6mkx50advbkhp9e2vxzw341fbtybc1de7c22eatc4m6k1ksgpnksb5d456c24gh1gv3mf9wy4v7tq9q6gbp1x3dqvbb03wyed654wdnsbaa7c02nqcqms6kk&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5pDmvLzKY4y5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEgQJP0CKzjOL1xDWi-2XSRsyi_qG8I-TCZiwbJxlIHM7m-CrMS5NuISwOgZ4nfOEdJZEtQCK9_z4V-wIdIlyNJFgxSlv5Q9nAwbUx4SRCtBMC_fIW0DmgPeVzSr5tqkjASzm6STjucheKy8F6sNYT64klWVunCQkqXWVAxw0-OlYev5zsHXz4GWywHEpfix4zUEkDu08mV9KPIgshYpS-lZGxF3cr9qyLaf7ZkI7Jkfi7npGXcdlXQX7D9EuBXt4ddb7CpIKJ6R4WPucG0hTH0OrgwSSx1SomwVvj930Q-AIfLprOO9F7ZwoPit6v6KZuYLB5bIL4Fc90mDoKNNrj2wWgMOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3DZq9wNZ8IyDqSVMyRZmEa9_tRoQ%26client%3Dca-pub-8339469931624128%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 15:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
263113
etag
W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHB6kGBNytk%2Bu8vPg%2FLwjXYZ575ZR5M%2Fu%2FrRAXjapNtSofn%2ByUlf5gQgHeRfUwclMErJvW%2BQcNDd8997%2BlS0pmmCXRePxb7njuE9yBO82yu%2FRkw6D5qT5x%2Fvk%2FxcAn2vyOXQ8XI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
78c91341b89a9a0b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 17 Jan 2023 15:04:20 GMT
default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame E688 		90 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jv0tc1d7h0sk421bj98s5b55vqb8jsxj31gteq1x2ckfqccnggcs9ad9h3kh5nmebdn0h7jg5w5zavp1gxq72fyjewkjwgv5jnnafxw1rwhntd4ex2mgj0ycxqz7j5gh7qvkj17tzkrds20j7b3ayz6ynwv4jjnnayyphvskgxgcf63hvf6ewx0e3y4wpv62ac4pfh8f8m36qc5t38pj0y7s5040ksjp85j7z6mp69c4gth921ywhjj0aa64evccsgvzr4brg9fgvbkcegm0xm37bykcqyqy9baww43dwsd8d285tkrz8jn77vz99fqwjy182gc7bn0b9g4k76r4jpv78rbkteg9k77vq969g3d3zyvnkd9q51264byvdbf93bprbx6d87kt4m62z51kf5ewekpse5s4gktt2grfcq6nt2y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBCV_vLzKY465MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoE_AFP0BVQ00imEV9BG-DrtJyhQ_fgudY4BBugd3UDhnouc_srXuKiVyeQanmmspQFQNJhfV8QNqRO5JvV4DnkpRKQBpyTilAhyfrwxVhkXGCv7KXVYnEfWMt211dSguL6rlAd2Lhw574z-v6PhYeiP7a41syAPUhMpN9fIsJ2AlR6gKVKfnUMpuc0noGTQ_HhlAldqa050oovxui-JsFCxZjmbTsC-zaxvNsdqDOtPHxBYIR6t5G2mLp4mrt3vZJf-n0TaTTLUcbkVN7b06zpG_9E_Ftds8-AMMymDjHRgbfE4WKwrspXIkOTLAGzh2_TuCcayeIpD0JvzU0BdC_gBAGABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1WI6wq1uCVTXZJ2ufR1pCBf4xThg%26client%3Dca-pub-8339469931624128%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jv0tc1d7h0sk421bj98s5b55vqb8jsxj31gteq1x2ckfqccnggcs9ad9h3kh5nmebdn0h7jg5w5zavp1gxq72fyjewkjwgv5jnnafxw1rwhntd4ex2mgj0ycxqz7j5gh7qvkj17tzkrds20j7b3ayz6ynwv4jjnnayyphvskgxgcf63hvf6ewx0e3y4wpv62ac4pfh8f8m36qc5t38pj0y7s5040ksjp85j7z6mp69c4gth921ywhjj0aa64evccsgvzr4brg9fgvbkcegm0xm37bykcqyqy9baww43dwsd8d285tkrz8jn77vz99fqwjy182gc7bn0b9g4k76r4jpv78rbkteg9k77vq969g3d3zyvnkd9q51264byvdbf93bprbx6d87kt4m62z51kf5ewekpse5s4gktt2grfcq6nt2y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBCV_vLzKY465MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoE_AFP0BVQ00imEV9BG-DrtJyhQ_fgudY4BBugd3UDhnouc_srXuKiVyeQanmmspQFQNJhfV8QNqRO5JvV4DnkpRKQBpyTilAhyfrwxVhkXGCv7KXVYnEfWMt211dSguL6rlAd2Lhw574z-v6PhYeiP7a41syAPUhMpN9fIsJ2AlR6gKVKfnUMpuc0noGTQ_HhlAldqa050oovxui-JsFCxZjmbTsC-zaxvNsdqDOtPHxBYIR6t5G2mLp4mrt3vZJf-n0TaTTLUcbkVN7b06zpG_9E_Ftds8-AMMymDjHRgbfE4WKwrspXIkOTLAGzh2_TuCcayeIpD0JvzU0BdC_gBAGABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1WI6wq1uCVTXZJ2ufR1pCBf4xThg%26client%3Dca-pub-8339469931624128%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1674054542
age
176126
cf-polished
origSize=92334
x-guploader-uploadid
ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 18 Jan 2023 15:09:31 GMT
server
cloudflare
etag
W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary
Accept-Encoding
x-goog-generation
1674054571046429
content-type
text/css
x-goog-hash
crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2F88UjrRt2zIUD6LGo0QY8a2zIBZzIQ50lkFxdbtOeRlMk80wVz%2F284%2Fnz0K3ejW%2BTYiO5rc47e0WGk8OsgCb3L3xijl%2BmBoDUnf5vqXcgqBFg5CDOOJZoZP7yxSjjU%2BeqFxTg%2Bzpyc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
92334
cf-ray
78c91341bd122c01-FRA
expires
Fri, 20 Jan 2023 17:09:33 GMT
r62eglto.js
ad4m.at/ Frame E688 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jv0tc1d7h0sk421bj98s5b55vqb8jsxj31gteq1x2ckfqccnggcs9ad9h3kh5nmebdn0h7jg5w5zavp1gxq72fyjewkjwgv5jnnafxw1rwhntd4ex2mgj0ycxqz7j5gh7qvkj17tzkrds20j7b3ayz6ynwv4jjnnayyphvskgxgcf63hvf6ewx0e3y4wpv62ac4pfh8f8m36qc5t38pj0y7s5040ksjp85j7z6mp69c4gth921ywhjj0aa64evccsgvzr4brg9fgvbkcegm0xm37bykcqyqy9baww43dwsd8d285tkrz8jn77vz99fqwjy182gc7bn0b9g4k76r4jpv78rbkteg9k77vq969g3d3zyvnkd9q51264byvdbf93bprbx6d87kt4m62z51kf5ewekpse5s4gktt2grfcq6nt2y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBCV_vLzKY465MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoE_AFP0BVQ00imEV9BG-DrtJyhQ_fgudY4BBugd3UDhnouc_srXuKiVyeQanmmspQFQNJhfV8QNqRO5JvV4DnkpRKQBpyTilAhyfrwxVhkXGCv7KXVYnEfWMt211dSguL6rlAd2Lhw574z-v6PhYeiP7a41syAPUhMpN9fIsJ2AlR6gKVKfnUMpuc0noGTQ_HhlAldqa050oovxui-JsFCxZjmbTsC-zaxvNsdqDOtPHxBYIR6t5G2mLp4mrt3vZJf-n0TaTTLUcbkVN7b06zpG_9E_Ftds8-AMMymDjHRgbfE4WKwrspXIkOTLAGzh2_TuCcayeIpD0JvzU0BdC_gBAGABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1WI6wq1uCVTXZJ2ufR1pCBf4xThg%26client%3Dca-pub-8339469931624128%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 15:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
263113
etag
W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FBN172IihloR78DSRdhIGcLVOAsma6i%2FC4JzjDIrRXoCNhkDuKAS%2F4KGuoZu6udQBqaQemxMicKo3FEBlXEexiR2ClqkPFPkc81HtNsqdgtB4ZDR3tGudwSttk%2FaoJ0ZXGTUxc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
78c91341b8929a0b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 17 Jan 2023 15:04:20 GMT
pixel
cm.g.doubleclick.net/ Frame AE79
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEP025ukcDJX6NGY__ozs4v0&google_cver=1&google_push=AavPq0M03AmJAACByxsWIvPGlLEung3MZl-U7g-dxt_h84wwicJGD7EzOX0zOokw0jbqOxaG6UPr2EfNmlJosQEJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=WgFjyry7RQCpRxE7NKM8TQ&google_push=AavPq0M03AmJAACByxsWIvPGlLEung3MZl-U7g-dxt_h84wwicJGD7EzOX0zOokw0jbqOxaG6UPr2EfNmlJosQEJg9rBljs-avA
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=WgFjyry7RQCpRxE7NKM8TQ&google_push=AavPq0M03AmJAACByxsWIvPGlLEung3MZl-U7g-dxt_h84wwicJGD7EzOX0zOokw0jbqOxaG6UPr2EfNmlJosQEJg9rBljs-avA
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 20 Jan 2023 16:09:33 GMT
Server
MT3 357 2feb0b5 master cdg-pixel-x32 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=WgFjyry7RQCpRxE7NKM8TQ&google_push=AavPq0M03AmJAACByxsWIvPGlLEung3MZl-U7g-dxt_h84wwicJGD7EzOX0zOokw0jbqOxaG6UPr2EfNmlJosQEJg9rBljs-avA
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 20 Jan 2023 16:09:32 GMT
pixel
cm.g.doubleclick.net/ Frame AE79
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPpNYTE8pMyiVnjjRcVxTuU&google_cver=1&google_push=AavPq0MrroN1K7bPSDvt110aZ1wjZ27hYT8T_T8xOknvYMV3xVfZ-cHCtT8slXr_zlMi9l09JObzdzVBOEtteP...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MDc2NzI3NTAxNTkyNzk2Mw%3D%3D&google_push=AavPq0MrroN1K7bPSDvt110aZ1wjZ27hYT8T_T8xOknvYMV3xVfZ-cHCtT8slXr_zlMi9l09JObzdzVBOEttePKmby...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MDc2NzI3NTAxNTkyNzk2Mw%3D%3D&google_push=AavPq0MrroN1K7bPSDvt110aZ1wjZ27hYT8T_T8xOknvYMV3xVfZ-cHCtT8slXr_zlMi9l09JObzdzVBOEttePKmbyNttCuBeQ
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MDc2NzI3NTAxNTkyNzk2Mw%3D%3D&google_push=AavPq0MrroN1K7bPSDvt110aZ1wjZ27hYT8T_T8xOknvYMV3xVfZ-cHCtT8slXr_zlMi9l09JObzdzVBOEttePKmbyNttCuBeQ
Date
Fri, 20 Jan 2023 16:09:33 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame AE79
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMLFz2NNtCTeF5nDkO5QoMM&google_cver=1&google_push=AavPq0OQQ-JKk0TmJAzTcRzRnqoyR7f9DBr9LAbftJ3QzbPsqrMNbTet7gC38jxUBUsUCvRY3Vrtsy_MABLyT0KP...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ylhEYai3Tkm3yMVGQUFAzw2&google_push=AavPq0OQQ-JKk0TmJAzTcRzRnqoyR7f9DBr9LAbftJ3QzbPsqrMNbTet7gC38jxUBUsUCvRY3Vrtsy_MABLyT0KPO31e3rfwew
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ylhEYai3Tkm3yMVGQUFAzw2&google_push=AavPq0OQQ-JKk0TmJAzTcRzRnqoyR7f9DBr9LAbftJ3QzbPsqrMNbTet7gC38jxUBUsUCvRY3Vrtsy_MABLyT0KPO31e3rfwew
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 20 Jan 2023 16:09:33 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ylhEYai3Tkm3yMVGQUFAzw2&google_push=AavPq0OQQ-JKk0TmJAzTcRzRnqoyR7f9DBr9LAbftJ3QzbPsqrMNbTet7gC38jxUBUsUCvRY3Vrtsy_MABLyT0KPO31e3rfwew
x-host
tde-deliveryengine-production-fb497649f-7r8b7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame AE79
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMBjEaFssIO4EN_MB6vtiJE&google_cver=1&google_push=AavPq0P6piwNyMwjjqLFaEdalhBt6dIP3ua2KGTDuT8QZW1SQoGLHkEuXv7JtWCay3utwBBWQf8...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ0UFc3OTItMU8tRzZZMg==&google_push=AavPq0P6piwNyMwjjqLFaEdalhBt6dIP3ua2KGTDuT8QZW1SQoGLHkEuXv7JtWCay3utwBBWQf8aieUrlxAmj50bILuR-QimCg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ0UFc3OTItMU8tRzZZMg==&google_push=AavPq0P6piwNyMwjjqLFaEdalhBt6dIP3ua2KGTDuT8QZW1SQoGLHkEuXv7JtWCay3utwBBWQf8aieUrlxAmj50bILuR-QimCg
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ0UFc3OTItMU8tRzZZMg==&google_push=AavPq0P6piwNyMwjjqLFaEdalhBt6dIP3ua2KGTDuT8QZW1SQoGLHkEuXv7JtWCay3utwBBWQf8aieUrlxAmj50bILuR-QimCg
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
pixel
cm.g.doubleclick.net/ Frame AE79
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEGZ8ApYmrt0XsoAwf1g4830&google_cver=1&google_push=AavPq0OU9PEcC7h1LWabIE_1QqQRZIJh5SaKAhGizwZ2aSrYqg6iuqmlCw9ieQXd6nxAxLhH_JkHI7xYT9uYeepHgvcyPFOTqA
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE3MjMyNTczODE3MzE3OTAwMFYxMA%3d%3d&mn_hm=MzE3MjMyNTczODE3MzE3OTAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0OU9PEcC7h1LWabIE_1QqQRZIJ...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE3MjMyNTczODE3MzE3OTAwMFYxMA%3d%3d&mn_hm=MzE3MjMyNTczODE3MzE3OTAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0OU9PEcC7h1LWabIE_1QqQRZIJh5SaKAhGizwZ2aSrYqg6iuqmlCw9ieQXd6nxAxLhH_JkHI7xYT9uYeepHgvcyPFOTqA&gdpr=&gdpr_consent=
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:33 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE3MjMyNTczODE3MzE3OTAwMFYxMA%3d%3d&mn_hm=MzE3MjMyNTczODE3MzE3OTAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0OU9PEcC7h1LWabIE_1QqQRZIJh5SaKAhGizwZ2aSrYqg6iuqmlCw9ieQXd6nxAxLhH_JkHI7xYT9uYeepHgvcyPFOTqA&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Fri, 20 Jan 2023 16:09:33 GMT
pixel
cm.g.doubleclick.net/ Frame AE79
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECqpWalKLHn4DsO-oeAkUZw&google_cver=1&google_push=AavPq0OhyXJVu2oG_aP9wgwp0pHCXLZ6mEvon-UQjrvNfR9NqHN71BIOAehaGW9pwzD8kXe4fr...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0uQ2NnOHpoRTJ1RU5GRHZlbU1Ub3RxYlBBdWxGNXUzZ35B&google_push=AavPq0OhyXJVu2oG_aP9wgwp0pHCXLZ6mEvon-UQjrvNfR9NqHN71BIOA...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0uQ2NnOHpoRTJ1RU5GRHZlbU1Ub3RxYlBBdWxGNXUzZ35B&google_push=AavPq0OhyXJVu2oG_aP9wgwp0pHCXLZ6mEvon-UQjrvNfR9NqHN71BIOAehaGW9pwzD8kXe4frajIyDefoar-3FQz_RL0wc5SgFh
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0uQ2NnOHpoRTJ1RU5GRHZlbU1Ub3RxYlBBdWxGNXUzZ35B&google_push=AavPq0OhyXJVu2oG_aP9wgwp0pHCXLZ6mEvon-UQjrvNfR9NqHN71BIOAehaGW9pwzD8kXe4frajIyDefoar-3FQz_RL0wc5SgFh
date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame AE79
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEE4sxNVzs7LGFWPfuN1QQC0&google_cver=1&google_push=AavPq0NNwhYMRF_nzaYvgtRKsDNc-eZ9aEOP0cd8kCTRT3ogr6N4xLhITafzY3zwzN4wqfWASowK8XAfpOM...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NNwhYMRF_nzaYvgtRKsDNc-eZ9aEOP0cd8kCTRT3ogr6N4xLhITafzY3zwzN4wqfWASowK8XAfpOMzfnPiLJgLi1YFWBE
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame AE79 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L1sd14G15sqx8mmIyxVVVN4O92uvK18XRhyk2QBYZNZFEAl4EyxtOvpRavWg2sc1ec3-GLt4o
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 91C3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEP025ukcDJX6NGY__ozs4v0&google_cver=1&google_push=AavPq0Nd9H9TwMqY13tPT5yzirWqaiDiwrg8GB3-KZMOIL7ufZFM_XbxdmOLClBb3GrwYqLsn2_IT4DHtfB37uUB...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=WgFjyry7RQCpRxE7NKM8TQ&google_push=AavPq0Nd9H9TwMqY13tPT5yzirWqaiDiwrg8GB3-KZMOIL7ufZFM_XbxdmOLClBb3GrwYqLsn2_IT4DHtfB37uUBsVP7Uubx...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=WgFjyry7RQCpRxE7NKM8TQ&google_push=AavPq0Nd9H9TwMqY13tPT5yzirWqaiDiwrg8GB3-KZMOIL7ufZFM_XbxdmOLClBb3GrwYqLsn2_IT4DHtfB37uUBsVP7UubxpJaIfviMrpeWHMFlSkT-RUZrGgCinReH4n1RSOfocHpoKKgE
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 20 Jan 2023 16:09:33 GMT
Server
MT3 357 2feb0b5 master cdg-pixel-x7 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=WgFjyry7RQCpRxE7NKM8TQ&google_push=AavPq0Nd9H9TwMqY13tPT5yzirWqaiDiwrg8GB3-KZMOIL7ufZFM_XbxdmOLClBb3GrwYqLsn2_IT4DHtfB37uUBsVP7UubxpJaIfviMrpeWHMFlSkT-RUZrGgCinReH4n1RSOfocHpoKKgE
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 20 Jan 2023 16:09:32 GMT
pixel
cm.g.doubleclick.net/ Frame 91C3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENy5K5TIvkv9STxLT66N9rA&google_push=AavPq0NRBVcApCGiBJV6xtRpgNbJmedBKcMAHQDKTkoAOG5lCypzLMHyU8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENy5K5TIvkv9STxLT66N9rA&google_push=AavPq0NRBVcApCGiBJV6xtRpgNbJmedBKcMAHQDKTkoAOG5lCypzLMHyU8aE3tVAJ6V00WL_i2foftYTSa2mjexciUZs9U9r62C0E4sCD5xizM_dEun1QQ4mmFSa3I1k7cBNm1ZbOykos8ef
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-yul12825-YUL
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1674230974.046789,VS0,VE15
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENy5K5TIvkv9STxLT66N9rA&google_push=AavPq0NRBVcApCGiBJV6xtRpgNbJmedBKcMAHQDKTkoAOG5lCypzLMHyU8aE3tVAJ6V00WL_i2foftYTSa2mjexciUZs9U9r62C0E4sCD5xizM_dEun1QQ4mmFSa3I1k7cBNm1ZbOykos8ef
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 91C3
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPpNYTE8pMyiVnjjRcVxTuU&google_cver=1&google_push=AavPq0MNUL-eFIfDB-7IwdE4RyELD6uWkKzq_V4ZD1tGZcSGdDtr4jSSQEG_i8vGlaQqCbL7DWKAMaIb1GAehG...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MDc2NzI3NTAxNzA0MjA2MQ%3D%3D&google_push=AavPq0MNUL-eFIfDB-7IwdE4RyELD6uWkKzq_V4ZD1tGZcSGdDtr4jSSQEG_i8vGlaQqCbL7DWKAMaIb1GAehGH1MW...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MDc2NzI3NTAxNzA0MjA2MQ%3D%3D&google_push=AavPq0MNUL-eFIfDB-7IwdE4RyELD6uWkKzq_V4ZD1tGZcSGdDtr4jSSQEG_i8vGlaQqCbL7DWKAMaIb1GAehGH1MW4ol-KU8pvmvcaLnlvy__x7pXr5a3nLZPvBuVEpUdhnEaY2LIfjPUeH
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MDc2NzI3NTAxNzA0MjA2MQ%3D%3D&google_push=AavPq0MNUL-eFIfDB-7IwdE4RyELD6uWkKzq_V4ZD1tGZcSGdDtr4jSSQEG_i8vGlaQqCbL7DWKAMaIb1GAehGH1MW4ol-KU8pvmvcaLnlvy__x7pXr5a3nLZPvBuVEpUdhnEaY2LIfjPUeH
Date
Fri, 20 Jan 2023 16:09:33 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 91C3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMBjEaFssIO4EN_MB6vtiJE&google_cver=1&google_push=AavPq0PJkS9F2Q2RQJAKcUB4pfCIFhJIwzEWQxLkT1tyfQ6wMSlVuZMnNf2oVugy6g9VK9VvwtS...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ0UFc3RVAtMjAtQjc4Mg==&google_push=AavPq0PJkS9F2Q2RQJAKcUB4pfCIFhJIwzEWQxLkT1tyfQ6wMSlVuZMnNf2oVugy6g9VK9VvwtSDPjtTLZdI5wA6GGjjrt5259Y3Z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ0UFc3RVAtMjAtQjc4Mg==&google_push=AavPq0PJkS9F2Q2RQJAKcUB4pfCIFhJIwzEWQxLkT1tyfQ6wMSlVuZMnNf2oVugy6g9VK9VvwtSDPjtTLZdI5wA6GGjjrt5259Y3Zb8wThHaExeqQ1-UWBcqqM4c7ixZ9jh5-ttyzr432w63
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ0UFc3RVAtMjAtQjc4Mg==&google_push=AavPq0PJkS9F2Q2RQJAKcUB4pfCIFhJIwzEWQxLkT1tyfQ6wMSlVuZMnNf2oVugy6g9VK9VvwtSDPjtTLZdI5wA6GGjjrt5259Y3Zb8wThHaExeqQ1-UWBcqqM4c7ixZ9jh5-ttyzr432w63
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame 91C3
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL_gje3LgIv6_agmzQ-3AgM&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEL_gje3LgIv6_agmzQ-3AgM&google_push=Aa...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL_gje3LgIv6_agmzQ-3AgM&google_hm=Y8q8vXyXRKO7KEm-le737QAABJYAAAIB&google_nid=index&google_push=AavPq0MK_bD-Ma1_PvcuDrEupsPQz7xGmY4J6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL_gje3LgIv6_agmzQ-3AgM&google_hm=Y8q8vXyXRKO7KEm-le737QAABJYAAAIB&google_nid=index&google_push=AavPq0MK_bD-Ma1_PvcuDrEupsPQz7xGmY4J6ljR7TrLeThbt33aDTTmzb1vLUwZQd6E2mvmQFAsxflpcUHyUhm7hb22HebZqa_ODfsgG7gHP2NfSxy5HPa0vI8TWuezx-X2RWvVTzmjEaYo
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdhGRruW%2F9jEx0NTqLdVPI7K3FCGmB9Htzf6IlPwGk3aiYbT7r%2FPo8Flcr3gTauA%2BtdGIzh%2BI8HBVhjROrA%2Be97HOv7W86Q3qDGDDXnlat3sRB74CyRcAUdog3rPgSJ49RXHFtQG01YkRg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL_gje3LgIv6_agmzQ-3AgM&google_hm=Y8q8vXyXRKO7KEm-le737QAABJYAAAIB&google_nid=index&google_push=AavPq0MK_bD-Ma1_PvcuDrEupsPQz7xGmY4J6ljR7TrLeThbt33aDTTmzb1vLUwZQd6E2mvmQFAsxflpcUHyUhm7hb22HebZqa_ODfsgG7gHP2NfSxy5HPa0vI8TWuezx-X2RWvVTzmjEaYo
cache-control
no-cache
cf-ray
78c913430eb12bdc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 91C3
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKLcHjVM-Jtch2CcrcOTtVA&google_cver=1&google_push=AavPq0PwYK0-wwDl5IxyBe_xhSnUlSVewrSg_PEQdpXd52hDp3NPdTpN3vaccleOmhOk735INN5ntkC_sFu724wb6...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKLcHjVM-Jtch2CcrcOTtVA&google_cver=1&google_push=AavPq0PwYK0-wwDl5IxyBe_xhSnUlSVewrSg_PEQdpXd52hDp3NPdTpN3vaccleOmhOk735INN5ntkC_sFu724wb6...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0PwYK0-wwDl5IxyBe_xhSnUlSVewrSg_PEQdpXd52hDp3NPdTpN3vaccleOmhOk735INN5ntkC_sFu724wb6OQtl33WJidmjmrQPT_UPLhuKlaY8Ud5_XiBhPRc3lpr4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0PwYK0-wwDl5IxyBe_xhSnUlSVewrSg_PEQdpXd52hDp3NPdTpN3vaccleOmhOk735INN5ntkC_sFu724wb6OQtl33WJidmjmrQPT_UPLhuKlaY8Ud5_XiBhPRc3lpr4_YRdrtxeLD_&google_hm=GBMpKGZHfsG0Xkp-SsmyJequ
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 20 Jan 2023 16:09:33 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0PwYK0-wwDl5IxyBe_xhSnUlSVewrSg_PEQdpXd52hDp3NPdTpN3vaccleOmhOk735INN5ntkC_sFu724wb6OQtl33WJidmjmrQPT_UPLhuKlaY8Ud5_XiBhPRc3lpr4_YRdrtxeLD_&google_hm=GBMpKGZHfsG0Xkp-SsmyJequ
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 91C3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECqpWalKLHn4DsO-oeAkUZw&google_cver=1&google_push=AavPq0P6dnDmNREeI1BpzSoIIZczbfh0Qs80A0Rpmi8w_FeDr28Q5W5LYH5TXaX3vvetJM-0XM...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0uQ2NnOHpoRTJ1RU5GRHZlbU1Ub3RxYlBBdWxGNXUzZ35B&google_push=AavPq0P6dnDmNREeI1BpzSoIIZczbfh0Qs80A0Rpmi8w_FeDr28Q5W5LY...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0uQ2NnOHpoRTJ1RU5GRHZlbU1Ub3RxYlBBdWxGNXUzZ35B&google_push=AavPq0P6dnDmNREeI1BpzSoIIZczbfh0Qs80A0Rpmi8w_FeDr28Q5W5LYH5TXaX3vvetJM-0XMnQMYmeoVSR2dbO70qxNtVX8ODuucnb6z1pVpUDrsdX7p8TtzYqNG5nLaLoxCN-9nCsEgAoyg
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0uQ2NnOHpoRTJ1RU5GRHZlbU1Ub3RxYlBBdWxGNXUzZ35B&google_push=AavPq0P6dnDmNREeI1BpzSoIIZczbfh0Qs80A0Rpmi8w_FeDr28Q5W5LYH5TXaX3vvetJM-0XMnQMYmeoVSR2dbO70qxNtVX8ODuucnb6z1pVpUDrsdX7p8TtzYqNG5nLaLoxCN-9nCsEgAoyg
date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 91C3 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IcxGiAwj8TkbD5noC3USpoHEXtkD_TXnpr_vhrGxQ5phKo4If_pNk8-dyXzRi2Ql-Yh29VtQ
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pica.js
www.iapac.to/cdn-cgi/challenge-platform/h/g/scripts/ Frame 84C1 		19 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc3117af6d5d667e0f1d395920b3dcffa2b20ce721ef61a4eb42cc90c3469c1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtPXo7zUBkbPNQhGvrkJg25fl9Zjj83jZqKgkuht5OLyjGA6Ii4yGLHbo7zxsGtN0Q%2BcKRmplDRJBGAA3FkFr%2BgsQ78qVW905k5Sc2Zm6H4rjSWdK4OGipaA1G1bHYnn6S2N3K6GO06F3Aw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
78c91341b8d99ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
i.match
s.tribalfusion.com/z/ Frame 101A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHdYd9K6ZAciWfUCZexXDck&google_cver=1&google_push=AavPq0N436YPXtDYW83BSi8MNPaq4NhP7nV5TW_geAhlTnd4UB1FKjd28OsloAo_70SlL6rzOhLJa_LUqSFAvwccjDGVQOmszUMf&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHdYd9K6ZAciWfUCZexXDck&google_cver=1&google_push=AavPq0N436YPXtDYW83BSi8MNPaq4NhP7nV5TW_geAhlTnd4UB1FKjd28OsloAo_70SlL6rzOhLJa_LUqSFAvwccjDGVQOmszUM...
43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHdYd9K6ZAciWfUCZexXDck&google_cver=1&google_push=AavPq0N436YPXtDYW83BSi8MNPaq4NhP7nV5TW_geAhlTnd4UB1FKjd28OsloAo_70SlL6rzOhLJa_LUqSFAvwccjDGVQOmszUMf&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0N436YPXtDYW83BSi8MNPaq4NhP7nV5TW_geAhlTnd4UB1FKjd28OsloAo_70SlL6rzOhLJa_LUqSFAvwccjDGVQOmszUMf%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
78c91343ebc92c72-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
171
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHdYd9K6ZAciWfUCZexXDck&google_cver=1&google_push=AavPq0N436YPXtDYW83BSi8MNPaq4NhP7nV5TW_geAhlTnd4UB1FKjd28OsloAo_70SlL6rzOhLJa_LUqSFAvwccjDGVQOmszUMf&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0N436YPXtDYW83BSi8MNPaq4NhP7nV5TW_geAhlTnd4UB1FKjd28OsloAo_70SlL6rzOhLJa_LUqSFAvwccjDGVQOmszUMf%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
78c91342994c2c72-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 101A
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEA2P43B-Z2Lj3M8tkjhpS8Y&google_cver=1&google_push=AavPq0On5_Uc7DpvNavKJvjU3IQbypm-ITZb2IBCIWK8iKq7JE-rpEG88Hu7eQnWGjMhgjSRpDZwXx8k7WQILxMMSfYKPYU...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEA2P43B-Z2Lj3M8tkjhpS8Y&google_cver=1&google_push=AavPq0On5_Uc7DpvNavKJvjU3IQbypm-ITZb2IBCIWK8iKq7JE-rpEG88Hu7eQnWGjMhgjSRpDZwXx8k7WQILxMMSfYKP...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0On5_Uc7DpvNavKJvjU3IQbypm-ITZb2IBCIWK8iKq7JE-rpEG88Hu7eQnWGjMhgjSRpDZwXx8k7WQILxMMSfYKPYUwbmY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0On5_Uc7DpvNavKJvjU3IQbypm-ITZb2IBCIWK8iKq7JE-rpEG88Hu7eQnWGjMhgjSRpDZwXx8k7WQILxMMSfYKPYUwbmY
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0On5_Uc7DpvNavKJvjU3IQbypm-ITZb2IBCIWK8iKq7JE-rpEG88Hu7eQnWGjMhgjSRpDZwXx8k7WQILxMMSfYKPYUwbmY
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 101A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPicjLNIR9JNGPv7anmSmM0&google_cver=1&google_push=AavPq0PsQDIeCmOSekzTnVcTLAWIQLndOsQMFNpfwRNDV_gmp-uZqr1icKKYAcP0efU4coGPEj2DtfJZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzcxOTA0MTMzODQzNTMzMjAyNg&google_push=AavPq0PsQDIeCmOSekzTnVcTLAWIQLndOsQMFNpfwRNDV_gmp-uZqr1icKKYAcP0efU4coGPEj2Dtf...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzcxOTA0MTMzODQzNTMzMjAyNg&google_push=AavPq0PsQDIeCmOSekzTnVcTLAWIQLndOsQMFNpfwRNDV_gmp-uZqr1icKKYAcP0efU4coGPEj2DtfJZn9CkhGtOGufAtcpgYjmE
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzcxOTA0MTMzODQzNTMzMjAyNg&google_push=AavPq0PsQDIeCmOSekzTnVcTLAWIQLndOsQMFNpfwRNDV_gmp-uZqr1icKKYAcP0efU4coGPEj2DtfJZn9CkhGtOGufAtcpgYjmE
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 101A
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEOqmXhthixcCpVZ6iJS7_SA&google_cver=1&google_push=AavPq0OzaFqLRlIUOP-vxFkkEqwIwuLeScrWUA-Q9lx12eCjspeFBpyhN__bcYoyKwWzsONu2mMJPPNOXLtiveW15YRaqge48lJ1
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0OzaFqLRlIUOP-vxFkkEqwIwuLeScrWUA-Q9lx12eCjspeFBpyhN__bcYoyKwWzsONu2mMJPPNOXLtiveW15YRaqge48lJ1&google_hm=Z2Q2OWYyN2E3OGViMDNi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0OzaFqLRlIUOP-vxFkkEqwIwuLeScrWUA-Q9lx12eCjspeFBpyhN__bcYoyKwWzsONu2mMJPPNOXLtiveW15YRaqge48lJ1&google_hm=Z2Q2OWYyN2E3OGViMDNiYTRiMTU=
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0OzaFqLRlIUOP-vxFkkEqwIwuLeScrWUA-Q9lx12eCjspeFBpyhN__bcYoyKwWzsONu2mMJPPNOXLtiveW15YRaqge48lJ1&google_hm=Z2Q2OWYyN2E3OGViMDNiYTRiMTU=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
/
cc.adingo.jp/adx/push/ Frame 101A 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEAeHg6ctrBBUd95CfK-LDqM&google_cver=1&google_push=AavPq0PNtbW0DhTAp-bB_UQX3PCLti2etnO26nU9CWcdN-_lFggi_h4LoKscEq9bsvvWn8qIP_EcHOMICSmCCZ_j_KrdfzpfvQw
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.20.39 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-20-39.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
server
awselb/2.0
/
onetag-sys.com/match/ Frame 101A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEE4sxNVzs7LGFWPfuN1QQC0&google_cver=1&google_push=AavPq0Prgpf9XQhymnRe429BU7xHiMB_NOWEg6_qBTAt3uu2AulVFHf4et3R60FHpS10pKuCov3SgVfranw...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0Prgpf9XQhymnRe429BU7xHiMB_NOWEg6_qBTAt3uu2AulVFHf4et3R60FHpS10pKuCov3SgVfranwAJp5J8ynMOzjUb7KAgA
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
report
sync.teads.tv/um/ Frame 101A
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEL1kZRHagu0DeTwSwI9gZg&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0MLZ_VHLmoISAkC8fU47aN2LYod4fC0HtTR0-jrtB-Jq3EEUF2GTm0VdRmHAdGbGjMibWTt0rBxcoIRTHVby-svjz8O3iRq
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-36.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires
Fri, 20 Jan 2023 16:09:34 GMT
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 101A 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JXzVqOj2lgRc1euTE7zLdLiQm66MstJj_mVr_bVGVcEIzNElxv5H8WCrhzA28iC7TdOfQjI9Y
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
BannerDrijaivoo001-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/BannerDrijaivoo001-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dca778d85afa24947ac4cf448cc359592e1b3f1249cc6707b894d002ae595b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8759
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Fri, 20 Jan 2023 14:57:56 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2237-63caabf4-ddc262eb6df3b551;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOae6ySC3PL8QI4vvxF8gC0rww7QVdx7r0OU5Z4NLf3CEsgZaFtnZENhIHq2QxwYXAoupFoFShK0DXn9pM4ZZj%2FI%2BNa5MFPo9Hz1iHD0kvylyMsyeT7JDtmqFZWgkVuyM1qxs9Suk3gT6lArVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c91341f840922b-FRA
expires
Sat, 20 Jan 2024 21:07:14 GMT
imageWINSTON34843I8-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/imageWINSTON34843I8-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab70b4b0190c362012679e4067c4137d8adf4ee5761f990e20aab4ee783cce2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10786
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Fri, 20 Jan 2023 15:23:20 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2a22-63cab1e8-57141b69047fadb8;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oi4fWcF3%2F2IXv%2Fm%2F10uIvQG1VAJ5h2jIHdWfZ007VyLiP%2FP9bBNYcdcXLEjmQrqdfp0DjwM0lTIIf5FbBwqZZvlz1UOr1qXvIz5cw4cZDT5ZWvwXtcujR9%2BfV6IRf9sziB5BgwWHj0%2BKAm8mtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c91341f842922b-FRA
expires
Sat, 20 Jan 2024 21:28:04 GMT
CARAOTA-DIGITAL-1-2-11-696x392.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/CARAOTA-DIGITAL-1-2-11-696x392.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc8e9eeb1841d1217f795c9efce8abb9aab848322c61ab0db0ebb4137f65ae0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59293
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Fri, 20 Jan 2023 14:43:54 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"e79d-63caa8aa-a5a636744d382a33;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5j7LlAEwfgBdVHnpQIJHVVkXC5zt5x1CVV3BQU%2Bpg3mqfraFc9kj64gFDJjGiwgM7zl%2BvidUMMuI1WMq4i%2B1ruXVHl2BWDQcOxpWcsZrGrrfY%2FRWQGSr1Y1zNoyjs5X1P7Yg4y86TP4fs2TqXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c91341f847922b-FRA
expires
Sat, 20 Jan 2024 21:15:25 GMT
imagemujerautopista2671-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/imagemujerautopista2671-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe7ef7bb05984eae7db7f5b429696e921cd5b2d7239e350b204a22ca94a244e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15813
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Fri, 20 Jan 2023 14:19:22 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"3dc5-63caa2ea-eabdee7927107039;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1HwvLQqybtCSJqQHzc%2Bk5pNzjI6ZrR8RoS7ED2oo2hKTnCqQUVTKZK3KHJNqFilBnAMUfjLxGgcCuSGlfMaAU1E9AFahI%2BMcjLUOylxBG9W1clQ36MUKvDIObFnC%2BmVzwfWNyHPKu9ocRw6Hww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c91341f84d922b-FRA
expires
Sat, 20 Jan 2024 20:27:38 GMT
7f0b7b78d59ae0a5992a6af595423001b6d63921w-1-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/7f0b7b78d59ae0a5992a6af595423001b6d63921w-1-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7c340fb289996d82c1b449ee2e9bb2ae513228dfd668e93167659367439e8d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15932
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Fri, 20 Jan 2023 13:54:21 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"3e3c-63ca9d0d-b41f41619cd2a49a;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IS0PSIblXTMVH1aj4wo0isEQRTFcMSvmFlAvVSi55FkBxCk9MtEN6Vf05mKSkO%2BBtGPQ7f8stkRiBPjHwtlOEEDvQTj7HfzgL0Y1MfwJrsBeWYxH5lWCbKeLC2uQ8%2FeOsSXLiwWZrCTCTTPHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c91341f84e922b-FRA
expires
Sat, 20 Jan 2024 20:08:58 GMT
imagedolar83893-1-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/imagedolar83893-1-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87f02ef14d447da49a2a27ab1aa76307681f49c87103623fe3b30d7573a59595
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17240
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Fri, 20 Jan 2023 13:19:26 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"4358-63ca94de-9d478fd0c200fd3e;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZiBxZGsnLJuPmgFLFbusUEBQfy1u3RgNnT6caGPSpK0rUa1VoZhCWyv%2BcvVttZaUcAl0uHryk6FBWC5BXk7uQEV1AtLLXeDBSvQ%2BnU1l%2BWmgPf%2FH0JPq%2BDk9z0pogOcp%2FBVBkPO4suLNp0Kfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c91341f84f922b-FRA
expires
Sat, 20 Jan 2024 19:30:59 GMT
CARAOTA-MIAMI2-1.png
adncaraota.com/wp-content/uploads/2021/10/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2021/10/CARAOTA-MIAMI2-1.png
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56e9075c1b7e53dadd79fb69c8604af738f553133865145b2796bd64d75b0b15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25422
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sat, 02 Oct 2021 01:43:49 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"634e-6157b955-e72f82ae68824249;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2KZFp4elOMrxI6%2FbAJej7rSuBGjXidjubR03E%2B1uRXIb5rLZ0LXHDsvWDO%2FNE3GLA7Ag%2B8Yel3rq%2B%2BRH%2BkjIlWYfiVAs%2BSBfjmTd3NLafpti9P1YXuZ7%2FiJdhhrEXgoFpOavi3j8LbEH1W4jJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c91341f852922b-FRA
expires
Tue, 22 Aug 2023 06:08:37 GMT
comision-nacional-de-primarias--300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/comision-nacional-de-primarias--300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ab21a02aaf32c19e95a3984175e7e7e51c41db981449b02260e0ea92bfd7ffc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12439
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Fri, 20 Jan 2023 01:01:40 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"3097-63c9e7f4-9b8affd442473dbc;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4Iv3KDyDrCr7rKd3aaKP%2Fha9COugNEDKcu4UAMUPy8kkiz7GKdZKwSVErrzxUdbRLiG3lDsWICWg7CMY%2FPldPQDmkT7u5EYrpwvF1wPPdRXf%2Fo4D5NOgfdN3l9dOAJx7XcmMq%2FFLuJ0RQfilA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c913420854922b-FRA
expires
Sat, 20 Jan 2024 07:30:38 GMT
imagebolivaresdolares93-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/imagebolivaresdolares93-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2f4412b6bacf6c84aca42e2aa63e05c0e85092572c7ad173653812370781807
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9890
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Fri, 20 Jan 2023 00:39:37 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"26a2-63c9e2c9-75e55d97fb65250b;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcRyq2zt7e1%2F8cL3%2B9A%2BxOIkJBuUlMK920779dhp9W4osTMYKRzsJOeY78k60GtbGO8rIH7NLCSajwmaJDZfRaiwM9%2FcrLWus0ucXqEIzI%2Fy5k%2FEx3lFxqj5tfRdbSIcGWzBF%2B19x43AtoD2og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c913420857922b-FRA
expires
Sat, 20 Jan 2024 06:56:32 GMT
CARAOTA-DIGITAL-TITULAR-2022-02-24T091034.651-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/CARAOTA-DIGITAL-TITULAR-2022-02-24T091034.651-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff692e5631e32bb99f79e26cad459de95ff155ac30874a43a47ca5bf0d4e919f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9015
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Fri, 20 Jan 2023 00:04:09 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2337-63c9da79-3088c6d22fcf077c;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssb3Q1h7ckTM9oe2W50OYg3gIZ3viqFaps6K2%2BdfVRBR84JzcnP3V0p0lAK1JgCV3%2FKJMOGWOIUssT9FDAzdAaEDUbGSiLL2ZyjNioFC8s6D4WhHRFS1GfwVHmy%2BvqvGauoIw8v0cN%2BdUJ9sRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c91342085c922b-FRA
expires
Sat, 20 Jan 2024 06:11:07 GMT
Asamblea_Nacional_de_la_Repu%CC%81blica_Bolivariana_de_Venezuela-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/Asamblea_Nacional_de_la_Repu%CC%81blica_Bolivariana_de_Venezuela-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97720b11aa98c6a59e8a7f880c3833f7a1c510d56e6bb91e57e6f26db4b8128d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9472
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 19 Jan 2023 23:35:29 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2500-63c9d3c1-afff6e48979f96da;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXg4%2Be%2B8E%2Bo9mfE6x9K922x%2FXACfxsFhhMUf6D1X3%2Fw96W1EAWdFRjtKb8fjMXlHefTELlpUvcLMqq1lQAihPCLllIeRMtXg6%2FHmn3d3vQsgKQ4%2F4iZY6NLz%2BM2yFl2FGmEYeNDApmwcTeqg%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c91342085d922b-FRA
expires
Sat, 20 Jan 2024 06:11:08 GMT
20180619_Migrants_PR-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/20180619_Migrants_PR-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e7766721aedc9bd817b7f12632f9b31db6d13a6460a203bd570c1e015db18e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14599
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 19 Jan 2023 22:33:12 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"3907-63c9c528-61bd11c894e21b0f;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTKxMhL6qa3rEl1P%2F2aTVxZQfmLSslXwwm8hH5mELrUr0QK3nKkBL0ee80JfYYA5HhZf6NS%2BSrMsYMi9KS029reLIqAfxffomfmFNB8Nl7E9ZKUrbrB0b6GnlkCluP6MDdVqtI1qrE1WmygQ7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c91342085f922b-FRA
expires
Sat, 20 Jan 2024 04:48:15 GMT
nin%CC%83o-fumando-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/nin%CC%83o-fumando-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98ae5b1748d571b68d5319d5b178af603c17156fb76988a73dc271e81eee74d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8896
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 19 Jan 2023 21:50:39 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"22c0-63c9bb2f-53f6c1875adf1d30;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYCrrheVImthqVfHuY5gxq41almuI2Rv8%2FtrQVDP4VSVi8PZaeYcS2UBqM%2Fy%2BFSZtVGu1c%2Bd0yExrEt3ea54Ea37geKD4XymN4rQmMJvM1wMPPitmotA0jIgmC93oPfuGbd0Vms05jmT3G7fzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c913420862922b-FRA
expires
Sat, 20 Jan 2024 04:20:44 GMT
djokovic-durante-su-debut-en-el-open-de-australia-ante-carballes-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/djokovic-durante-su-debut-en-el-open-de-australia-ante-carballes-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
469959bf51c9744dfee4efae727e9ffe4e8991b43e91e0ee1752c784e2f657b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8071
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 19 Jan 2023 21:25:47 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"1f87-63c9b55b-d0831ac3096bc773;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nr%2B%2F4NRA%2BSJaiDTl77fA9GIEMcCaMpUh%2FFZPnUXpEwwZ16ydMPQBxvUqmEPgBNZ2OUVAsKHpGrhO%2BmoihwSloevx3QQggWiGWqRF5APgfBYZbrEM4TJ6LTJBVlAq1ETQtB7tg%2B3r0VGTB6u%2BcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c913420864922b-FRA
expires
Sat, 20 Jan 2024 03:31:37 GMT
FmyJBbIXoAAC-Pp-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/FmyJBbIXoAAC-Pp-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ab92e23b9623c3fccf68d46cadbd93d05f036748841426873023584963d58a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8771
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 19 Jan 2023 20:55:10 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2243-63c9ae2e-b59dbcea46ddce1f;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WICTlAB%2FW0MaPQJx48vn1%2FeK7GBkZJMwC7vVk46hPHKlISjgUkWj1%2Fbu3TAj64H1ruDAIhUB6riTUnEeDUDOaE9A2Cf%2BYqHF%2B54FiJfaAZmZzvoRxGNNqT0oYAV1A9oVKr9XoFzkTAKMfLm9oA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c913420866922b-FRA
expires
Sat, 20 Jan 2024 03:03:48 GMT
4443f-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/4443f-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66835c68755c41cf5d9255618a0cdddb04ea853bc96e8703b77ee32717796950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9717
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 19 Jan 2023 20:11:52 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"25f5-63c9a408-e5ef14b46f950e42;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BblIoq7oynkN6BFqBFkoBMacc0LOvWxWnfaKtx6RXgJ67AH66WPLVxlQfsYiHB8fp6v2Uj9Kr63YRrRVfrxd3z9Ce%2BlK1P5JvfkWxDGTUwbnC26dG%2Bnv9GeoHcUnSYjcjeWqssEMNDi5epKkoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c913420868922b-FRA
expires
Sat, 20 Jan 2024 02:19:50 GMT
Espana-300x169.jpeg
adncaraota.com/wp-content/uploads/2023/01/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/Espana-300x169.jpeg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
835bc35cee5d5475c4231b20f6c5e8d54df304c821e2b242a380b8557df255df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7838
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 19 Jan 2023 18:44:05 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"1e9e-63c98f75-e66cf6e1bccb3740;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOkMw3kHo4MepvMVTP3oCp%2Bfiu%2FstEWKeeQuiLC9FyYAoff4NkDlKAG244BIq0TTY%2FTXokjiVf3vWvrU7MS2a8JN6LOOQ87ZpJV5866GAWMfCY9Yd%2FdjQ0lcTNg%2Bs3DYpM8nTKWpmLKWL3blvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c91342086a922b-FRA
expires
Sat, 20 Jan 2024 01:10:46 GMT
primarias-1-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/primarias-1-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aecb9f8f67b46a29a9bc7f266245bb96bf7dc08baf2ff373fa737e260519549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12249
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 19 Jan 2023 17:45:33 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2fd9-63c981bd-cb84839b5c8b189a;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9VPYKUefmFhmc8VoixsrBmCP%2FqAdoihovaLXRBDnuKEkIx%2BzbFmPnKn7xz0tfFweUDi%2FahvPCVK5B4yi1kdzXfEst3SksvpJBlL1AxDrzOAqfXpqmbCf%2B5lToaEWoTV4ANPuJdFM067zKUBkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c91342086d922b-FRA
expires
Sat, 20 Jan 2024 00:52:13 GMT
Dudamel-300x169.jpeg
adncaraota.com/wp-content/uploads/2023/01/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/Dudamel-300x169.jpeg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f2728a2041a51616a243a6b2056cdcee7596c16535da108deaadac1471ae867
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15169
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 19 Jan 2023 17:01:47 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"3b41-63c9777b-ee309127b6edcd7;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0NtxpuIZ0mchk6Sxx1zb%2FNDvtI6lT4WOnO%2FcYR3RAiISdOwXslxOsEvwPkgcAHfZ0CyAPkZ%2F8%2FHIkSiS2zmgyHN3AX3rjTpG0adKAmVQsc0kuS4EYFzhfvpYoBpZGGsJmrub0eDSw6P2kYfng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c913420870922b-FRA
expires
Fri, 19 Jan 2024 23:50:13 GMT
Gata-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/Gata-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b79857c55a84526d91f002190fcf79d2231104683af6060d89e7aca11999668d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10035
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 19 Jan 2023 16:28:05 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2733-63c96f95-d451f09fa7404920;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGr%2BWsF3KNi77%2FHISFDNtKkNCw23PFwRvyhfClviU%2B%2Fn9p%2F9zy8XQNicC87WqC24oawT4PGUB1%2Bztbw8OBaoBugL%2Ft4M7yNc7oHer2joamu5Aw%2BrheAVGkHOoapGYFc6OHXnRjLejS9HhCYUfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c913420873922b-FRA
expires
Fri, 19 Jan 2024 23:11:18 GMT
colectivos-1-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/colectivos-1-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36c074e04ac3f2d28eb6f31527e4fbf120a4514d9e7b35d0316440ad142bcdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10136
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 19 Jan 2023 16:05:36 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2798-63c96a50-194ebd8d9cd741d2;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2B9kdcnCw5c250nDT%2FnTALc%2F7gD7qpdzFE3QIJqSs4%2BpxMws3LItwZH0xpY3j322%2BsRlU3XwQxEnsTnCzzwPqxJHK94boYmNdyVP3uYQhBjG8lgONYky4h7%2F0sC1iyD563FlAFxDbxV1T9MPHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c913420876922b-FRA
expires
Fri, 19 Jan 2024 22:43:09 GMT
imagealvarocordoba334-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/imagealvarocordoba334-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
274dd651bcd7fb15970688e74213c99b45b18206082fd4d4bf4027eeb84ec7b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12065
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 19 Jan 2023 16:04:04 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2f21-63c969f4-a8b987804999d008;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVV9UN5%2F6JfQcovRG6PBK%2BQg4PQUJQXWGxCBdd6WEyEgW9G0DaiCn2qSE2gXVWf14QtwvDDuBluWKURwVNbfMh1hKqFJ393kG7%2FL%2BTGKQx2Gvkvy89OOMekVEdfgurkbltUk1JY59zCNDuLBLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c91342087a922b-FRA
expires
Fri, 19 Jan 2024 22:12:45 GMT
imagevenezolanochile23-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/imagevenezolanochile23-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a57bbb1521936377d57a2b6496674c61491aa0d064225cb530e989f24024dd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11387
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Wed, 18 Jan 2023 19:13:21 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2c7b-63c844d1-f9e2d5652f22dfec;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4QC48iaesDxyAUwW2kAGZIeUjs4E%2FdpYBQ4bYHXpdxUzkFRqVPeaC7HoLb0IaS1x5h8gHD0SOhiBO6MmRlXfLgVJbmGSeN%2BB802w8pqpQAwFLp6Ubzag6h3XS0W137NXYXE53BiC%2B7fZRj3VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c91342087d922b-FRA
expires
Fri, 19 Jan 2024 01:34:28 GMT
imagesucesos9393-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/imagesucesos9393-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26a39fa908f7c7cc71ce0da7d45b86a318626233387386f19e354e6025fac385
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12217
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Fri, 13 Jan 2023 18:56:10 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2fb9-63c1a94a-dde99925c6b8b007;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCFWCgJzg3oAdu1VAyuz4QWnM4r8GPhy%2B4u63ETAPpMO00K%2BmEz4GYtj8B19ZPUxZC0uxdhVSYlJT8dgR42KPonPP%2FGCNycOaBc8KC8VWBUT522UjP%2Fwb1tO2l%2BjPjojXgdQUy7SekPUz0NmNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c913420880922b-FRA
expires
Sun, 14 Jan 2024 01:57:57 GMT
Morgue-de-Valencia-1-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/Morgue-de-Valencia-1-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6425fe83f8534efa000d92df45dd6eaa9424e06da01d01b1a113d3f9c816f6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13443
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Tue, 17 Jan 2023 00:50:59 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"3483-63c5f0f3-34e36463080d7393;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zuvxpx%2FgKjrIcK84IfxAzAjflNxavuXTAh8Cjxwf8dD3LwhxK9L8vDYb0Vmpky50z45tUdj%2BQjJp9oQ4%2FKLVkiQmjsIU0msMQ%2F2d2wsAW5uds8Ogtqmu2AESVsEbijcuuLqceDGAAQI1lSIjgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c913420881922b-FRA
expires
Wed, 17 Jan 2024 07:05:39 GMT
Edificio-1-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/Edificio-1-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a23bb136ad266c6eebeb58e81bdc3b84ae5e4f04c17d2d70795e212bb89c31a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9859
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sun, 15 Jan 2023 23:10:23 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2683-63c487df-7580930866e90a53;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAkquEKs8NBOADASIcdI8bY6vvYLTb%2BPqaIoXdhljREnnFWL2M64Dw9w67gXQ6hJRjrqg85Q5DCFoNGp%2F4NWNsFLj76sn5F7si1sJd0pmlpXj3mODCxyJ5KFBAcQ9fz2jFC1MtzPLho%2BPJShFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c913421884922b-FRA
expires
Tue, 16 Jan 2024 05:43:37 GMT
Decapito-a-su-esposa-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/Decapito-a-su-esposa-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6419ce8f3d4438ea28462a0f0e7e882d7e380ca6a9aadfae2d58ae20f80d5a9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12591
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sat, 14 Jan 2023 20:57:30 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"312f-63c3173a-dec4035ef2473442;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ztCknfFSnihUXqPyUeqAYB%2FnEYN5xSkXLdW35Z22MvBU36q8ToLIXk7euAUMJ7VGSM7ox%2BBAgSTV8NdAlGhRlVXvA6iSW8i3lggkwdqYyE4SvUPxvBXkc5jkSwqi3NtzjsAwyLLnoc2HV6NQjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c913421887922b-FRA
expires
Mon, 15 Jan 2024 03:03:06 GMT
desparecida-malaga-marbella-U46411728463PED-1200x630@abc-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/desparecida-malaga-marbella-U46411728463PED-1200x630@abc-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b1f15e6afd4e6cda71f9578ebc56a15b0b65ba90874192353b008e804a989ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11629
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sat, 14 Jan 2023 00:17:50 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2d6d-63c1f4ae-ba654e816ee98653;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9Ahl5PEAUvGMtloeLhivuEgho3nMqMwYmyQDD8fRS1%2BLgNPkwmmqAL1ievncnJ9m4WVGq6cWMVAsHwHT52Blu7Zh%2FPINeeyr2r8OGXf2S1NYRWvUtufjbzpjto7VyMLi8mggAQGM14U%2BcyB2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c91342188a922b-FRA
expires
Sun, 14 Jan 2024 06:53:28 GMT
sotorosa19123-696x392.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/sotorosa19123-696x392.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3316ff97e39d6251fc6c22c27caacd66a72f9790147f3c1ee254467b5e80be71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28337
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 19 Jan 2023 18:53:11 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"6eb1-63c99197-a763143f881d95d8;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zi4F0Ti91ZsoTB4225QMzuF4f%2BQre1%2FJ9S6OYOgX5kmVqZAfWCyUd17lf2TPm9MJ1JqQ9U5JDCMJohNbvYQTCIv5ERTUExIi5GdN1A8AcfNPqv6jeyS%2Bpj6pX89kbwnl8Qb%2Fi9hocjZYhy95BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c91342188d922b-FRA
expires
Sat, 20 Jan 2024 01:10:46 GMT
mantellini18123-696x392.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/mantellini18123-696x392.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09d6674c0bc9543a340c42d49caf519951cf076609a0f5255e26afe872863f84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38919
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Wed, 18 Jan 2023 18:55:50 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"9807-63c840b6-fc6959e58e62771f;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQff59jMK%2FpmRRAQTQtlVmS%2F%2Fb%2BDZydyMz6x41OGxNlJjWbfx4qrIa0aLZViCaCvjjZT%2F0%2BRtNqakOYBrZsD%2BQHQdA5dIqEFum4FJ1D8dyCNO27SXT5yVMiUczsurWIJwZcscCFQDaAIUITn7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c91342188f922b-FRA
expires
Fri, 19 Jan 2024 00:59:31 GMT
marialaura15123-696x392.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/marialaura15123-696x392.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
875552def1182c67a795f31be89dfee4bf6e4049888520efdcdaa98cfd1fe7f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36545
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sun, 15 Jan 2023 19:58:28 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"8ec1-63c45ae4-32fb84413bdd96be;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nuVVtPS92X1Q58f5asGSVy%2F0jgfIO%2F5OtFCHgWTNX5ytPJ48NnzE5kowoNLDJU7XejNrAcWRR4aEj2d3zm86kfUBXJGJ9lIZOIHZbCRLpUxW%2B1N8jNiGV5x%2BEtWtYfEjEfDCtIk66zAZ%2B%2FxVcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c913421892922b-FRA
expires
Tue, 16 Jan 2024 02:29:00 GMT
ester-exposito-1-1068x601-1-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/ester-exposito-1-1068x601-1-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71c95cf16e98f27581726418334c6395355cb6addbb3514dce9146edce39e389
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7171
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 19 Jan 2023 15:09:48 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"1c03-63c95d3c-bbca33e9b7c007ee;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0u8FY4noDrxW2mzJTWdIk%2BRTwW5RlID27Rjb9KvcgRemU5xORCzE9g15Rc%2BXeUcED61KZH7Lway31pdvC8WHi6itLRo0A9YXpiEUSOFvCsHP7R33ojTwfbCu7U43BoBJkEqoRjLQKrJ4%2Fhgs0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c913421894922b-FRA
expires
Fri, 19 Jan 2024 21:12:28 GMT
Pamela-Anderson_660243972_81302_1440x600-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/Pamela-Anderson_660243972_81302_1440x600-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4187093b33041aee7875d9646f9de4106ad0ead1a5b673fd09a89cd04b528651
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9452
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Wed, 18 Jan 2023 20:32:47 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"24ec-63c8576f-b46d0221faaa323f;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MC1R9EJO3tKg4umAu%2F%2BGjXlfPriQbI9bZOTYCn50Mag7LW6dYs3LTmsl%2BsiND9aPv64TdsLEp4y4Hf3%2Bl7QqvyOOBLyg8Y07du1lAREowkJvYZZsR8blvIp9ba7FyH6BpYBwe5aIYaYlg4QIcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c913421895922b-FRA
expires
Fri, 19 Jan 2024 02:45:35 GMT
Romeo-300x169.jpeg
adncaraota.com/wp-content/uploads/2023/01/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/Romeo-300x169.jpeg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9e09bdb3791f472a2f33410ddc9e8bcd3b6ae0c66a0a2918c480388105e197e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8273
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Wed, 18 Jan 2023 15:05:45 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2051-63c80ac9-e8f815a52c02c56c;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrngOW1e4ff1HrJCL6wcgY32kcuBHA%2B35f%2FDChbtt04yfAhjAaN6FK1xQEr29AuHTfIiZDbAscWOJvMk1pjpeFHeLwkm1Zk4JU%2Bi%2Bl3Wp2uXnwMbBLv8x%2FlD0E0Eq4qYzbcJxTiqDFTSomaunw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c913421897922b-FRA
expires
Thu, 18 Jan 2024 22:09:15 GMT
BeFunky-collage-35-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/BeFunky-collage-35-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eb4cc68e9809d9f853fad37a020a1398f0ce753122683cfd3cb7e4f06cef1cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10777
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Tue, 17 Jan 2023 23:49:33 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2a19-63c7340d-38243f0681f69be6;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJUlt9l6S7jID3OZHYKSI0Ms%2B5OPv9bhIXfMwc2bSqwnYmqpaoGqSRtQYnrecJwdyVTWN9ENxZebdPqoxM7G%2BiwIDdVj6EzSYUSCbit2bjw2pj9aOBmSubOql2xJhx%2B0yWIbmwd0zLhK6AQ2Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c913421899922b-FRA
expires
Thu, 18 Jan 2024 06:22:33 GMT
BeFunky-collage-37-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/BeFunky-collage-37-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3ed8ddc41db1353c216f3e023ee9e420d7309b9c2ddedf266114f9c21c39464
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17799
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 19 Jan 2023 19:36:03 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"4587-63c99ba3-b10c447e4e355e93;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHoacCNLnLxRkD4PlNWyRodQAlgf0BPxzb8Jk1gxofOYhLG%2BUs6t38Ag1Cr3JznQ9lB5lN%2FWvbyD0e8QaVtAfeVJVsbM8AfwV3oEarOpDAlA4iA6abgh%2FMFPD4CSqvnoyXSKbbPtUl%2F8VEgqoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c91342189b922b-FRA
expires
Sat, 20 Jan 2024 02:19:50 GMT
venezolana-300x169.jpeg
adncaraota.com/wp-content/uploads/2023/01/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/venezolana-300x169.jpeg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
928c4f3e7616bfc3e08c571610a4f7c78dcab8559a7bb364f87e24e582f0ec63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10011
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 19 Jan 2023 14:03:13 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"271b-63c94da1-8d4e49b43bc33a3a;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7rw2XOOeGsVZ6iwT6TMiT1ukksYuuYpHkUP0myYkpFrdQiShfAHqW7IFMYZFe7JBIqKU9M2K9w79yW4LORy%2FzJq%2F7IdPo5Lqn8S5xEJAfhAimwPGqWJM%2BtfTOPNH%2FAry7ikokb4ps5meinuxYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c91342189c922b-FRA
expires
Fri, 19 Jan 2024 20:53:05 GMT
imagecabello28292-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/imagecabello28292-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53dca2fef84e7c318ac91b0a499a423a1863de66e338c930c9b085dbe84f8aa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9485
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 19 Jan 2023 14:02:57 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"250d-63c94d91-90224e943cf24b7a;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGQhR5cwfwg6qpiJfUC1Cz%2BxSt%2FfmRzlIKgGj5W97MkMsXYVIB4Ll%2FNXeSpAiIcg4x9TVzf8Kxn1W%2BOn7WlzKI4mIAcvMkFVoU1SH79Bc7YasjH8mRfD5nbcjSHZlGQQ5EgGnrZM0lYSBbON5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c91342189e922b-FRA
expires
Fri, 19 Jan 2024 20:12:05 GMT
Hambre-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/Hambre-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
603295796b1d5d7cb7d8864b19dbc400928801f8019c6f05e0f59d9ce97b79df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24217
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 19 Jan 2023 13:20:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"5e99-63c94390-3ee0358d8e9fd252;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A44gWMHZD5AIDW5KNqFPZn5xmliu%2FRLWoctqNmGTqFp34fsRd0UWHiyWkgGfxIznJr7nvCuse8UfNH8Kv43h1F6KR%2Bv66bNuPzPGSdNB8IQh00ZoZ4BftF3ysjbUi0aCl8v%2F%2Bh8ibX17uo7gsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134218a7922b-FRA
expires
Fri, 19 Jan 2024 21:12:29 GMT
imagedolares839320-1-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/imagedolares839320-1-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1a983faded7a039e65930d85143d6715ca7feacbf8e736b45afef060f88d301
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19998
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 19 Jan 2023 13:35:03 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"4e1e-63c94707-98fdc537c9cf1043;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x1OGl5TsZW%2FQB22Fo9kKZJPSYDlZ3FCcuSUlIIV7C7dH8N1TyDB2FDRDGCNnXuTq0mZyMlnDEKnJDjcyWQvo4i4oLbjyxKmUqzE2z58pkjXlWtAZPnPOmpKRHR1OdegGd%2B0MfmRgcOnZeMPF5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134218aa922b-FRA
expires
Fri, 19 Jan 2024 19:43:12 GMT
maria-corina-machado-kRzG-1200x630@abc-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/maria-corina-machado-kRzG-1200x630@abc-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f52104e0b981fb7d87b051932bb93ab545a68c459b87018a7403655fab0de051
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8598
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 19 Jan 2023 01:03:09 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2196-63c896cd-43e37662be5e70d5;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vk6NptzjexpzyPy2xchqhJCARSxrzH6qnlWC%2FZedhN6IzoMskUKZIw6N2DxuUHsOOgOzhX1lPhBYXQcBptKeyHm7ge4siS7OK3q7G6KE5i2DqVuWa7srnmr35n6PQgbZxNXHydEO4KbzH0whug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134218ac922b-FRA
expires
Fri, 19 Jan 2024 07:41:23 GMT
Citgo-1-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/Citgo-1-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef3cf87c9cc03c2200218d78ca89ab0204d936d7673a4179bb56108601707068
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12422
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Wed, 18 Jan 2023 19:34:31 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"3086-63c849c7-100e5bd0823a0675;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zA3U3iH8%2FpHT%2B9hPXrPVFtfsXinTKkjxPusqRD2lCXaVJu%2B68gxzRF5rxTWl%2Fm3Bo7dZ70Cjaa6RkO3jBn1pHhRRIFVAR%2FakK8NFavVc5H8%2FlC%2FiwbiGZSVcyKx7Y3umdbets7Q7ovhjNmS%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134218af922b-FRA
expires
Fri, 19 Jan 2024 01:50:36 GMT
mujer-2-300x169.jpeg
adncaraota.com/wp-content/uploads/2023/01/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/mujer-2-300x169.jpeg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
debc67218ac76a7e02237ef5d72e9d7bf7d2ee0d3cc55bfeb34996fe772c4c79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10566
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Wed, 18 Jan 2023 18:26:00 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2946-63c839b8-d7759296d0bfcf0;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOeuymsklJ8qpFSJZ6QqyhBUXYEL04iZb212ta8WAPFXDdi0i05oavXgLJOFYONtCLCWULnSIvbCukMglFWcXg0CR1lxZh%2BbIJnenS4%2BvdP1xg%2Fl4g1Fg4cebqiWOOHLEp%2FGRdB0nhW0CVhKKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134218b0922b-FRA
expires
Fri, 19 Jan 2024 00:59:27 GMT
ucrania43778899230-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/ucrania43778899230-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95578a285701cd61a735c0bf64fe0b601c2ddac47215fa5f9e63831a10aee70c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8249
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Wed, 18 Jan 2023 15:01:47 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2039-63c809db-b2528cb8b2ed47c4;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFbU%2BbsJVskJ7xqR7z1YHB6pgBuSSWgfsqM0V5seOX3QZEXQEX5ZtS%2FFOz9mHQdKczLJpmhurDHc5Xsu9xu%2BTLrYjM6aWInA%2FcKV6rky2ZJQUZRft279sGpUv4c82dJf7JHg9lyW9K50Iv8v6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134218b3922b-FRA
expires
Thu, 18 Jan 2024 22:09:15 GMT
migrantes-venezolanos-en-argentina-667292-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/migrantes-venezolanos-en-argentina-667292-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37dff26e70863d037194dabb2c1d3e3da7b7abd0d39c18bbea5a08adfeb2b723
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15905
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Tue, 17 Jan 2023 22:25:33 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"3e21-63c7205d-caaf4009a48a59c7;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCPjc5Sto%2FnwHdKH7uhYfGNXHsLpC%2FSqYWc4GDyLCHDTyAoa7%2FWnhOcop3X5CgxxLwtZa5%2FSRF0pzqnB9Wj9binhYxCwMvO7kyCDZbeyDqnpkj7H06OpErEyOIoL1hT9u%2BSC%2B1LOWOnin91xjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134218b4922b-FRA
expires
Thu, 18 Jan 2024 05:15:22 GMT
O4PAGVNC5ZCT3OVKFL3SJAGRDY-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/O4PAGVNC5ZCT3OVKFL3SJAGRDY-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b31a7a0f83cde3576559461ff292a3aa8e675365aad931486cc76061fb0aba5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12011
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Tue, 17 Jan 2023 21:41:15 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2eeb-63c715fb-39fe8c261bd19b1f;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRUvDwhArLHnMZLvA9Nm79gPrM1n2bDjaZDfB0ADzwUTpN6o8tNesIZzyOFuxZJWtLzZ8t%2F0n3g758Kz1ZrSDcG9vN81RSaMPxtY0wSC%2FX64O74bpumMo%2BWPoKDHcummkcwbG3IPoZl23mLdfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134218b7922b-FRA
expires
Thu, 18 Jan 2024 03:58:43 GMT
dariencruce-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/dariencruce-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0635be399fd1806def7cb25c2987925643494144da4a302ddc3e4d0813c216cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15284
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Tue, 17 Jan 2023 19:59:01 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"3bb4-63c6fe05-5f7f4340c086f698;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=byVMipLigWMWySUwRey1Jz0%2BGyYv%2BAbf7aqSQJVwSnLWVLsMM0Ea0GbPVihEnbzo%2F7VDbLNRRu%2FHlZnWi3JV5Qosnhc3y6gSvhQkKIj3EB5OqKY%2BqtAD7idezzs6F%2BZMENEHq%2FcMf5kf1Oi5AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134218b8922b-FRA
expires
Thu, 18 Jan 2024 02:15:30 GMT
Venezuela-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/Venezuela-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
475979a6f3814e9be6832579a13447b91f420c0ad7f8685218c3cdba5f85c702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9476
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Tue, 17 Jan 2023 17:48:52 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2504-63c6df84-ac70a16212720509;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YGcaPrZuoffneHbIbzoX5%2BwHq30EPQtnU1S7IhPKK24Mt2FHTfhjTREfsNKts3TvHaZSYbfuEr9x39X3w%2B9OuvGa0HuARwQzp2M3SD%2BKZOIZaVpq8LA4nMwhzURK%2B2BKAgohNZMycjgbRzoZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134218bb922b-FRA
expires
Thu, 18 Jan 2024 00:27:57 GMT
imagedepartamentodeestado39839-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/imagedepartamentodeestado39839-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8b66c6e9c9c68db13267ce3c3a0823451f6630de4e7348d6c11c23b53982782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15445
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Tue, 17 Jan 2023 13:57:15 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"3c55-63c6a93b-147d8c2f554acaec;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkSMrkq84y%2FvnFW1DgVeCuvTypnZGcqb8SQWJNoie5AyLOmChwuZYWiu%2BPkHBl6B65gm2ZwEpj3HXMcaycmXqpznqzg2OvqqtcJ0ISkqUxvmbXji0jwa%2B1D3PlkLm74PkKu%2FoGEHXH0eDNf5uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134218c5922b-FRA
expires
Wed, 17 Jan 2024 21:56:02 GMT
BeFunky-collage-34-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/BeFunky-collage-34-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10f50cd99b1a13ac83e67d2c8d7b3896e2d63b44d4f9d3a98d752ece428052a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11833
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Mon, 16 Jan 2023 23:44:04 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2e39-63c5e144-2342acd363d3efb3;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E21Q5jk7NGQx1FY4JFFOd9ifp6ZFB4e%2FyShgrRYzYoPvP8vGOSwh1dkkX5kyi2eMKKw%2FZpZai9E6RNZL7ptR40oYJrrEHreLkS%2B00eOxlUy35tjsnTBIji3aJMS8DVHYMWiiJQYMQQjBeZ5zzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134218c7922b-FRA
expires
Wed, 17 Jan 2024 05:54:32 GMT
Rio-1-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/Rio-1-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4c1f2543b3dd849a17f849a4786a3fcc1725c895ed38603ba0c9e8963446c84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12676
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Mon, 16 Jan 2023 18:26:09 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"3184-63c596c1-7a43f8fdbb954916;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eVTiqIJhdXmtEXT%2FrcfazXpgpdD8d1ySdzYoptoE2IzLH8QFAz89jcLl%2B7QLIF6PFh933Uvctk8zMxtl%2BlGpUa1KW5oNVvpKnA0oiZhntwXz4wPL7YzcMTtm9d0AOjNAYS2jPLRkHkys4htnwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134218c8922b-FRA
expires
Wed, 17 Jan 2024 00:49:50 GMT
sotorosa12123-696x392.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/sotorosa12123-696x392.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f45f65b9887d26e6b897907581d257fb8bda69f120c5b5c31ef2a5b00e080fe6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39396
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 12 Jan 2023 19:16:34 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"99e4-63c05c92-239bb80a0d803823;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4xw9ZZ%2BmnBamVZJKcbJ3C2kdlfkDkNERnAN8P86WAUqdwPDp6DBCTxPdRKBOzolWtgPm4Pg5u7OFRHfM7o75xaiHt5Cd4svbQ4%2BRVWh8n61UCEEz3IH28bV5N9S4dL4aRZCbdwyWxQ8ERnmbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134218c9922b-FRA
expires
Sat, 13 Jan 2024 01:33:39 GMT
mantellini11123-696x392.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/mantellini11123-696x392.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73405a39c5115064b8d43f724421500867dbe5ad8dd5b5374c6242daeb5d2472
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40060
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Wed, 11 Jan 2023 18:20:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"9c7c-63befde0-143a296e83033a19;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wnfRju3Y%2FsHdAJjNKRKPlTdsbXk1VMixe7hcawGMPVigR2VQyL6VI6qbJMwjpTt5bYhDi0ZYKChsyEJzHFU3aqzKRqIguZO8t%2BM%2Ba%2BENdHnI1gB85WalyzLhBKs5NAjtrKUohuPl4dNeq43Qjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134218cb922b-FRA
expires
Fri, 12 Jan 2024 00:36:34 GMT
marialaura8123-696x392.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/marialaura8123-696x392.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa829f946cf28c584e2cccb15f9d703c3961e2b4a62a520c299d3b60121efd5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42569
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sun, 08 Jan 2023 14:04:11 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"a649-63bacd5b-e231cc8996413f13;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BMdAqUAup3kbE%2Bvs9UbrkPTY%2BWP%2FSQkDsm4qqModQyjttQtvYB8Q6LgzDTNU%2FIWm%2BEflo3XS%2BL4CVNEd64ppCM7InmSkHPa%2BZILnaQzYGIow5%2FbZlL9n3gqw%2BWExxCa3bXxHSjllBG8UL2kBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134218cf922b-FRA
expires
Mon, 08 Jan 2024 20:07:39 GMT
amarisperaza6123-696x392.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/amarisperaza6123-696x392.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f37d13cf590002a9f7795d37da613e76ccdf7c7f2a634a77efba7c0e1df9c22b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
57709
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Fri, 06 Jan 2023 19:29:42 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"e16d-63b876a6-c6e67cf41f078b49;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tydy%2Bq%2FdnYOe2iC5r6ncM1qClRztpbMj5fvMbT47zqo1zzFAYNuqluEtYmWK0ff1%2BsJJWXA9L4e6vuXZ1UWuscu9Aqe%2FSyp%2FR132%2Fm9M6bgJeTFwYulBINlBcYWUIrilVG7hBMW6DAXqcjnIcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134218d1922b-FRA
expires
Sun, 07 Jan 2024 02:04:13 GMT
sotorosa5123-696x392.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/sotorosa5123-696x392.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a9781804536086e6623fae64e0a919c935c7af8132dc1889dac37545ac31d69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22652
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 05 Jan 2023 19:00:27 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"587c-63b71e4b-e16bd4c15346e455;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxpDUdUbfK3kwVbaNg6VrEZeK7I1egJxIjzzxZRX06wYtY09uuRKzMAlPQ3aVmEL6Qh4JLFU3hZuRiFCbIBHsRnFfkDXmp40fP5KYa%2FT5KOKUYLkv%2BJkqojb%2Fbkjy4X%2FM4NlBArFx1oQMwe1fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134218d2922b-FRA
expires
Sat, 06 Jan 2024 01:24:09 GMT
imagen_2023-01-18_192045805-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/imagen_2023-01-18_192045805-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f948cb326fb01522ffcdca5d88e2454e28b8f22e127647f6c86ad1f9f89ff3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11794
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Wed, 18 Jan 2023 23:21:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2e12-63c87eec-b07232abbfbea0b6;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=waH6KWEmQwdF%2FNmwr3qlvjG%2F%2FnpWaRweetd3KhaFxQmprbVpXh6j%2F8QaKYsn9w9%2BcnJA3cAtRQYAaVSlntH3sfisnlGEYTIDbJrDyLkfjwSXxXJvJ1kzy9AbSTJBrqQOM2K5QQBdTBPrtoX%2BCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134218d5922b-FRA
expires
Fri, 19 Jan 2024 05:43:54 GMT
Martinez-300x169.jpeg
adncaraota.com/wp-content/uploads/2023/01/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/Martinez-300x169.jpeg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d71ca94de9506b3a982fc8b65424796ad3dd7dfb94e04fa0c5c7da2c95cb847
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11317
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Wed, 18 Jan 2023 17:58:21 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2c35-63c8333d-223b39ab0b728c14;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0k5zev4vpe3jGiraVNsYBExjUO3mzG%2F1E1GtytL4DTStllA91bisyNUqW%2BKd4j8twXqPi27SNM%2FR8ihjq6TbIm%2F%2B7JT54DDRIBbm%2Bmjh0Ot8G4BK6giwG5vdpu9W063yC1wRNXEb1d5usAHSAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134218d6922b-FRA
expires
Fri, 19 Jan 2024 00:59:29 GMT
Rincon-300x169.jpeg
adncaraota.com/wp-content/uploads/2023/01/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/Rincon-300x169.jpeg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d630f81f0eae71d39b680ab8012f2b090106574cc44883b22b04995fcca904dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7435
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Tue, 17 Jan 2023 18:58:27 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"1d0b-63c6efd3-c348c452438f2b6b;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BNBDjTK2iml%2BZ5zoieFAeq74SssLG7SruPom%2ByvJOEOX3%2FCSZCUxFRHnvoD7IHATxRZg6fKYKJgkv6sNdSVVWmFZhl%2F8BTPvLI9eXE4wuLOEOTKlmiuX0sV8s0Hs560cIvzIwjN2xuYDWEWtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134218d8922b-FRA
expires
Thu, 18 Jan 2024 01:34:29 GMT
dolares-300x169.jpeg
adncaraota.com/wp-content/uploads/2023/01/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/dolares-300x169.jpeg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0698d1c8922f79eb47afe08542376b15a3803b22c8d225cb6cb44620e85dda66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11099
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Mon, 16 Jan 2023 18:35:09 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2b5b-63c598dd-d0751222ef31932;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYs44twpilH5%2BsM06Xo1ylQHfOVb5BgIRq90k6eNYcNTf7iChJhA%2Fg%2By3tnj8XiZpmLyjaHwE8PkEEV%2F6oPw6vdIZsnl4vubAp5ggfMFhte5X0EJwdUhChKBnCs0MzGfK1VCvIDTP%2FO%2FbPnklQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134218db922b-FRA
expires
Wed, 17 Jan 2024 01:05:44 GMT
ano-696x392.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/ano-696x392.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00c603588363e209cafc09978d5b224375b31deb5c38ef3f9fe9bf63ddbcff8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28395
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 19 Jan 2023 15:22:25 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"6eeb-63c96031-8dac6ebae9030430;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oy34Jl5too%2BEtLkkaAwk7s2rRlDB2aa%2F2Qh2%2BBJSO1Jl6KtKGsvC5Vm5%2Be5l1%2F%2BBfD8GIxTx3NYnECKmDOQdbBLYRjz6pQJBMmk0iHv76oWWT0QUNfOjyFucBXRCxckgzJODlw3ZvcnOuxnxCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134228dd922b-FRA
expires
Fri, 19 Jan 2024 22:43:09 GMT
Inteligencia__Artificial-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/Inteligencia__Artificial-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c1948f93d05ee8808919c39e651fcc3669b2f7db5581fce2dc661cb0120e4ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14376
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sun, 15 Jan 2023 20:59:35 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"3828-63c46937-236d55aed6ee4f70;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDBU%2FE%2Bj5O3Bp8uZhuTtmGBPgBkU8fy7JKk2olZgogfjoqEErD0ixC%2FbJe%2BdSzrK4jOlfUaY96rnWIbkY1TQXp9iqGRmjxkPpZ2lbzy83bmRJiWG0MH8%2BJWufdIt%2FQWLTX2S7XRn1XMpMp0%2F0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134228e4922b-FRA
expires
Tue, 16 Jan 2024 03:11:13 GMT
Ovni_Barquisimeto-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/Ovni_Barquisimeto-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b29dca64a17cd54722a426c187415377d7fc4cb6d2e38a49c5ade9adefe5dd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10930
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sat, 14 Jan 2023 17:49:05 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2ab2-63c2eb11-2638bb9b2e714593;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRWyB%2FXHG9BQUqPfNtHcEK1v6cUrkAPbQJH8orAk55JxgzdWGam5xne0IoJy5Toe8Uaz%2BINcixBKdif7ArgHtQpcynywI622cbJW9V5pVgfpy8VVKZeCFyzYOvIBIBrRS0dLQBysWFlwAsSy4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134228e9922b-FRA
expires
Mon, 15 Jan 2024 00:07:27 GMT
nino-coroba-696x392.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/nino-coroba-696x392.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2343a4133467aa17ca002db1ee405415429a4ea809f8c9af22bfd4e5fee30782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21221
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 19 Jan 2023 23:07:39 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"52e5-63c9cd3b-ba9a83d6b658865f;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4Cf%2BKwLjbwWGaNgpQwOx7KuaUp2rB%2B86rLKDlcmO4Ng8K%2B1RxnjKYXaKoZXfBW4e5yjuIRnFRzlD8CrNS3PS%2BpVylAalwFpxx6%2Fgb8iYCK1Uos4FLtEOdu%2BC9GaeIAaW3vEYAZk3r7d9ahSaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134228ec922b-FRA
expires
Sat, 20 Jan 2024 05:13:49 GMT
Ladron-Arcangel-Miguel-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/Ladron-Arcangel-Miguel-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d64b93969a3eb2095f43284244315dacda766db1bf333023d18d1cd41622d40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10436
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Mon, 16 Jan 2023 01:21:52 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"28c4-63c4a6b0-22b8ca783e670077;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9k32GVqhBMvIwsu19hZdrJi9iBNOVxDkJuLwstZU5vYHf9FYaiVOaE4o0UdMzM1WqIgxHJTzXAwj9LSc03tLN0ZnXH0ZTH91a02SiFULMvopERHi6ALrg%2FVMSpUYX3zHMkHesvqwwcI7p6xvXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134228ed922b-FRA
expires
Tue, 16 Jan 2024 07:24:56 GMT
Mickey-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/Mickey-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2514773ddc7501401d9d564d958ea68a1b1b3f67040a17adefd26c6b9fa28d57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13194
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sun, 15 Jan 2023 21:42:24 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"338a-63c47340-828ce29aa993128a;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0btmvJxqfUTbVjvFpnYZokAItCFocu9c5LKzIAm6MZzwYdENUIOmT8yznxSSTH3oqLs20O2vRDDPe9LZV0rrAKwKbV20y%2F6zGgHBhyQhGlLM4TcOWPyO0bDj7aSIlCvKHBOaLQ47Mp8KjhQM4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134228ef922b-FRA
expires
Tue, 16 Jan 2024 03:59:24 GMT
Gatos-696x392.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/Gatos-696x392.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1eea0cf16e1620ffdb2c737f6c7e34c54a98abe3bb19305ac1527a4d509c69ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31459
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sun, 08 Jan 2023 14:53:52 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"7ae3-63bad900-c085254e9bd516a;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xzTMXzoRAaaOi5YceAWtjdnS4rIT98pdMtWxd2xUWBfwp8mWgoSXk8xwUaO6J6SYt27IjHbnn8bc6XJUiiVkJBJyBg8mpXpLTyNzA86S%2F%2FpSpppsV5Z7Tb7qLWseigB2Gp%2BVVbgAuH0V9lG6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134228f1922b-FRA
expires
Mon, 08 Jan 2024 22:45:06 GMT
Perrito-amigo-de-peces-de-estanque-300x169.jpg
adncaraota.com/wp-content/uploads/2022/10/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2022/10/Perrito-amigo-de-peces-de-estanque-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebf63c3f7cbb4f5e717791733bc60a10c22851a6644214638b71b99ca09d3ce8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13353
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sat, 15 Oct 2022 20:23:14 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"3429-634b16b2-3f5fb50022bc082b;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmciEFuu0mW5WRFaNaSzwCdeworFhHRp4oRcdhmlI8MOTD%2FFafjLfLlEDqsOtOGSOOpYTcBmZytzpZnK5FG5ypCLRbzMGH2SNzgBfmRXgvMrSZCmgz76c83b8oICINvydIhS%2FlMV2biIfTRh3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134228f2922b-FRA
expires
Wed, 10 Jan 2024 00:14:34 GMT
PERROS-300x169.jpg
adncaraota.com/wp-content/uploads/2022/09/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2022/09/PERROS-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
423672bad5fc192b8cddfd7d55c4f1005c34c950098dc5492aa1b2d8cc9e84af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14519
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Sun, 04 Sep 2022 15:33:09 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"38b7-6314c535-bcfbf882d152c2f4;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qgVhKq0v4wwfr9w0NJ4x148Sv%2FqoMUEyW5ossoiKFH1VyH2P6Mb%2FcJimkwvkPA%2FjTBZpY8grrknKZzzLNPpNUcKwOAb1IbD9%2FwLBGl2miqonvLA7Mxp4DCUXxR9W1Dt%2BPw7peGZOZV8jM9g5Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134228f5922b-FRA
expires
Mon, 04 Sep 2023 21:52:58 GMT
imagevalenciq8394-1-696x392.webp
adncaraota.com/wp-content/uploads/2023/01/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/imagevalenciq8394-1-696x392.webp
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f564a47e365ffaf182ae4d20b962faab229c18f7fd4601f9063e14e794920bcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23724
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Thu, 19 Jan 2023 00:18:11 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"5cac-63c88c43-79f2ec1c7d83f592;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DP0wqqF1S9Dsv6XXkv0fgVTvdGlfzJ5Aqh1EAvjsn7oNG%2FmFC3c%2BsFV%2Bzn0Zb%2Bu%2B%2FLcWO0diSJwtB3hhn1S94tLEcXzbaIWYeoLp9V15zDQoGd3J5%2BJ76ZCkyzDCDq%2FfcJuucasZIw1UorWBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134228f6922b-FRA
expires
Fri, 19 Jan 2024 06:51:51 GMT
protesta-docentes-2-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/protesta-docentes-2-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc5ef2abe8a48ed90b5af150b5339e5a38f573e32f4b0866d534f12324f22ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15178
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Wed, 18 Jan 2023 22:56:26 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"3b4a-63c8791a-cfbae9619065324b;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1ayNy%2BD1aNx8sW6w81lwJfNFLl33O6A7m%2FfILMwzQVSc%2Fpcs%2Fisg65IyGacbf%2BIdsu2q9HwryF34J2iUXhlzWWftUuAfbE7X%2FHFeLe5M8wwc9sHs6E%2BWSP3WGxsPNVF93z4jtwVxUZV1MlGWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134228f8922b-FRA
expires
Fri, 19 Jan 2024 05:09:55 GMT
bocaranda-1024x576-1-300x169.jpg
adncaraota.com/wp-content/uploads/2023/01/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adncaraota.com/wp-content/uploads/2023/01/bocaranda-1024x576-1-300x169.jpg
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:547f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07c1daed6b27399ba8216cb37b29dee60d16960ce761500b49b4ba0c82bba0be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none;
cross-origin-embedder-policy
unsafe-none;
cross-origin-resource-policy
same-origin;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11224
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
x-lsadc-cache
hit
last-modified
Wed, 18 Jan 2023 22:23:18 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups;
etag
"2bd8-63c87156-5358ffa6eff3dad0;;;"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bul02ttkuUqYu5dPIW61GlWGynszXR9MhA0mo3GSaGGvFdeSc7iFzQLmJMMBvbRcdraPiLj3FsHkMeWry1tohjmnq5HSz3QPmZ99ka%2Bv%2BPQLglz9D%2FcIrFrzh75juhUz6ccsHHodwXzA0Rb4Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=31557600
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
cf-ray
78c9134228fb922b-FRA
expires
Fri, 19 Jan 2024 04:28:27 GMT
truncated
/ Frame 42F4 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
edf39e09777e39291e3ac1fbad91e47bd35cd7e847ac72e853415146a8023c1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
s2gk7r78n0fa
hal9000.redintelligence.net/zone/ Frame 7C98 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/s2gk7r78n0fa?subid=&gdpr=1&gdpr_consent=li&rnd=616291371190682468&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DqPbq9sp8wpsVRK5cvi3mIw%26exch_seat%3D20035004448%26mt_aid%3D616291371190682468%26mt_id%3D6622335%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D5a0163ca-bcbb-4500-a947-113b34a33c4d%26mt_cid%3D5a0163ca-bcbb-4500-a947-113b34a33c4d%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCPq6gvLzKY425MJm5nsEPqqCNuAnPh46bXMCG2YLGAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJ4AIAqAMBqgSDAk_QhgKGmm7NI2VZw9_OCXzHxTPDz2k95QvCpN2OmP810Jdknuxg3ZTeVZ0WOEPVQdo4hSg1S2lkuV2pWofyxF8sKpLOQvKvSEFafiSktuqNPcMcqTYgDsMll5YJX6nv3RmzF5Sm-48RRMzspNXPynxmWnUKrcunUWm3kYBQK5Ut885suNnqWMZqP4v1OrG3itqaX3kt1Z5FXrS0rY-eXqrIwjDxaNKqIgADx7y_wXl7ZkDJ2z3LpYthKaaQtqGNTW9XJvZU-yji1a62n1gcle7dBhTsdx-SlVK8i8LtsCixQ8W9kE_MLaWiiRVNxzt4tjvFEcWUL_4HpzBiBTPy10INeYfgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_38vBgchlpw52Tay6jiOjpCsbBGiQ%2526client%253Dca-pub-8339469931624128%2526adurl%253D%26redirect%3D
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
daba759602fd6fc7078d30a3e48b56f356d83d00af1560e44e4603cef86cfef8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:34 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3411
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
analytics.js
s.update.mediamathtag.com/2/619621/ Frame 7C98 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//adncaraota.com&ui=88a7395e-a9c3-056e-0000-000000000000&ap=&ti=616291371190682468&pv=0502ff70-0831-417f-a094-826ec2e9daad&pp=pub-8339469931624128&sr=4&de=43003&si=1445604582&dm=970x250&ac=651871&cr=6622335&ai=216536&c1=4562306&r1=2a01:4a0:2b::&r2=&r3=
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RoaE56TTVOV1V0WVRsak15MHdOVFpsTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYxNjI5MTM3MTE5MDY4MjQ2OC82NjIyMzM1LzQ1NjIzMDYvNC9LeGYzaGh1TzBpWGE0aUg2aHlXejdONUJuYWNNWDlqY0RFMTZvamVIZS13LzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYxNjI5MTM3MTE5MDY4MjQ2OC9hbXMvMC8zNDUvNzEvOTk5LzMyMi8yYTAxOjRhMDoyYjo6LzAuMDAwLzE2NzQyMzA5NzIvMTY3NDI0MzU3Mi80L3B1Yi04MzM5NDY5OTMxNjI0MTI4Lw/CwzwKip7y2uE-IhhoJsNFPFomrM&nodeid=4012&group=cdg&auctionid=616291371190682468&pbs_auctionid=616291371190682468&shardkey=616291371190682468&sid=4562306&cid=6622335&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.181&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPq6gvLzKY425MJm5nsEPqqCNuAnPh46bXMCG2YLGAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJ4AIAqAMBqgSDAk_QhgKGmm7NI2VZw9_OCXzHxTPDz2k95QvCpN2OmP810Jdknuxg3ZTeVZ0WOEPVQdo4hSg1S2lkuV2pWofyxF8sKpLOQvKvSEFafiSktuqNPcMcqTYgDsMll5YJX6nv3RmzF5Sm-48RRMzspNXPynxmWnUKrcunUWm3kYBQK5Ut885suNnqWMZqP4v1OrG3itqaX3kt1Z5FXrS0rY-eXqrIwjDxaNKqIgADx7y_wXl7ZkDJ2z3LpYthKaaQtqGNTW9XJvZU-yji1a62n1gcle7dBhTsdx-SlVK8i8LtsCixQ8W9kE_MLaWiiRVNxzt4tjvFEcWUL_4HpzBiBTPy10INeYfgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_38vBgchlpw52Tay6jiOjpCsbBGiQ%26client%3Dca-pub-8339469931624128%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.212.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2a49a2ecae4cd2c655ea5317f7d1be88eb6a7dea174cab51f5a9da3a9a21c80a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin
*
Content-Length
2982
Expires
0
img
pixel.mathtag.com/event/ Frame 7C98 		43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=616291371190682468&v3=651871&v4=4562306&v5=6622335&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RoaE56TTVOV1V0WVRsak15MHdOVFpsTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYxNjI5MTM3MTE5MDY4MjQ2OC82NjIyMzM1LzQ1NjIzMDYvNC9LeGYzaGh1TzBpWGE0aUg2aHlXejdONUJuYWNNWDlqY0RFMTZvamVIZS13LzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYxNjI5MTM3MTE5MDY4MjQ2OC9hbXMvMC8zNDUvNzEvOTk5LzMyMi8yYTAxOjRhMDoyYjo6LzAuMDAwLzE2NzQyMzA5NzIvMTY3NDI0MzU3Mi80L3B1Yi04MzM5NDY5OTMxNjI0MTI4Lw/CwzwKip7y2uE-IhhoJsNFPFomrM&nodeid=4012&group=cdg&auctionid=616291371190682468&pbs_auctionid=616291371190682468&shardkey=616291371190682468&sid=4562306&cid=6622335&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.181&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPq6gvLzKY425MJm5nsEPqqCNuAnPh46bXMCG2YLGAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJ4AIAqAMBqgSDAk_QhgKGmm7NI2VZw9_OCXzHxTPDz2k95QvCpN2OmP810Jdknuxg3ZTeVZ0WOEPVQdo4hSg1S2lkuV2pWofyxF8sKpLOQvKvSEFafiSktuqNPcMcqTYgDsMll5YJX6nv3RmzF5Sm-48RRMzspNXPynxmWnUKrcunUWm3kYBQK5Ut885suNnqWMZqP4v1OrG3itqaX3kt1Z5FXrS0rY-eXqrIwjDxaNKqIgADx7y_wXl7ZkDJ2z3LpYthKaaQtqGNTW9XJvZU-yji1a62n1gcle7dBhTsdx-SlVK8i8LtsCixQ8W9kE_MLaWiiRVNxzt4tjvFEcWUL_4HpzBiBTPy10INeYfgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_38vBgchlpw52Tay6jiOjpCsbBGiQ%26client%3Dca-pub-8339469931624128%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 357 2feb0b5 master cdg-pixel-x13 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:34 GMT
Server
MT3 357 2feb0b5 master cdg-pixel-x13 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Fri, 20 Jan 2023 16:09:33 GMT
img
tags.mathtag.com/event/ Frame 7C98 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=616291371190682468&st=4562306&time=1674230973&nodeid=4012
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RoaE56TTVOV1V0WVRsak15MHdOVFpsTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYxNjI5MTM3MTE5MDY4MjQ2OC82NjIyMzM1LzQ1NjIzMDYvNC9LeGYzaGh1TzBpWGE0aUg2aHlXejdONUJuYWNNWDlqY0RFMTZvamVIZS13LzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYxNjI5MTM3MTE5MDY4MjQ2OC9hbXMvMC8zNDUvNzEvOTk5LzMyMi8yYTAxOjRhMDoyYjo6LzAuMDAwLzE2NzQyMzA5NzIvMTY3NDI0MzU3Mi80L3B1Yi04MzM5NDY5OTMxNjI0MTI4Lw/CwzwKip7y2uE-IhhoJsNFPFomrM&nodeid=4012&group=cdg&auctionid=616291371190682468&pbs_auctionid=616291371190682468&shardkey=616291371190682468&sid=4562306&cid=6622335&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.181&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPq6gvLzKY425MJm5nsEPqqCNuAnPh46bXMCG2YLGAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJ4AIAqAMBqgSDAk_QhgKGmm7NI2VZw9_OCXzHxTPDz2k95QvCpN2OmP810Jdknuxg3ZTeVZ0WOEPVQdo4hSg1S2lkuV2pWofyxF8sKpLOQvKvSEFafiSktuqNPcMcqTYgDsMll5YJX6nv3RmzF5Sm-48RRMzspNXPynxmWnUKrcunUWm3kYBQK5Ut885suNnqWMZqP4v1OrG3itqaX3kt1Z5FXrS0rY-eXqrIwjDxaNKqIgADx7y_wXl7ZkDJ2z3LpYthKaaQtqGNTW9XJvZU-yji1a62n1gcle7dBhTsdx-SlVK8i8LtsCixQ8W9kE_MLaWiiRVNxzt4tjvFEcWUL_4HpzBiBTPy10INeYfgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_38vBgchlpw52Tay6jiOjpCsbBGiQ%26client%3Dca-pub-8339469931624128%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.377.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:33 GMT
Server
MMBD/3.377.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x80, cdg-bidder-x151
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Fri, 20 Jan 2023 16:09:32 GMT
js
sync.mathtag.com/sync/ Frame 7C98 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=1&type=1&synclist=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RoaE56TTVOV1V0WVRsak15MHdOVFpsTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYxNjI5MTM3MTE5MDY4MjQ2OC82NjIyMzM1LzQ1NjIzMDYvNC9LeGYzaGh1TzBpWGE0aUg2aHlXejdONUJuYWNNWDlqY0RFMTZvamVIZS13LzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYxNjI5MTM3MTE5MDY4MjQ2OC9hbXMvMC8zNDUvNzEvOTk5LzMyMi8yYTAxOjRhMDoyYjo6LzAuMDAwLzE2NzQyMzA5NzIvMTY3NDI0MzU3Mi80L3B1Yi04MzM5NDY5OTMxNjI0MTI4Lw/CwzwKip7y2uE-IhhoJsNFPFomrM&nodeid=4012&group=cdg&auctionid=616291371190682468&pbs_auctionid=616291371190682468&shardkey=616291371190682468&sid=4562306&cid=6622335&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.181&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPq6gvLzKY425MJm5nsEPqqCNuAnPh46bXMCG2YLGAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJ4AIAqAMBqgSDAk_QhgKGmm7NI2VZw9_OCXzHxTPDz2k95QvCpN2OmP810Jdknuxg3ZTeVZ0WOEPVQdo4hSg1S2lkuV2pWofyxF8sKpLOQvKvSEFafiSktuqNPcMcqTYgDsMll5YJX6nv3RmzF5Sm-48RRMzspNXPynxmWnUKrcunUWm3kYBQK5Ut885suNnqWMZqP4v1OrG3itqaX3kt1Z5FXrS0rY-eXqrIwjDxaNKqIgADx7y_wXl7ZkDJ2z3LpYthKaaQtqGNTW9XJvZU-yji1a62n1gcle7dBhTsdx-SlVK8i8LtsCixQ8W9kE_MLaWiiRVNxzt4tjvFEcWUL_4HpzBiBTPy10INeYfgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_38vBgchlpw52Tay6jiOjpCsbBGiQ%26client%3Dca-pub-8339469931624128%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 357 2feb0b5 master cdg-pixel-x26 config:1.0.0 /
Resource Hash
ed3d464c3aa5eb66ec9e339294ed9091f79d6d4a9ae7db3da5d2f74d971d1b7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:33 GMT
Content-Encoding
gzip
Server
MT3 357 2feb0b5 master cdg-pixel-x26 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache
Connection
close
Expires
Fri, 20 Jan 2023 16:09:32 GMT
t
t.lkqd.net/ Frame 762F 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:34 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame 63D3 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5c2cb31fc2272388f426f2016ad2ce2fc1d19741c39e09a670bf83452bb8b60

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 44D8 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12c29862dd3cfe93dbe15f2ae569788037cc73b98fb8937ff4181418a96c061c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:34 GMT
server
nginx
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 77DB 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1674230973860
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:33 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop237.fr8.t,1674230973.cds244.fr8.shn,1674230973.cds244.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame 77DB 		0
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEJc8gPHeesmGNrMgZStcyoE&google_cver=1&gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:34 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230973993004-408
Expires
Fri, 20 Jan 2023 16:09:34 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 77DB 		301 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fadncaraota.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:33 GMT
Server
nginx
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1674230973853059-379
Expires
Fri, 20 Jan 2023 16:09:33 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 77DB 		67 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C56318%2C1%2C49613117680613780811952650280%2C%2C&_fw_gdpr_consent=&vav=fe6d4ef0c49ab3d559d4de0b3b71ba10&vaviv=a1fc2b0f01ea57459d9be2eb26ee1c18&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fadncaraota.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:33 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1674230973866048-407
Expires
Fri, 20 Jan 2023 16:09:33 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1A0B 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
31135256
x-guploader-uploadid
ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imOAkGgkn8MS09OuzyepjDOClyNjhPXHCIAu%2BP8wM6uxAJheneyVeRWkUomUrRHMejlNUjGL7re1u9PFLYCXeXFyBBpvvowhoPufKoB3BS2a8IPFca1v874PVMBgA9ENaHAyy%2FCciwMAaKckVcOXzQhO"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
78c913437a8269a3-FRA
expires
Wed, 25 Jan 2023 07:28:38 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame E688 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
31135256
x-guploader-uploadid
ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7Z9IHkzzlTyQrjJ00tvpVtj8wyrEbItFCD8m9fxN%2BHGXayfr4QBjVhM9hicnRicAYw8epcSDm2oSCu5txk%2FiZ7ZZrkhsMcv%2BdPUdgbBnDgxqqbEc5jTET%2FryxBEydKSg4%2FM8nXw9SlmslObJeryVroq"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
78c913438aa269a3-FRA
expires
Wed, 25 Jan 2023 07:28:38 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A638 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
31135256
x-guploader-uploadid
ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hg%2Fbg2ZtgWqTPXpwX4LmTFNOdMGSxJ3ezYTZP0DbqGrZd4DQ0JETw9vgBlaO4eekT19cCyqEWoWyLtWb9j0Sl2hmwagd4MtSIwkh6dcjRYeH1Dr34IGndGoYpEjOqpf7c%2FSEC5rL7kIXXC4TmgQM6Cvm"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
78c913438a9f69a3-FRA
expires
Wed, 25 Jan 2023 07:28:38 GMT
user-matching
ads.stickyadstv.com/ Frame 77DB 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:33 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230973915029-337
Expires
Fri, 20 Jan 2023 16:09:33 GMT
user-matching
ads.stickyadstv.com/ Frame 77DB 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Q9A3TRZWKW43DDJ4294P
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:33 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230973922045-509
Expires
Fri, 20 Jan 2023 16:09:33 GMT
frame.html
ad4m.at/ Frame B7C6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2449369
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
78c913431ff82c01-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 20 Jan 2023 16:09:33 GMT
expires
Sat, 26 Nov 2022 23:36:57 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OdXr1AbPST%2BhIgH90GwZ6%2Fk%2FaHDTa5eCIvkSRChYTk%2Bb0oJE7640Xqhclm14%2FynXSZjEyLwLhyzakAftM5YgvMwOLq%2FU3Fw7hbT3yvsDXxI%2BzeGN97eJhz6b5J%2BAHTR%2BIa24jOw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame F47D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2449369
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
78c913431ff92c01-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 20 Jan 2023 16:09:33 GMT
expires
Sat, 26 Nov 2022 23:36:57 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFdaLSJccK%2BjoqArOVpofi8kL4YHlRxjzAGk%2Bbtoj91peJK7%2BnZeYnoAFP0%2FCbBCuGKgY4DWmTOqJhcVPrnFmTbSTwj9enBClsWn07M5mV2UEwwefJaJcYjqwWXScD7fG6AP5VQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame 0E77 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2449369
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
78c913431ffc2c01-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 20 Jan 2023 16:09:33 GMT
expires
Sat, 26 Nov 2022 23:36:57 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aoonphRF0rbVxFKbhOBpjToD5eMxfJMiObpOJpmVsFg9xND%2B28qxg%2FnRip4q0O3jlBhKvRu3cjVfxBp6xm5lTB1KCh2%2BzCzTXFJ3t0W3NUNiVst6%2BJptwGKTO5AY9dCGibinPNE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rs
ad4m.at/ Frame E688 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d471f9df7a105b0ef9f3d0fe4cd1dd02db01f165cac2bd6487561fe8b567d48

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgRfq48%2BJymOMnpulwl6xOK7KpUzZHhf%2FsJnlLngmUlFl16IsRa9YeGcriP8GYhEAjfIO1%2BTqWkmZ6HGwfGGE42lVLNvbn7lb4SGlT5yccapG3ZjoUjH4OH4sVTkpdE79h9Z1Q0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
78c913440a7591f6-FRA
x-backend-server
aa-reachservice-group-europe-west1-wk5k
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 1A0B 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d3e15ebfb1a7f36a51af6a8cc98696bc234ad0b067534b2f062196a14cd96d8

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1CO4vXeRFK2H8Xbfj1mFthGG7LfbA2lK%2Fz4K12MuOk8XpvhoqP%2BpluceoA65gcema9pdtdpQxqyg2kUzzzt0pV0Q2PgSRN4I8w%2BfPQN1xefysTo74dml9NxeHH2Q7xU86xZF5A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
78c913440a7791f6-FRA
x-backend-server
aa-reachservice-group-europe-west1-gxt5
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
78c91343ba1f91f6-FRA
content-length
24
content-type
text/plain
date
Fri, 20 Jan 2023 16:09:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=soXC48buOpBkRbvTUQNQOtlvGqRH%2Bf3Ori4Sxsa51pU5Af6Jw1WCoBSr%2FV%2BicBqd3wF6b9qDmZ90%2FFuWAejuQbD0eM9fg2HtjRVKWIzigA%2FsQIx5U8zCO8KIMojFPzJjdXSswu4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-gxt5
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
78c91343ba2291f6-FRA
content-length
24
content-type
text/plain
date
Fri, 20 Jan 2023 16:09:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2N%2BQ1teW3nnb%2BICqOD3gF2K9MW9jFrlP%2B0FtbmLDncTzjRSVH2JstQkkVVYzzHvzHnmlyVkZp5EOe8RlQM50O8hkmbHoevoIzZUZyq7ws2nzmeBVhhC4yrDswWAZ8vHrduwyjF0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-gxt5
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 82E8 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop162.fr8.t,1674230973.cds342.fr8.shn,1674230973.dop162.fr8.t,1674230974.cds006.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
78c9132eaca42be9
www.iapac.to/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 84C1 		2 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.iapac.to/cdn-cgi/challenge-platform/h/g/cv/result/78c9132eaca42be9
Requested by
Host: www.iapac.to
URL: https://www.iapac.to/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1674230400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=daB2qn%2BecKznKvSMQvpgT3iO2saB4lu92G1YwZw0zPGFQKNDdqzrh%2FSpCfz7UoU1UpNblLPmZaClgzlAIlX26spRPgTa%2FBi9IrRrgo50ibT%2BUYRlu6oDaPrch%2FQaa7DffKS4cXc%2FSGodMow%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
78c913450fe89ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rar
as.ad4m.at/ad/ Frame 2E99 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=186460%2C183975%2C14044&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=728&d=90&e=&g=11fbeeb394524b8200c10eaa8f3cd61c%2F12102109115472933496&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1674230974105&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hsw3ppdfhp8vmykf4dbrh0kj4kjfrs3gzwth79ccnyx4y01aabx1g6f2n7s8vs2y32kvp6cejc37bq7vajvfqp3p52z97nbetewvge5hjt8tbc0qp2zxm2p1pqdbp331vpx5qb439kjrg45c4tfb19qeqcrrpfgky0tcewtx1cy5ys5m3f7acxezebejgte53j3sttaxx2fa4p777erth8gcw7zfj2k06ywp180y9gs0wkpyzrc9zbt79twxrsspbarmb02pwcv8chzwpp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBCV_vLzKY465MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoE_AFP0BVQ00imEV9BG-DrtJyhQ_fgudY4BBugd3UDhnouc_srXuKiVyeQanmmspQFQNJhfV8QNqRO5JvV4DnkpRKQBpyTilAhyfrwxVhkXGCv7KXVYnEfWMt211dSguL6rlAd2Lhw574z-v6PhYeiP7a41syAPUhMpN9fIsJ2AlR6gKVKfnUMpuc0noGTQ_HhlAldqa050oovxui-JsFCxZjmbTsC-zaxvNsdqDOtPHxBYIR6t5G2mLp4mrt3vZJf-n0TaTTLUcbkVN7b06zpG_9E_Ftds8-AMMymDjHRgbfE4WKwrspXIkOTLAGzh2_TuCcayeIpD0JvzU0BdC_gBAGABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1WI6wq1uCVTXZJ2ufR1pCBf4xThg%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4839beb28ec854ebd57ce5b7c721d100b8f03c53d698778c02079f65b5df39b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1jv0tc1d7h0sk421bj98s5b55vqb8jsxj31gteq1x2ckfqccnggcs9ad9h3kh5nmebdn0h7jg5w5zavp1gxq72fyjewkjwgv5jnnafxw1rwhntd4ex2mgj0ycxqz7j5gh7qvkj17tzkrds20j7b3ayz6ynwv4jjnnayyphvskgxgcf63hvf6ewx0e3y4wpv62ac4pfh8f8m36qc5t38pj0y7s5040ksjp85j7z6mp69c4gth921ywhjj0aa64evccsgvzr4brg9fgvbkcegm0xm37bykcqyqy9baww43dwsd8d285tkrz8jn77vz99fqwjy182gc7bn0b9g4k76r4jpv78rbkteg9k77vq969g3d3zyvnkd9q51264byvdbf93bprbx6d87kt4m62z51kf5ewekpse5s4gktt2grfcq6nt2y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBCV_vLzKY465MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoE_AFP0BVQ00imEV9BG-DrtJyhQ_fgudY4BBugd3UDhnouc_srXuKiVyeQanmmspQFQNJhfV8QNqRO5JvV4DnkpRKQBpyTilAhyfrwxVhkXGCv7KXVYnEfWMt211dSguL6rlAd2Lhw574z-v6PhYeiP7a41syAPUhMpN9fIsJ2AlR6gKVKfnUMpuc0noGTQ_HhlAldqa050oovxui-JsFCxZjmbTsC-zaxvNsdqDOtPHxBYIR6t5G2mLp4mrt3vZJf-n0TaTTLUcbkVN7b06zpG_9E_Ftds8-AMMymDjHRgbfE4WKwrspXIkOTLAGzh2_TuCcayeIpD0JvzU0BdC_gBAGABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1WI6wq1uCVTXZJ2ufR1pCBf4xThg%26client%3Dca-pub-8339469931624128%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
78c913453bf92c01-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 16:09:34 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 64F0 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=372e725e5d8f83622650c749bcd76ed1%2F9884314323597550369&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674230974106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdwamnbeaqav53nc5mf1xcp65e716qqpcj35w06q6qtfa2qhkk5yvxar2j9s0f958hk211dyqhxv3dk8mygfs3e2vtqnv91n4bvq60yzgh4eq4csxk6qey4zhg75z2evrq2tbqe3pysq302ng9yg74adc465wnztx06q67343gr8qsdrnv8mh8n09fqhkhs2w55r0nje5acvatkp0t4ekmes9q516tg86fkkst3x3zcd064hv9yff187qqzyk1hvcchmr7vav99wja38mt98cfd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5pDmvLzKY4y5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEgQJP0CKzjOL1xDWi-2XSRsyi_qG8I-TCZiwbJxlIHM7m-CrMS5NuISwOgZ4nfOEdJZEtQCK9_z4V-wIdIlyNJFgxSlv5Q9nAwbUx4SRCtBMC_fIW0DmgPeVzSr5tqkjASzm6STjucheKy8F6sNYT64klWVunCQkqXWVAxw0-OlYev5zsHXz4GWywHEpfix4zUEkDu08mV9KPIgshYpS-lZGxF3cr9qyLaf7ZkI7Jkfi7npGXcdlXQX7D9EuBXt4ddb7CpIKJ6R4WPucG0hTH0OrgwSSx1SomwVvj930Q-AIfLprOO9F7ZwoPit6v6KZuYLB5bIL4Fc90mDoKNNrj2wWgMOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3DZq9wNZ8IyDqSVMyRZmEa9_tRoQ%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39997388d4cdd9cb0b622da3900c4f1f43fe7033301b3b69fdf4ae5fd6a2676b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1g0mj50s9vfr6dk1dky1nv61bjmywwgb6gd2ypwjqn462x5apwr96yc1c0t7bs7bk2cst81zs1afgj5mncf397n83zymfn1svhebyrxr79br5rc53b38b70wkayfrn41yx78zmh1qhmecwtxw3armc01f53tmr2fb59qgfzparv979ccvkq1wx6vxm6q9y8hj1kgt04bx0tem56d8w81wazt7arb1ggzhkgt3fekd8m0aasn81k6gatgtjm7ccdnahgt5wpjcs5k6g5ta2yr8bdr1xpf0e0nbempkgz6rnsx1t9demh70e4734xy2sxy2q4nzj3a34bw0rmv6mkx50advbkhp9e2vxzw341fbtybc1de7c22eatc4m6k1ksgpnksb5d456c24gh1gv3mf9wy4v7tq9q6gbp1x3dqvbb03wyed654wdnsbaa7c02nqcqms6kk&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5pDmvLzKY4y5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEgQJP0CKzjOL1xDWi-2XSRsyi_qG8I-TCZiwbJxlIHM7m-CrMS5NuISwOgZ4nfOEdJZEtQCK9_z4V-wIdIlyNJFgxSlv5Q9nAwbUx4SRCtBMC_fIW0DmgPeVzSr5tqkjASzm6STjucheKy8F6sNYT64klWVunCQkqXWVAxw0-OlYev5zsHXz4GWywHEpfix4zUEkDu08mV9KPIgshYpS-lZGxF3cr9qyLaf7ZkI7Jkfi7npGXcdlXQX7D9EuBXt4ddb7CpIKJ6R4WPucG0hTH0OrgwSSx1SomwVvj930Q-AIfLprOO9F7ZwoPit6v6KZuYLB5bIL4Fc90mDoKNNrj2wWgMOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3DZq9wNZ8IyDqSVMyRZmEa9_tRoQ%26client%3Dca-pub-8339469931624128%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
78c913453bff2c01-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 16:09:34 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
t
t.lkqd.net/ Frame 762F 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:34 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:34 GMT
server
nginx
request.php
hal900028.redintelligence.net/ Frame 7C98 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/request.php?zone=s2gk7r78n0fa&nw=20&renderingType=javascript&namespace=9dcebe53b6&subid=&uid=606ab516243e8db7&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DqPbq9sp8wpsVRK5cvi3mIw%26exch_seat%3D20035004448%26mt_aid%3D616291371190682468%26mt_id%3D6622335%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D5a0163ca-bcbb-4500-a947-113b34a33c4d%26mt_cid%3D5a0163ca-bcbb-4500-a947-113b34a33c4d%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCPq6gvLzKY425MJm5nsEPqqCNuAnPh46bXMCG2YLGAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJ4AIAqAMBqgSDAk_QhgKGmm7NI2VZw9_OCXzHxTPDz2k95QvCpN2OmP810Jdknuxg3ZTeVZ0WOEPVQdo4hSg1S2lkuV2pWofyxF8sKpLOQvKvSEFafiSktuqNPcMcqTYgDsMll5YJX6nv3RmzF5Sm-48RRMzspNXPynxmWnUKrcunUWm3kYBQK5Ut885suNnqWMZqP4v1OrG3itqaX3kt1Z5FXrS0rY-eXqrIwjDxaNKqIgADx7y_wXl7ZkDJ2z3LpYthKaaQtqGNTW9XJvZU-yji1a62n1gcle7dBhTsdx-SlVK8i8LtsCixQ8W9kE_MLaWiiRVNxzt4tjvFEcWUL_4HpzBiBTPy10INeYfgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_38vBgchlpw52Tay6jiOjpCsbBGiQ%2526client%253Dca-pub-8339469931624128%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=4063434155163&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/s2gk7r78n0fa?subid=&gdpr=1&gdpr_consent=li&rnd=616291371190682468&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DqPbq9sp8wpsVRK5cvi3mIw%26exch_seat%3D20035004448%26mt_aid%3D616291371190682468%26mt_id%3D6622335%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D5a0163ca-bcbb-4500-a947-113b34a33c4d%26mt_cid%3D5a0163ca-bcbb-4500-a947-113b34a33c4d%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCPq6gvLzKY425MJm5nsEPqqCNuAnPh46bXMCG2YLGAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJ4AIAqAMBqgSDAk_QhgKGmm7NI2VZw9_OCXzHxTPDz2k95QvCpN2OmP810Jdknuxg3ZTeVZ0WOEPVQdo4hSg1S2lkuV2pWofyxF8sKpLOQvKvSEFafiSktuqNPcMcqTYgDsMll5YJX6nv3RmzF5Sm-48RRMzspNXPynxmWnUKrcunUWm3kYBQK5Ut885suNnqWMZqP4v1OrG3itqaX3kt1Z5FXrS0rY-eXqrIwjDxaNKqIgADx7y_wXl7ZkDJ2z3LpYthKaaQtqGNTW9XJvZU-yji1a62n1gcle7dBhTsdx-SlVK8i8LtsCixQ8W9kE_MLaWiiRVNxzt4tjvFEcWUL_4HpzBiBTPy10INeYfgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_38vBgchlpw52Tay6jiOjpCsbBGiQ%2526client%253Dca-pub-8339469931624128%2526adurl%253D%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
744d480621094fe11672faf0637af9f5c8bfffac08854bb1ea4de09a9b181b9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:34 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
83752400174015600951403012210028
Connection
close
Content-Length
1162
Expires
Fri, 20 Jan 2023 16:09:34 +0100
default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame 2E99 		90 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C183975%2C14044&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=728&d=90&e=&g=11fbeeb394524b8200c10eaa8f3cd61c%2F12102109115472933496&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1674230974105&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hsw3ppdfhp8vmykf4dbrh0kj4kjfrs3gzwth79ccnyx4y01aabx1g6f2n7s8vs2y32kvp6cejc37bq7vajvfqp3p52z97nbetewvge5hjt8tbc0qp2zxm2p1pqdbp331vpx5qb439kjrg45c4tfb19qeqcrrpfgky0tcewtx1cy5ys5m3f7acxezebejgte53j3sttaxx2fa4p777erth8gcw7zfj2k06ywp180y9gs0wkpyzrc9zbt79twxrsspbarmb02pwcv8chzwpp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBCV_vLzKY465MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoE_AFP0BVQ00imEV9BG-DrtJyhQ_fgudY4BBugd3UDhnouc_srXuKiVyeQanmmspQFQNJhfV8QNqRO5JvV4DnkpRKQBpyTilAhyfrwxVhkXGCv7KXVYnEfWMt211dSguL6rlAd2Lhw574z-v6PhYeiP7a41syAPUhMpN9fIsJ2AlR6gKVKfnUMpuc0noGTQ_HhlAldqa050oovxui-JsFCxZjmbTsC-zaxvNsdqDOtPHxBYIR6t5G2mLp4mrt3vZJf-n0TaTTLUcbkVN7b06zpG_9E_Ftds8-AMMymDjHRgbfE4WKwrspXIkOTLAGzh2_TuCcayeIpD0JvzU0BdC_gBAGABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1WI6wq1uCVTXZJ2ufR1pCBf4xThg%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=186460%2C183975%2C14044&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=728&d=90&e=&g=11fbeeb394524b8200c10eaa8f3cd61c%2F12102109115472933496&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1674230974105&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hsw3ppdfhp8vmykf4dbrh0kj4kjfrs3gzwth79ccnyx4y01aabx1g6f2n7s8vs2y32kvp6cejc37bq7vajvfqp3p52z97nbetewvge5hjt8tbc0qp2zxm2p1pqdbp331vpx5qb439kjrg45c4tfb19qeqcrrpfgky0tcewtx1cy5ys5m3f7acxezebejgte53j3sttaxx2fa4p777erth8gcw7zfj2k06ywp180y9gs0wkpyzrc9zbt79twxrsspbarmb02pwcv8chzwpp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBCV_vLzKY465MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoE_AFP0BVQ00imEV9BG-DrtJyhQ_fgudY4BBugd3UDhnouc_srXuKiVyeQanmmspQFQNJhfV8QNqRO5JvV4DnkpRKQBpyTilAhyfrwxVhkXGCv7KXVYnEfWMt211dSguL6rlAd2Lhw574z-v6PhYeiP7a41syAPUhMpN9fIsJ2AlR6gKVKfnUMpuc0noGTQ_HhlAldqa050oovxui-JsFCxZjmbTsC-zaxvNsdqDOtPHxBYIR6t5G2mLp4mrt3vZJf-n0TaTTLUcbkVN7b06zpG_9E_Ftds8-AMMymDjHRgbfE4WKwrspXIkOTLAGzh2_TuCcayeIpD0JvzU0BdC_gBAGABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1WI6wq1uCVTXZJ2ufR1pCBf4xThg%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1674054542
age
176127
cf-polished
origSize=92334
x-guploader-uploadid
ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 18 Jan 2023 15:09:31 GMT
server
cloudflare
etag
W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary
Accept-Encoding
x-goog-generation
1674054571046429
content-type
text/css
x-goog-hash
crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZmixiakOK%2FNExovaiYG9Vqa4FFp7d2u8x416jHrA6XMnxyyidkGN62qSZO6tTrAPSVFgOQWjPLCpgfyXOYMeQgxyjtr3u1vRkRrfvUo5C%2FDJIcE1fs3t%2FRm8A%2Fqz0ZdRZ2x5e60GouY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
92334
cf-ray
78c91345cd0a2c01-FRA
expires
Fri, 20 Jan 2023 17:09:34 GMT
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 2E99 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C183975%2C14044&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=728&d=90&e=&g=11fbeeb394524b8200c10eaa8f3cd61c%2F12102109115472933496&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1674230974105&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hsw3ppdfhp8vmykf4dbrh0kj4kjfrs3gzwth79ccnyx4y01aabx1g6f2n7s8vs2y32kvp6cejc37bq7vajvfqp3p52z97nbetewvge5hjt8tbc0qp2zxm2p1pqdbp331vpx5qb439kjrg45c4tfb19qeqcrrpfgky0tcewtx1cy5ys5m3f7acxezebejgte53j3sttaxx2fa4p777erth8gcw7zfj2k06ywp180y9gs0wkpyzrc9zbt79twxrsspbarmb02pwcv8chzwpp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBCV_vLzKY465MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoE_AFP0BVQ00imEV9BG-DrtJyhQ_fgudY4BBugd3UDhnouc_srXuKiVyeQanmmspQFQNJhfV8QNqRO5JvV4DnkpRKQBpyTilAhyfrwxVhkXGCv7KXVYnEfWMt211dSguL6rlAd2Lhw574z-v6PhYeiP7a41syAPUhMpN9fIsJ2AlR6gKVKfnUMpuc0noGTQ_HhlAldqa050oovxui-JsFCxZjmbTsC-zaxvNsdqDOtPHxBYIR6t5G2mLp4mrt3vZJf-n0TaTTLUcbkVN7b06zpG_9E_Ftds8-AMMymDjHRgbfE4WKwrspXIkOTLAGzh2_TuCcayeIpD0JvzU0BdC_gBAGABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1WI6wq1uCVTXZJ2ufR1pCBf4xThg%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
53258
cf-polished
qual=85, origFmt=jpeg, origSize=16723
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8354
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m12mJef%2BxwtofwtLBZDLVG0c%2BLiwkKp4QkDy21ZAencFNdCTv1%2BpVdcL60ImP8Pz%2F2f0MabxJ9WDXtocmqGO2Il%2B5hk%2F5PYlanjyQqEQ1O1Swg%2B%2FXHOhDK9vDB0xmyB4MMTo2DMw%2B9Noiaog"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78c91345e9339a0b-FRA
expires
Sat, 21 Jan 2023 16:09:34 GMT
AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
assets.ad4m.at/product_image/ Frame 2E99 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C183975%2C14044&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=728&d=90&e=&g=11fbeeb394524b8200c10eaa8f3cd61c%2F12102109115472933496&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1674230974105&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hsw3ppdfhp8vmykf4dbrh0kj4kjfrs3gzwth79ccnyx4y01aabx1g6f2n7s8vs2y32kvp6cejc37bq7vajvfqp3p52z97nbetewvge5hjt8tbc0qp2zxm2p1pqdbp331vpx5qb439kjrg45c4tfb19qeqcrrpfgky0tcewtx1cy5ys5m3f7acxezebejgte53j3sttaxx2fa4p777erth8gcw7zfj2k06ywp180y9gs0wkpyzrc9zbt79twxrsspbarmb02pwcv8chzwpp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBCV_vLzKY465MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoE_AFP0BVQ00imEV9BG-DrtJyhQ_fgudY4BBugd3UDhnouc_srXuKiVyeQanmmspQFQNJhfV8QNqRO5JvV4DnkpRKQBpyTilAhyfrwxVhkXGCv7KXVYnEfWMt211dSguL6rlAd2Lhw574z-v6PhYeiP7a41syAPUhMpN9fIsJ2AlR6gKVKfnUMpuc0noGTQ_HhlAldqa050oovxui-JsFCxZjmbTsC-zaxvNsdqDOtPHxBYIR6t5G2mLp4mrt3vZJf-n0TaTTLUcbkVN7b06zpG_9E_Ftds8-AMMymDjHRgbfE4WKwrspXIkOTLAGzh2_TuCcayeIpD0JvzU0BdC_gBAGABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1WI6wq1uCVTXZJ2ufR1pCBf4xThg%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fec456c222cb1709f0bf269d9442402ff8e9a5b45ee186a6a06f0566f35f2b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1175892
cf-polished
origFmt=png, origSize=155400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
95512
cf-bgj
imgq:85,h2pri
last-modified
Thu, 24 Mar 2022 15:45:36 GMT
server
cloudflare
etag
"6fddd7204b0a0a403f584248bda12d72"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftH5A1OHB5ljYI2AnUwvK2IvwyvbGR%2FY77TLvlB5m%2F2pYDE0TPwXRuCSlqqD3EBmcvHY5xOg4Hc%2BfKywDgeL5mK5tF3HvLXsQYTS6LpfexfLywqOV3ORmnAHeFd3PCpi5ZpQ78fgNpvM5%2FYz"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78c913461d982c01-FRA
expires
Sat, 21 Jan 2023 16:09:34 GMT
/
banner.congstar.de/cookie/ Frame 2E99
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CL_shLTE1vwCFQ484AodYJsMQA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1674230974_d4a23260-98dc-11ed-911d-22634f140525
0
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1674230974_d4a23260-98dc-11ed-911d-22634f140525
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C183975%2C14044&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=728&d=90&e=&g=11fbeeb394524b8200c10eaa8f3cd61c%2F12102109115472933496&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1674230974105&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hsw3ppdfhp8vmykf4dbrh0kj4kjfrs3gzwth79ccnyx4y01aabx1g6f2n7s8vs2y32kvp6cejc37bq7vajvfqp3p52z97nbetewvge5hjt8tbc0qp2zxm2p1pqdbp331vpx5qb439kjrg45c4tfb19qeqcrrpfgky0tcewtx1cy5ys5m3f7acxezebejgte53j3sttaxx2fa4p777erth8gcw7zfj2k06ywp180y9gs0wkpyzrc9zbt79twxrsspbarmb02pwcv8chzwpp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBCV_vLzKY465MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoE_AFP0BVQ00imEV9BG-DrtJyhQ_fgudY4BBugd3UDhnouc_srXuKiVyeQanmmspQFQNJhfV8QNqRO5JvV4DnkpRKQBpyTilAhyfrwxVhkXGCv7KXVYnEfWMt211dSguL6rlAd2Lhw574z-v6PhYeiP7a41syAPUhMpN9fIsJ2AlR6gKVKfnUMpuc0noGTQ_HhlAldqa050oovxui-JsFCxZjmbTsC-zaxvNsdqDOtPHxBYIR6t5G2mLp4mrt3vZJf-n0TaTTLUcbkVN7b06zpG_9E_Ftds8-AMMymDjHRgbfE4WKwrspXIkOTLAGzh2_TuCcayeIpD0JvzU0BdC_gBAGABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1WI6wq1uCVTXZJ2ufR1pCBf4xThg%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS
km36617.keymachine.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:34 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Fri, 20 Jan 2023 16:09:34 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1674230974_d4a23260-98dc-11ed-911d-22634f140525
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 2E99 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C183975%2C14044&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=728&d=90&e=&g=11fbeeb394524b8200c10eaa8f3cd61c%2F12102109115472933496&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1674230974105&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hsw3ppdfhp8vmykf4dbrh0kj4kjfrs3gzwth79ccnyx4y01aabx1g6f2n7s8vs2y32kvp6cejc37bq7vajvfqp3p52z97nbetewvge5hjt8tbc0qp2zxm2p1pqdbp331vpx5qb439kjrg45c4tfb19qeqcrrpfgky0tcewtx1cy5ys5m3f7acxezebejgte53j3sttaxx2fa4p777erth8gcw7zfj2k06ywp180y9gs0wkpyzrc9zbt79twxrsspbarmb02pwcv8chzwpp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBCV_vLzKY465MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoE_AFP0BVQ00imEV9BG-DrtJyhQ_fgudY4BBugd3UDhnouc_srXuKiVyeQanmmspQFQNJhfV8QNqRO5JvV4DnkpRKQBpyTilAhyfrwxVhkXGCv7KXVYnEfWMt211dSguL6rlAd2Lhw574z-v6PhYeiP7a41syAPUhMpN9fIsJ2AlR6gKVKfnUMpuc0noGTQ_HhlAldqa050oovxui-JsFCxZjmbTsC-zaxvNsdqDOtPHxBYIR6t5G2mLp4mrt3vZJf-n0TaTTLUcbkVN7b06zpG_9E_Ftds8-AMMymDjHRgbfE4WKwrspXIkOTLAGzh2_TuCcayeIpD0JvzU0BdC_gBAGABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1WI6wq1uCVTXZJ2ufR1pCBf4xThg%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
75804
cf-polished
origFmt=png, origSize=233620
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
130162
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:10:51 GMT
server
cloudflare
etag
"d1d171dd651522f41a2fc0dba256a546"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1P67LU%2FK0vUWE0ySIgfT591PJoJiUH9VqZE6Qfzgsa6BONtfPkI2raCp6%2B4O5fLA9u%2FFHWKlXFA9FS%2BGoVKguwy8oNLcostk6Lp05niiditu2IW%2Fj0PU3JsdHZCxcqBE5wew%2Fsvlq9eWKk6"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78c913461d9a2c01-FRA
expires
Sat, 21 Jan 2023 16:09:34 GMT
1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 2E99 		461 KB
462 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C183975%2C14044&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=728&d=90&e=&g=11fbeeb394524b8200c10eaa8f3cd61c%2F12102109115472933496&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1674230974105&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hsw3ppdfhp8vmykf4dbrh0kj4kjfrs3gzwth79ccnyx4y01aabx1g6f2n7s8vs2y32kvp6cejc37bq7vajvfqp3p52z97nbetewvge5hjt8tbc0qp2zxm2p1pqdbp331vpx5qb439kjrg45c4tfb19qeqcrrpfgky0tcewtx1cy5ys5m3f7acxezebejgte53j3sttaxx2fa4p777erth8gcw7zfj2k06ywp180y9gs0wkpyzrc9zbt79twxrsspbarmb02pwcv8chzwpp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBCV_vLzKY465MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoE_AFP0BVQ00imEV9BG-DrtJyhQ_fgudY4BBugd3UDhnouc_srXuKiVyeQanmmspQFQNJhfV8QNqRO5JvV4DnkpRKQBpyTilAhyfrwxVhkXGCv7KXVYnEfWMt211dSguL6rlAd2Lhw574z-v6PhYeiP7a41syAPUhMpN9fIsJ2AlR6gKVKfnUMpuc0noGTQ_HhlAldqa050oovxui-JsFCxZjmbTsC-zaxvNsdqDOtPHxBYIR6t5G2mLp4mrt3vZJf-n0TaTTLUcbkVN7b06zpG_9E_Ftds8-AMMymDjHRgbfE4WKwrspXIkOTLAGzh2_TuCcayeIpD0JvzU0BdC_gBAGABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1WI6wq1uCVTXZJ2ufR1pCBf4xThg%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2449336
cf-polished
origFmt=png, origSize=731561
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
471752
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:03:31 GMT
server
cloudflare
etag
"1b69278243c107df5b11186b1f6ca585"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0dn%2B8iB8x%2BAjnVPu%2Bu069craUV5rGFmyx6Lf5Zj556OV6tUHND965bsPhAkDq4XlZ3UpzgTNGupQ3KMnHJ7kgjntBNVgCyqG3jJOUbbetzKSq5FUXa3HhgwltsRSO%2FBxcPMkqr%2BWlifK5hi"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78c913461d9b2c01-FRA
expires
Sat, 21 Jan 2023 16:09:34 GMT
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 2E99 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C183975%2C14044&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=728&d=90&e=&g=11fbeeb394524b8200c10eaa8f3cd61c%2F12102109115472933496&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1674230974105&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hsw3ppdfhp8vmykf4dbrh0kj4kjfrs3gzwth79ccnyx4y01aabx1g6f2n7s8vs2y32kvp6cejc37bq7vajvfqp3p52z97nbetewvge5hjt8tbc0qp2zxm2p1pqdbp331vpx5qb439kjrg45c4tfb19qeqcrrpfgky0tcewtx1cy5ys5m3f7acxezebejgte53j3sttaxx2fa4p777erth8gcw7zfj2k06ywp180y9gs0wkpyzrc9zbt79twxrsspbarmb02pwcv8chzwpp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBCV_vLzKY465MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoE_AFP0BVQ00imEV9BG-DrtJyhQ_fgudY4BBugd3UDhnouc_srXuKiVyeQanmmspQFQNJhfV8QNqRO5JvV4DnkpRKQBpyTilAhyfrwxVhkXGCv7KXVYnEfWMt211dSguL6rlAd2Lhw574z-v6PhYeiP7a41syAPUhMpN9fIsJ2AlR6gKVKfnUMpuc0noGTQ_HhlAldqa050oovxui-JsFCxZjmbTsC-zaxvNsdqDOtPHxBYIR6t5G2mLp4mrt3vZJf-n0TaTTLUcbkVN7b06zpG_9E_Ftds8-AMMymDjHRgbfE4WKwrspXIkOTLAGzh2_TuCcayeIpD0JvzU0BdC_gBAGABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1WI6wq1uCVTXZJ2ufR1pCBf4xThg%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1427705
cf-polished
origFmt=png, origSize=35453
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18872
cf-bgj
imgq:85,h2pri
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFf1zqZTeycwZmIJNgX6mXAN7anNUTjYMLLkgP4I6M411SBfyk9iJyeyFAqiCGtesCNefqYhLCukuFlWU2BaHRHaFyy8K9i%2BbDNyM3JnjliGhbQuxJIkCltLcohUo8ntT5uymdRU%2BQ0MdSuu"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78c913461d9e2c01-FRA
expires
Sat, 21 Jan 2023 16:09:34 GMT
285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame 2E99 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C183975%2C14044&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=728&d=90&e=&g=11fbeeb394524b8200c10eaa8f3cd61c%2F12102109115472933496&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1674230974105&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hsw3ppdfhp8vmykf4dbrh0kj4kjfrs3gzwth79ccnyx4y01aabx1g6f2n7s8vs2y32kvp6cejc37bq7vajvfqp3p52z97nbetewvge5hjt8tbc0qp2zxm2p1pqdbp331vpx5qb439kjrg45c4tfb19qeqcrrpfgky0tcewtx1cy5ys5m3f7acxezebejgte53j3sttaxx2fa4p777erth8gcw7zfj2k06ywp180y9gs0wkpyzrc9zbt79twxrsspbarmb02pwcv8chzwpp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBCV_vLzKY465MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoE_AFP0BVQ00imEV9BG-DrtJyhQ_fgudY4BBugd3UDhnouc_srXuKiVyeQanmmspQFQNJhfV8QNqRO5JvV4DnkpRKQBpyTilAhyfrwxVhkXGCv7KXVYnEfWMt211dSguL6rlAd2Lhw574z-v6PhYeiP7a41syAPUhMpN9fIsJ2AlR6gKVKfnUMpuc0noGTQ_HhlAldqa050oovxui-JsFCxZjmbTsC-zaxvNsdqDOtPHxBYIR6t5G2mLp4mrt3vZJf-n0TaTTLUcbkVN7b06zpG_9E_Ftds8-AMMymDjHRgbfE4WKwrspXIkOTLAGzh2_TuCcayeIpD0JvzU0BdC_gBAGABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1WI6wq1uCVTXZJ2ufR1pCBf4xThg%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1427705
cf-polished
qual=85, origFmt=jpeg, origSize=83479
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9260
cf-bgj
imgq:85,h2pri
last-modified
Mon, 29 Nov 2021 15:03:15 GMT
server
cloudflare
etag
"70d78c6b26d24e038cbf23832e1bb538"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67XxZypiu2Uqpd1cMHNZLfxRiCbNKiG83xqZ3Y4raPYrGlktx7pZXY8uMKZkrrhgy9%2BW5wTbkMV1ypH9KehcwJIa%2FUJcgV%2FpY3AWIop3Pw2zmAyJcT2qMOL1cbNYajzEXWC3fkksSuEOaTef"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78c913461da02c01-FRA
expires
Sat, 21 Jan 2023 16:09:34 GMT
cshow.php
www.awin1.com/ Frame 2E99 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1oneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C183975%2C14044&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=728&d=90&e=&g=11fbeeb394524b8200c10eaa8f3cd61c%2F12102109115472933496&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1674230974105&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hsw3ppdfhp8vmykf4dbrh0kj4kjfrs3gzwth79ccnyx4y01aabx1g6f2n7s8vs2y32kvp6cejc37bq7vajvfqp3p52z97nbetewvge5hjt8tbc0qp2zxm2p1pqdbp331vpx5qb439kjrg45c4tfb19qeqcrrpfgky0tcewtx1cy5ys5m3f7acxezebejgte53j3sttaxx2fa4p777erth8gcw7zfj2k06ywp180y9gs0wkpyzrc9zbt79twxrsspbarmb02pwcv8chzwpp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBCV_vLzKY465MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoE_AFP0BVQ00imEV9BG-DrtJyhQ_fgudY4BBugd3UDhnouc_srXuKiVyeQanmmspQFQNJhfV8QNqRO5JvV4DnkpRKQBpyTilAhyfrwxVhkXGCv7KXVYnEfWMt211dSguL6rlAd2Lhw574z-v6PhYeiP7a41syAPUhMpN9fIsJ2AlR6gKVKfnUMpuc0noGTQ_HhlAldqa050oovxui-JsFCxZjmbTsC-zaxvNsdqDOtPHxBYIR6t5G2mLp4mrt3vZJf-n0TaTTLUcbkVN7b06zpG_9E_Ftds8-AMMymDjHRgbfE4WKwrspXIkOTLAGzh2_TuCcayeIpD0JvzU0BdC_gBAGABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1WI6wq1uCVTXZJ2ufR1pCBf4xThg%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.75.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-75-47.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:34 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame 64F0 		90 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=372e725e5d8f83622650c749bcd76ed1%2F9884314323597550369&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674230974106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdwamnbeaqav53nc5mf1xcp65e716qqpcj35w06q6qtfa2qhkk5yvxar2j9s0f958hk211dyqhxv3dk8mygfs3e2vtqnv91n4bvq60yzgh4eq4csxk6qey4zhg75z2evrq2tbqe3pysq302ng9yg74adc465wnztx06q67343gr8qsdrnv8mh8n09fqhkhs2w55r0nje5acvatkp0t4ekmes9q516tg86fkkst3x3zcd064hv9yff187qqzyk1hvcchmr7vav99wja38mt98cfd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5pDmvLzKY4y5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEgQJP0CKzjOL1xDWi-2XSRsyi_qG8I-TCZiwbJxlIHM7m-CrMS5NuISwOgZ4nfOEdJZEtQCK9_z4V-wIdIlyNJFgxSlv5Q9nAwbUx4SRCtBMC_fIW0DmgPeVzSr5tqkjASzm6STjucheKy8F6sNYT64klWVunCQkqXWVAxw0-OlYev5zsHXz4GWywHEpfix4zUEkDu08mV9KPIgshYpS-lZGxF3cr9qyLaf7ZkI7Jkfi7npGXcdlXQX7D9EuBXt4ddb7CpIKJ6R4WPucG0hTH0OrgwSSx1SomwVvj930Q-AIfLprOO9F7ZwoPit6v6KZuYLB5bIL4Fc90mDoKNNrj2wWgMOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3DZq9wNZ8IyDqSVMyRZmEa9_tRoQ%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=372e725e5d8f83622650c749bcd76ed1%2F9884314323597550369&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674230974106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdwamnbeaqav53nc5mf1xcp65e716qqpcj35w06q6qtfa2qhkk5yvxar2j9s0f958hk211dyqhxv3dk8mygfs3e2vtqnv91n4bvq60yzgh4eq4csxk6qey4zhg75z2evrq2tbqe3pysq302ng9yg74adc465wnztx06q67343gr8qsdrnv8mh8n09fqhkhs2w55r0nje5acvatkp0t4ekmes9q516tg86fkkst3x3zcd064hv9yff187qqzyk1hvcchmr7vav99wja38mt98cfd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5pDmvLzKY4y5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEgQJP0CKzjOL1xDWi-2XSRsyi_qG8I-TCZiwbJxlIHM7m-CrMS5NuISwOgZ4nfOEdJZEtQCK9_z4V-wIdIlyNJFgxSlv5Q9nAwbUx4SRCtBMC_fIW0DmgPeVzSr5tqkjASzm6STjucheKy8F6sNYT64klWVunCQkqXWVAxw0-OlYev5zsHXz4GWywHEpfix4zUEkDu08mV9KPIgshYpS-lZGxF3cr9qyLaf7ZkI7Jkfi7npGXcdlXQX7D9EuBXt4ddb7CpIKJ6R4WPucG0hTH0OrgwSSx1SomwVvj930Q-AIfLprOO9F7ZwoPit6v6KZuYLB5bIL4Fc90mDoKNNrj2wWgMOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3DZq9wNZ8IyDqSVMyRZmEa9_tRoQ%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1674054542
age
176127
cf-polished
origSize=92334
x-guploader-uploadid
ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 18 Jan 2023 15:09:31 GMT
server
cloudflare
etag
W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary
Accept-Encoding
x-goog-generation
1674054571046429
content-type
text/css
x-goog-hash
crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmWZRux83MEzaIgdTfUl5cAWW%2F74XoKiDWq7r4VZNEzSVqYBVEi0MHCoB19KSDWi3aGqopbjK4x%2BfqBQNUeJnOWa5HtusceSSTu8522yz%2F97ukpdK%2FVXAOl66b5rXH6bfTGA%2BDCtBgI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
92334
cf-ray
78c91345dd1f2c01-FRA
expires
Fri, 20 Jan 2023 17:09:34 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 64F0 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=372e725e5d8f83622650c749bcd76ed1%2F9884314323597550369&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674230974106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdwamnbeaqav53nc5mf1xcp65e716qqpcj35w06q6qtfa2qhkk5yvxar2j9s0f958hk211dyqhxv3dk8mygfs3e2vtqnv91n4bvq60yzgh4eq4csxk6qey4zhg75z2evrq2tbqe3pysq302ng9yg74adc465wnztx06q67343gr8qsdrnv8mh8n09fqhkhs2w55r0nje5acvatkp0t4ekmes9q516tg86fkkst3x3zcd064hv9yff187qqzyk1hvcchmr7vav99wja38mt98cfd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5pDmvLzKY4y5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEgQJP0CKzjOL1xDWi-2XSRsyi_qG8I-TCZiwbJxlIHM7m-CrMS5NuISwOgZ4nfOEdJZEtQCK9_z4V-wIdIlyNJFgxSlv5Q9nAwbUx4SRCtBMC_fIW0DmgPeVzSr5tqkjASzm6STjucheKy8F6sNYT64klWVunCQkqXWVAxw0-OlYev5zsHXz4GWywHEpfix4zUEkDu08mV9KPIgshYpS-lZGxF3cr9qyLaf7ZkI7Jkfi7npGXcdlXQX7D9EuBXt4ddb7CpIKJ6R4WPucG0hTH0OrgwSSx1SomwVvj930Q-AIfLprOO9F7ZwoPit6v6KZuYLB5bIL4Fc90mDoKNNrj2wWgMOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3DZq9wNZ8IyDqSVMyRZmEa9_tRoQ%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
528417
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5w9U4%2BDCgVmuoilUVWQ3Owc3XXXEl2VZm%2FITUoH3A2KGT0c6DU0z06Kzfp8ZZy4ocRmiUXkuxHIggEt4T5sNc3RfTJVb4rsRxzZoJ%2FTWDmiz2mK5fbB63JtEKh2fkGu6DY6lkPpUxWv5gcQx"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78c91345e92f9a0b-FRA
expires
Sat, 21 Jan 2023 16:09:34 GMT
F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 64F0 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=372e725e5d8f83622650c749bcd76ed1%2F9884314323597550369&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674230974106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdwamnbeaqav53nc5mf1xcp65e716qqpcj35w06q6qtfa2qhkk5yvxar2j9s0f958hk211dyqhxv3dk8mygfs3e2vtqnv91n4bvq60yzgh4eq4csxk6qey4zhg75z2evrq2tbqe3pysq302ng9yg74adc465wnztx06q67343gr8qsdrnv8mh8n09fqhkhs2w55r0nje5acvatkp0t4ekmes9q516tg86fkkst3x3zcd064hv9yff187qqzyk1hvcchmr7vav99wja38mt98cfd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5pDmvLzKY4y5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEgQJP0CKzjOL1xDWi-2XSRsyi_qG8I-TCZiwbJxlIHM7m-CrMS5NuISwOgZ4nfOEdJZEtQCK9_z4V-wIdIlyNJFgxSlv5Q9nAwbUx4SRCtBMC_fIW0DmgPeVzSr5tqkjASzm6STjucheKy8F6sNYT64klWVunCQkqXWVAxw0-OlYev5zsHXz4GWywHEpfix4zUEkDu08mV9KPIgshYpS-lZGxF3cr9qyLaf7ZkI7Jkfi7npGXcdlXQX7D9EuBXt4ddb7CpIKJ6R4WPucG0hTH0OrgwSSx1SomwVvj930Q-AIfLprOO9F7ZwoPit6v6KZuYLB5bIL4Fc90mDoKNNrj2wWgMOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3DZq9wNZ8IyDqSVMyRZmEa9_tRoQ%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
688398
cf-polished
qual=85, origFmt=jpeg, origSize=132437
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23154
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Dec 2021 17:51:23 GMT
server
cloudflare
etag
"c348b177953ac5720836c04e1a21673d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WXpoj4SelX%2FTBuygbvkWpYeaGmXOp4tkG3hCPX%2B7LOqj%2FT7u20bxoz9SHwuEluupapk7WhD4qtD%2B4qjkcB0mExxXYB0EOC62Q2RbZlN2RgwtwZGSLwR1pzxOyapWCbEBdwcZFXc9RG3ADHJB"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78c913461da42c01-FRA
expires
Sat, 21 Jan 2023 16:09:34 GMT
/
partner.o2online.de/a/ Frame 64F0
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CN7uhLTE1vwCFa-c_QcdCPMMNw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023012017093480681767013X117703V1226132702MSviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suit...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023012017093480681767013X117703V1226132702MSviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023012017093480681767013X117703V1226132702MSviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117703&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=372e725e5d8f83622650c749bcd76ed1%2F9884314323597550369&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674230974106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdwamnbeaqav53nc5mf1xcp65e716qqpcj35w06q6qtfa2qhkk5yvxar2j9s0f958hk211dyqhxv3dk8mygfs3e2vtqnv91n4bvq60yzgh4eq4csxk6qey4zhg75z2evrq2tbqe3pysq302ng9yg74adc465wnztx06q67343gr8qsdrnv8mh8n09fqhkhs2w55r0nje5acvatkp0t4ekmes9q516tg86fkkst3x3zcd064hv9yff187qqzyk1hvcchmr7vav99wja38mt98cfd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5pDmvLzKY4y5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEgQJP0CKzjOL1xDWi-2XSRsyi_qG8I-TCZiwbJxlIHM7m-CrMS5NuISwOgZ4nfOEdJZEtQCK9_z4V-wIdIlyNJFgxSlv5Q9nAwbUx4SRCtBMC_fIW0DmgPeVzSr5tqkjASzm6STjucheKy8F6sNYT64klWVunCQkqXWVAxw0-OlYev5zsHXz4GWywHEpfix4zUEkDu08mV9KPIgshYpS-lZGxF3cr9qyLaf7ZkI7Jkfi7npGXcdlXQX7D9EuBXt4ddb7CpIKJ6R4WPucG0hTH0OrgwSSx1SomwVvj930Q-AIfLprOO9F7ZwoPit6v6KZuYLB5bIL4Fc90mDoKNNrj2wWgMOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3DZq9wNZ8IyDqSVMyRZmEa9_tRoQ%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
88.99.63.132 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads3.sunbonet.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:34 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023012017093480681767013X117703V1226132702MSviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023012017093480681767013X117703V1226132702MSviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117703&partnerid=12218
date
Fri, 20 Jan 2023 16:09:34 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 64F0 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=372e725e5d8f83622650c749bcd76ed1%2F9884314323597550369&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674230974106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdwamnbeaqav53nc5mf1xcp65e716qqpcj35w06q6qtfa2qhkk5yvxar2j9s0f958hk211dyqhxv3dk8mygfs3e2vtqnv91n4bvq60yzgh4eq4csxk6qey4zhg75z2evrq2tbqe3pysq302ng9yg74adc465wnztx06q67343gr8qsdrnv8mh8n09fqhkhs2w55r0nje5acvatkp0t4ekmes9q516tg86fkkst3x3zcd064hv9yff187qqzyk1hvcchmr7vav99wja38mt98cfd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5pDmvLzKY4y5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEgQJP0CKzjOL1xDWi-2XSRsyi_qG8I-TCZiwbJxlIHM7m-CrMS5NuISwOgZ4nfOEdJZEtQCK9_z4V-wIdIlyNJFgxSlv5Q9nAwbUx4SRCtBMC_fIW0DmgPeVzSr5tqkjASzm6STjucheKy8F6sNYT64klWVunCQkqXWVAxw0-OlYev5zsHXz4GWywHEpfix4zUEkDu08mV9KPIgshYpS-lZGxF3cr9qyLaf7ZkI7Jkfi7npGXcdlXQX7D9EuBXt4ddb7CpIKJ6R4WPucG0hTH0OrgwSSx1SomwVvj930Q-AIfLprOO9F7ZwoPit6v6KZuYLB5bIL4Fc90mDoKNNrj2wWgMOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3DZq9wNZ8IyDqSVMyRZmEa9_tRoQ%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61508
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44710
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:45:52 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ozxy%2Bv7wHemsDzQo%2FBmkNW2sDhFl8pJySOSy70jHiqnQ6ahrpztEGDdSFoRXus9LMl6KqHOOESeRTxLLTPKj8d2sbZDxkrAIzVIQJuD3CHhHD4OUMYDQ%2FrZqkGNTwu8xjEDfffziTdK%2FNMKQ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78c913461da52c01-FRA
expires
Sat, 21 Jan 2023 16:09:34 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 64F0 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=372e725e5d8f83622650c749bcd76ed1%2F9884314323597550369&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674230974106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdwamnbeaqav53nc5mf1xcp65e716qqpcj35w06q6qtfa2qhkk5yvxar2j9s0f958hk211dyqhxv3dk8mygfs3e2vtqnv91n4bvq60yzgh4eq4csxk6qey4zhg75z2evrq2tbqe3pysq302ng9yg74adc465wnztx06q67343gr8qsdrnv8mh8n09fqhkhs2w55r0nje5acvatkp0t4ekmes9q516tg86fkkst3x3zcd064hv9yff187qqzyk1hvcchmr7vav99wja38mt98cfd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5pDmvLzKY4y5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEgQJP0CKzjOL1xDWi-2XSRsyi_qG8I-TCZiwbJxlIHM7m-CrMS5NuISwOgZ4nfOEdJZEtQCK9_z4V-wIdIlyNJFgxSlv5Q9nAwbUx4SRCtBMC_fIW0DmgPeVzSr5tqkjASzm6STjucheKy8F6sNYT64klWVunCQkqXWVAxw0-OlYev5zsHXz4GWywHEpfix4zUEkDu08mV9KPIgshYpS-lZGxF3cr9qyLaf7ZkI7Jkfi7npGXcdlXQX7D9EuBXt4ddb7CpIKJ6R4WPucG0hTH0OrgwSSx1SomwVvj930Q-AIfLprOO9F7ZwoPit6v6KZuYLB5bIL4Fc90mDoKNNrj2wWgMOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3DZq9wNZ8IyDqSVMyRZmEa9_tRoQ%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1463602
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226916
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUAHv8uXEh1OapKfyuWoha%2Fb%2FSmLigW4xCWxfr6IRh%2FpGTQYArs30ZeanlYc570UnM9BjC%2FMxFoi%2Fpq%2BlONGnkVx%2ByQy1g0wkRvfEM71EWJP8QyG%2Bi4j4TF402Qefri7f4yD6WPmKTV2SkvT"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78c913461da72c01-FRA
expires
Sat, 21 Jan 2023 16:09:34 GMT
ztpv.php
www.conrad.de/ Frame 64F0
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1674230974_d4903100-98dc-11ed-911d-22634f140525&insert=AW&&gdpr=0&gdpr_consent=
0
672 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1674230974_d4903100-98dc-11ed-911d-22634f140525&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=372e725e5d8f83622650c749bcd76ed1%2F9884314323597550369&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674230974106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdwamnbeaqav53nc5mf1xcp65e716qqpcj35w06q6qtfa2qhkk5yvxar2j9s0f958hk211dyqhxv3dk8mygfs3e2vtqnv91n4bvq60yzgh4eq4csxk6qey4zhg75z2evrq2tbqe3pysq302ng9yg74adc465wnztx06q67343gr8qsdrnv8mh8n09fqhkhs2w55r0nje5acvatkp0t4ekmes9q516tg86fkkst3x3zcd064hv9yff187qqzyk1hvcchmr7vav99wja38mt98cfd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5pDmvLzKY4y5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEgQJP0CKzjOL1xDWi-2XSRsyi_qG8I-TCZiwbJxlIHM7m-CrMS5NuISwOgZ4nfOEdJZEtQCK9_z4V-wIdIlyNJFgxSlv5Q9nAwbUx4SRCtBMC_fIW0DmgPeVzSr5tqkjASzm6STjucheKy8F6sNYT64klWVunCQkqXWVAxw0-OlYev5zsHXz4GWywHEpfix4zUEkDu08mV9KPIgshYpS-lZGxF3cr9qyLaf7ZkI7Jkfi7npGXcdlXQX7D9EuBXt4ddb7CpIKJ6R4WPucG0hTH0OrgwSSx1SomwVvj930Q-AIfLprOO9F7ZwoPit6v6KZuYLB5bIL4Fc90mDoKNNrj2wWgMOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3DZq9wNZ8IyDqSVMyRZmEa9_tRoQ%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
via
1.1 additional-webserver-green-g4xh (Varnish/7.2)
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=15552000
age
0
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish
43743332
content-type
text/html; charset=UTF-8
cache-control
no-cache
server-timing
intid;desc=e86c9c940d2fb41e
cf-ray
78c91347292c904f-FRA
expires
-1

Redirect headers

Date
Fri, 20 Jan 2023 16:09:34 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1674230974_d4903100-98dc-11ed-911d-22634f140525&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 64F0 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=372e725e5d8f83622650c749bcd76ed1%2F9884314323597550369&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674230974106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdwamnbeaqav53nc5mf1xcp65e716qqpcj35w06q6qtfa2qhkk5yvxar2j9s0f958hk211dyqhxv3dk8mygfs3e2vtqnv91n4bvq60yzgh4eq4csxk6qey4zhg75z2evrq2tbqe3pysq302ng9yg74adc465wnztx06q67343gr8qsdrnv8mh8n09fqhkhs2w55r0nje5acvatkp0t4ekmes9q516tg86fkkst3x3zcd064hv9yff187qqzyk1hvcchmr7vav99wja38mt98cfd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5pDmvLzKY4y5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEgQJP0CKzjOL1xDWi-2XSRsyi_qG8I-TCZiwbJxlIHM7m-CrMS5NuISwOgZ4nfOEdJZEtQCK9_z4V-wIdIlyNJFgxSlv5Q9nAwbUx4SRCtBMC_fIW0DmgPeVzSr5tqkjASzm6STjucheKy8F6sNYT64klWVunCQkqXWVAxw0-OlYev5zsHXz4GWywHEpfix4zUEkDu08mV9KPIgshYpS-lZGxF3cr9qyLaf7ZkI7Jkfi7npGXcdlXQX7D9EuBXt4ddb7CpIKJ6R4WPucG0hTH0OrgwSSx1SomwVvj930Q-AIfLprOO9F7ZwoPit6v6KZuYLB5bIL4Fc90mDoKNNrj2wWgMOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3DZq9wNZ8IyDqSVMyRZmEa9_tRoQ%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
680844
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBJcQzb72MSA9rPfs4ux1B%2FZ4h1oxVrKYQ45Gf0m40EyFoX7GbF8nNgiMYiVJeKeuD5DUYrWxTUCb%2Fq6CI9Yx2yJ7vQzWdaIVm0QxTgmGfy7wBP%2BZgBchFtQ615G%2FPIXb2%2Fxp%2FG6%2FJLqkjSR"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78c913461da92c01-FRA
expires
Sat, 21 Jan 2023 16:09:34 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 64F0 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=372e725e5d8f83622650c749bcd76ed1%2F9884314323597550369&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674230974106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdwamnbeaqav53nc5mf1xcp65e716qqpcj35w06q6qtfa2qhkk5yvxar2j9s0f958hk211dyqhxv3dk8mygfs3e2vtqnv91n4bvq60yzgh4eq4csxk6qey4zhg75z2evrq2tbqe3pysq302ng9yg74adc465wnztx06q67343gr8qsdrnv8mh8n09fqhkhs2w55r0nje5acvatkp0t4ekmes9q516tg86fkkst3x3zcd064hv9yff187qqzyk1hvcchmr7vav99wja38mt98cfd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5pDmvLzKY4y5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEgQJP0CKzjOL1xDWi-2XSRsyi_qG8I-TCZiwbJxlIHM7m-CrMS5NuISwOgZ4nfOEdJZEtQCK9_z4V-wIdIlyNJFgxSlv5Q9nAwbUx4SRCtBMC_fIW0DmgPeVzSr5tqkjASzm6STjucheKy8F6sNYT64klWVunCQkqXWVAxw0-OlYev5zsHXz4GWywHEpfix4zUEkDu08mV9KPIgshYpS-lZGxF3cr9qyLaf7ZkI7Jkfi7npGXcdlXQX7D9EuBXt4ddb7CpIKJ6R4WPucG0hTH0OrgwSSx1SomwVvj930Q-AIfLprOO9F7ZwoPit6v6KZuYLB5bIL4Fc90mDoKNNrj2wWgMOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3DZq9wNZ8IyDqSVMyRZmEa9_tRoQ%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2449165
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBW17sfx1GN4lcyGvjwOnttpdm1W0tAau%2FRa%2BjGkwrDvDvtlZWnE4T5z%2F3FscqhLX0EvoXSyk24BoH69YTPZnyvQbYXMBTzuKk3Czo%2FvCdKQC4Wf6YigbJuR2tzM1NDvhihwQQ8dWqQqofm6"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78c913461dab2c01-FRA
expires
Sat, 21 Jan 2023 16:09:34 GMT
cshow.php
www.awin1.com/ Frame 64F0 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2767075&v=20044&q=402224&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=372e725e5d8f83622650c749bcd76ed1%2F9884314323597550369&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674230974106&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdwamnbeaqav53nc5mf1xcp65e716qqpcj35w06q6qtfa2qhkk5yvxar2j9s0f958hk211dyqhxv3dk8mygfs3e2vtqnv91n4bvq60yzgh4eq4csxk6qey4zhg75z2evrq2tbqe3pysq302ng9yg74adc465wnztx06q67343gr8qsdrnv8mh8n09fqhkhs2w55r0nje5acvatkp0t4ekmes9q516tg86fkkst3x3zcd064hv9yff187qqzyk1hvcchmr7vav99wja38mt98cfd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5pDmvLzKY4y5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEgQJP0CKzjOL1xDWi-2XSRsyi_qG8I-TCZiwbJxlIHM7m-CrMS5NuISwOgZ4nfOEdJZEtQCK9_z4V-wIdIlyNJFgxSlv5Q9nAwbUx4SRCtBMC_fIW0DmgPeVzSr5tqkjASzm6STjucheKy8F6sNYT64klWVunCQkqXWVAxw0-OlYev5zsHXz4GWywHEpfix4zUEkDu08mV9KPIgshYpS-lZGxF3cr9qyLaf7ZkI7Jkfi7npGXcdlXQX7D9EuBXt4ddb7CpIKJ6R4WPucG0hTH0OrgwSSx1SomwVvj930Q-AIfLprOO9F7ZwoPit6v6KZuYLB5bIL4Fc90mDoKNNrj2wWgMOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3DZq9wNZ8IyDqSVMyRZmEa9_tRoQ%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.75.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-75-47.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:34 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 82E8 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1674230974382
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:34 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop237.fr8.t,1674230974.cds244.fr8.shn,1674230974.cds244.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame 82E8 		0
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:34 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230974383023-405
Expires
Fri, 20 Jan 2023 16:09:34 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 82E8 		301 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fadncaraota.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:34 GMT
Server
nginx
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1674230974371053-413
Expires
Fri, 20 Jan 2023 16:09:34 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 82E8 		67 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C56318%2C1%2C9228498694961311768061378081%2C%2C&_fw_gdpr_consent=&vav=a5d64d978360fc49a352552aca518571&vaviv=57d89f9fbd82bddfbc2c74680bec9941&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fadncaraota.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:34 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1674230974337097-601
Expires
Fri, 20 Jan 2023 16:09:34 GMT
link.html
track.webgains.com/ Frame 2E99 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g2zrxyepcdsa5mpfx7wybg0bx3eafexsn342sm5z1mc593ctcwd6mw4xgzr78t8rfmf0jchq4116q5rh3crwbacvgfn9ayq7bn2ytx244vgkpf5rq3ma9h7knzkfwsz029bp5x8znhb64ex1nwwk44747mdg0qghkg3dq3s46sgn166p0evg3fgq80x3a8spsvmpdtmfs6sp2ep0ppz7fg792ws6dwgw92bgv88awxsd75afz3s719msq29v12ba57jp%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hsw3ppdfhp8vmykf4dbrh0kj4kjfrs3gzwth79ccnyx4y01aabx1g6f2n7s8vs2y32kvp6cejc37bq7vajvfqp3p52z97nbetewvge5hjt8tbc0qp2zxm2p1pqdbp331vpx5qb439kjrg45c4tfb19qeqcrrpfgky0tcewtx1cy5ys5m3f7acxezebejgte53j3sttaxx2fa4p777erth8gcw7zfj2k06ywp180y9gs0wkpyzrc9zbt79twxrsspbarmb02pwcv8chzwpp0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBCV_vLzKY465MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoE_AFP0BVQ00imEV9BG-DrtJyhQ_fgudY4BBugd3UDhnouc_srXuKiVyeQanmmspQFQNJhfV8QNqRO5JvV4DnkpRKQBpyTilAhyfrwxVhkXGCv7KXVYnEfWMt211dSguL6rlAd2Lhw574z-v6PhYeiP7a41syAPUhMpN9fIsJ2AlR6gKVKfnUMpuc0noGTQ_HhlAldqa050oovxui-JsFCxZjmbTsC-zaxvNsdqDOtPHxBYIR6t5G2mLp4mrt3vZJf-n0TaTTLUcbkVN7b06zpG_9E_Ftds8-AMMymDjHRgbfE4WKwrspXIkOTLAGzh2_TuCcayeIpD0JvzU0BdC_gBAGABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1WI6wq1uCVTXZJ2ufR1pCBf4xThg%252526client%25253Dca-pub-8339469931624128%252526adurl%25253D&clickref=oneidGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47oneid__suite_Netmix_Reach14_AKTION&viewref=oneidJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1oneid__suite_Netmix_Reach14_AKTION
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C183975%2C14044&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=728&d=90&e=&g=11fbeeb394524b8200c10eaa8f3cd61c%2F12102109115472933496&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1674230974105&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hsw3ppdfhp8vmykf4dbrh0kj4kjfrs3gzwth79ccnyx4y01aabx1g6f2n7s8vs2y32kvp6cejc37bq7vajvfqp3p52z97nbetewvge5hjt8tbc0qp2zxm2p1pqdbp331vpx5qb439kjrg45c4tfb19qeqcrrpfgky0tcewtx1cy5ys5m3f7acxezebejgte53j3sttaxx2fa4p777erth8gcw7zfj2k06ywp180y9gs0wkpyzrc9zbt79twxrsspbarmb02pwcv8chzwpp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBCV_vLzKY465MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoE_AFP0BVQ00imEV9BG-DrtJyhQ_fgudY4BBugd3UDhnouc_srXuKiVyeQanmmspQFQNJhfV8QNqRO5JvV4DnkpRKQBpyTilAhyfrwxVhkXGCv7KXVYnEfWMt211dSguL6rlAd2Lhw574z-v6PhYeiP7a41syAPUhMpN9fIsJ2AlR6gKVKfnUMpuc0noGTQ_HhlAldqa050oovxui-JsFCxZjmbTsC-zaxvNsdqDOtPHxBYIR6t5G2mLp4mrt3vZJf-n0TaTTLUcbkVN7b06zpG_9E_Ftds8-AMMymDjHRgbfE4WKwrspXIkOTLAGzh2_TuCcayeIpD0JvzU0BdC_gBAGABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1WI6wq1uCVTXZJ2ufR1pCBf4xThg%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.176.33.61 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-176-33-61.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
9b8b20759af0c29b988cd3999840e667ac91a1494e81b0b6566f502f919d9be9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
last-modified
Fri, 20 Jan 2023 16:09:34 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 20 Jan 2023 16:10:34 GMT
rs
ad4m.at/ Frame A638 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
828ee1a6d76421e7e56e158ad102afad39f3d22122a8af59793b6c4a09ed6414

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oKMAQWep4TUsI92SjD2g7PercEnV8vBAiu0UAv3rkWPTD1Ub2P3uqTvVTS86ORm2e%2BgZwASnrkbAMyNFWfYnXHymmiB%2F2tHaWZM1Alll2X0hHEvkU4qOJvyayqmrqjTOuI5ZrO0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
78c913468df591f6-FRA
x-backend-server
aa-reachservice-group-europe-west1-gxt5
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
78c913464d9f91f6-FRA
content-length
24
content-type
text/plain
date
Fri, 20 Jan 2023 16:09:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVpoxUypY6n0iitniLT7%2FMpQj12Avvuql3hxq2p8OAgJh4d9cOVHYLfNSYyfVjAKEg2Q1TzPTEd6gouQctOXmNcVY%2BnBMSJQ5TnM1ZjSyOfIsunjNXApAYdk7KWEcDzqItCyxzA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-gxt5
user-matching
ads.stickyadstv.com/ Frame 82E8 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:34 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230974438019-345
Expires
Fri, 20 Jan 2023 16:09:34 GMT
user-matching
ads.stickyadstv.com/ Frame 82E8 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9AZJHK02D6NDK3YPNABP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:34 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230974418068-566
Expires
Fri, 20 Jan 2023 16:09:34 GMT
view.aspx
pb.media01.eu/ Frame 886B
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=83752400174015600951403012210028&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=83752400174015600951403012210028&actionid=981741&produktid=&dt_url=
0
607 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=83752400174015600951403012210028&actionid=981741&produktid=&dt_url=
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=s2gk7r78n0fa&nw=20&renderingType=javascript&namespace=9dcebe53b6&subid=&uid=606ab516243e8db7&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DqPbq9sp8wpsVRK5cvi3mIw%26exch_seat%3D20035004448%26mt_aid%3D616291371190682468%26mt_id%3D6622335%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D5a0163ca-bcbb-4500-a947-113b34a33c4d%26mt_cid%3D5a0163ca-bcbb-4500-a947-113b34a33c4d%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCPq6gvLzKY425MJm5nsEPqqCNuAnPh46bXMCG2YLGAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJ4AIAqAMBqgSDAk_QhgKGmm7NI2VZw9_OCXzHxTPDz2k95QvCpN2OmP810Jdknuxg3ZTeVZ0WOEPVQdo4hSg1S2lkuV2pWofyxF8sKpLOQvKvSEFafiSktuqNPcMcqTYgDsMll5YJX6nv3RmzF5Sm-48RRMzspNXPynxmWnUKrcunUWm3kYBQK5Ut885suNnqWMZqP4v1OrG3itqaX3kt1Z5FXrS0rY-eXqrIwjDxaNKqIgADx7y_wXl7ZkDJ2z3LpYthKaaQtqGNTW9XJvZU-yji1a62n1gcle7dBhTsdx-SlVK8i8LtsCixQ8W9kE_MLaWiiRVNxzt4tjvFEcWUL_4HpzBiBTPy10INeYfgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_38vBgchlpw52Tay6jiOjpCsbBGiQ%2526client%253Dca-pub-8339469931624128%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=4063434155163&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:32 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Fri, 20 Jan 2023 05:09:33 GMT
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

Content-Length
0
Content-Type
application/javascript
Date
Fri, 20 Jan 2023 16:09:34 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=83752400174015600951403012210028&actionid=981741&produktid=&dt_url=
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40028
X-IPLB-Request-ID
515F0523:95C4_91EFC182:01BB_63CABCBE_F208C6E:11271
/
adv.office-partner.de/ Frame A90D 		930 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=s2gk7r78n0fa&nw=20&renderingType=javascript&namespace=9dcebe53b6&subid=&uid=606ab516243e8db7&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DqPbq9sp8wpsVRK5cvi3mIw%26exch_seat%3D20035004448%26mt_aid%3D616291371190682468%26mt_id%3D6622335%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D5a0163ca-bcbb-4500-a947-113b34a33c4d%26mt_cid%3D5a0163ca-bcbb-4500-a947-113b34a33c4d%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCPq6gvLzKY425MJm5nsEPqqCNuAnPh46bXMCG2YLGAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJ4AIAqAMBqgSDAk_QhgKGmm7NI2VZw9_OCXzHxTPDz2k95QvCpN2OmP810Jdknuxg3ZTeVZ0WOEPVQdo4hSg1S2lkuV2pWofyxF8sKpLOQvKvSEFafiSktuqNPcMcqTYgDsMll5YJX6nv3RmzF5Sm-48RRMzspNXPynxmWnUKrcunUWm3kYBQK5Ut885suNnqWMZqP4v1OrG3itqaX3kt1Z5FXrS0rY-eXqrIwjDxaNKqIgADx7y_wXl7ZkDJ2z3LpYthKaaQtqGNTW9XJvZU-yji1a62n1gcle7dBhTsdx-SlVK8i8LtsCixQ8W9kE_MLaWiiRVNxzt4tjvFEcWUL_4HpzBiBTPy10INeYfgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_38vBgchlpw52Tay6jiOjpCsbBGiQ%2526client%253Dca-pub-8339469931624128%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=4063434155163&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Fri, 20 Jan 2023 16:09:34 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Fri, 27 Jan 2023 16:09:34 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
atvi
htlp
futalis.de/ Frame 0222
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=83752400174015600951403012210028&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2104477020
350 B
409 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2104477020
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=s2gk7r78n0fa&nw=20&renderingType=javascript&namespace=9dcebe53b6&subid=&uid=606ab516243e8db7&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DqPbq9sp8wpsVRK5cvi3mIw%26exch_seat%3D20035004448%26mt_aid%3D616291371190682468%26mt_id%3D6622335%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D5a0163ca-bcbb-4500-a947-113b34a33c4d%26mt_cid%3D5a0163ca-bcbb-4500-a947-113b34a33c4d%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCPq6gvLzKY425MJm5nsEPqqCNuAnPh46bXMCG2YLGAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJ4AIAqAMBqgSDAk_QhgKGmm7NI2VZw9_OCXzHxTPDz2k95QvCpN2OmP810Jdknuxg3ZTeVZ0WOEPVQdo4hSg1S2lkuV2pWofyxF8sKpLOQvKvSEFafiSktuqNPcMcqTYgDsMll5YJX6nv3RmzF5Sm-48RRMzspNXPynxmWnUKrcunUWm3kYBQK5Ut885suNnqWMZqP4v1OrG3itqaX3kt1Z5FXrS0rY-eXqrIwjDxaNKqIgADx7y_wXl7ZkDJ2z3LpYthKaaQtqGNTW9XJvZU-yji1a62n1gcle7dBhTsdx-SlVK8i8LtsCixQ8W9kE_MLaWiiRVNxzt4tjvFEcWUL_4HpzBiBTPy10INeYfgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_38vBgchlpw52Tay6jiOjpCsbBGiQ%2526client%253Dca-pub-8339469931624128%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=4063434155163&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.14.134 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-2.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Fri, 20 Jan 2023 16:09:34 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2104477020
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
link.html
track.webgains.com/ Frame 7C98 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=83752400174015600951403012210028&nw=1
Requested by
Host: adncaraota.com
URL: https://adncaraota.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.176.33.61 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-176-33-61.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
cbdd087284a70c0c849cf1a5582c775e0fd2770a0da03448b4b4602de4778d1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
last-modified
Fri, 20 Jan 2023 16:09:34 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 20 Jan 2023 16:10:34 GMT
request_content.php
hal900028.redintelligence.net/ Frame 1933 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/request_content.php?s=83752400174015600951403012210028&a=0b092f05
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=s2gk7r78n0fa&nw=20&renderingType=javascript&namespace=9dcebe53b6&subid=&uid=606ab516243e8db7&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DqPbq9sp8wpsVRK5cvi3mIw%26exch_seat%3D20035004448%26mt_aid%3D616291371190682468%26mt_id%3D6622335%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D5a0163ca-bcbb-4500-a947-113b34a33c4d%26mt_cid%3D5a0163ca-bcbb-4500-a947-113b34a33c4d%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCPq6gvLzKY425MJm5nsEPqqCNuAnPh46bXMCG2YLGAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJ4AIAqAMBqgSDAk_QhgKGmm7NI2VZw9_OCXzHxTPDz2k95QvCpN2OmP810Jdknuxg3ZTeVZ0WOEPVQdo4hSg1S2lkuV2pWofyxF8sKpLOQvKvSEFafiSktuqNPcMcqTYgDsMll5YJX6nv3RmzF5Sm-48RRMzspNXPynxmWnUKrcunUWm3kYBQK5Ut885suNnqWMZqP4v1OrG3itqaX3kt1Z5FXrS0rY-eXqrIwjDxaNKqIgADx7y_wXl7ZkDJ2z3LpYthKaaQtqGNTW9XJvZU-yji1a62n1gcle7dBhTsdx-SlVK8i8LtsCixQ8W9kE_MLaWiiRVNxzt4tjvFEcWUL_4HpzBiBTPy10INeYfgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_38vBgchlpw52Tay6jiOjpCsbBGiQ%2526client%253Dca-pub-8339469931624128%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=4063434155163&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
183de06346cd2f5d2971ffacf358c7bd5439ef3e10ba009de1dc80759da49b67

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2208
Content-Type
text/html; charset=utf-8
Date
Fri, 20 Jan 2023 16:09:34 GMT
Expires
Fri, 20 Jan 2023 16:09:34 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
native.png
ad-server.eu/wm/pb/ Frame 7C98
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=83752400174015600951403012210028
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=83752400174015600951403012210028
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:12:34 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Fri, 20 Jan 2023 16:09:34 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
515F0523:95BE_91EFC182:01BB_63CABCBE_F21E85E:1126F
X-IPLB-Instance
40028
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
cshow.php
www.awin1.com/ Frame 7C98 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=83752400174015600951403012210028&pv=1
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.75.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-75-47.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:34 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
iframe
sync.mathtag.com/sync/ Frame D5A0 		675 B
781 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/iframe?mt_uuid=5a0163ca-bcbb-4500-a947-113b34a33c4d&no_iframe=1&synclist=4&mt_lim=1&type=1&source=bidder
Requested by
Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=1&type=1&synclist=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 357 2feb0b5 master cdg-pixel-x11 config:1.0.0 /
Resource Hash
70c8863d1f8191f5eae09e3895ec780548d805598b5375b401d957c8b873b39e

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 20 Jan 2023 16:09:34 GMT
Expires
Fri, 20 Jan 2023 16:09:33 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 357 2feb0b5 master cdg-pixel-x11 config:1.0.0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 68AA 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
10486
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 13:14:48 GMT
etag
48472445140208031
expires
Sat, 21 Jan 2023 13:14:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7C98 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
727491564ced2e5ba1df35ed4c0428cc4504be726b80609eb99e2cd304126468

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
postback
s.update.mediamathtag.com/2/2.88.0/619621/AcUEjkgKEAaTdI2w/ Frame 7C98 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.88.0/619621/AcUEjkgKEAaTdI2w/postback?oz_pl=1&ap=&sr=4&ac=651871&ai=216536&r1=2a01%3A4a0%3A2b%3A%3A&r2=&r3=&pd=avt&ti=616291371190682468&pp=pub-8339469931624128&si=1445604582&ci=619621&dt=6196211556140246740000&de=43003&cr=6622335&c1=4562306&di=https%3A%2F%2Fadncaraota.com&pv=0502ff70-0831-417f-a094-826ec2e9daad&dm=970x250&ui=88a7395e-a9c3-056e-0000-000000000000&_x=1
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//adncaraota.com&ui=88a7395e-a9c3-056e-0000-000000000000&ap=&ti=616291371190682468&pv=0502ff70-0831-417f-a094-826ec2e9daad&pp=pub-8339469931624128&sr=4&de=43003&si=1445604582&dm=970x250&ac=651871&cr=6622335&ai=216536&c1=4562306&r1=2a01:4a0:2b::&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.212.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 20 Jan 2023 16:09:34 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.update.mediamathtag.com/2/2.88.0/ Frame 7C98 		171 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.88.0/main.js
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//adncaraota.com&ui=88a7395e-a9c3-056e-0000-000000000000&ap=&ti=616291371190682468&pv=0502ff70-0831-417f-a094-826ec2e9daad&pp=pub-8339469931624128&sr=4&de=43003&si=1445604582&dm=970x250&ac=651871&cr=6622335&ai=216536&c1=4562306&r1=2a01:4a0:2b::&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.212.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf9f723c8119c017afec425fdbe058bd4404e0c5853ff4a72164449d8507a210
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin
*
Content-Length
54959
Expires
Mon, 28 Sep 2054 17:27:31 GMT
img
sync.mathtag.com/comp/ Frame 7C98 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 377 f232435 master cdg-pixel-x10 config:1.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:34 GMT
Server
MT3 377 f232435 master cdg-pixel-x10 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 20 Jan 2023 16:09:33 GMT
css
fonts.googleapis.com/ Frame 1933 		4 KB
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=83752400174015600951403012210028&a=0b092f05
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 20 Jan 2023 16:09:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 16:02:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 20 Jan 2023 16:09:34 GMT
/
hal9000.redintelligence.net/scale/ Frame 1933 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=83752400174015600951403012210028&a=0b092f05
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
df74fb97057ccdda96ec9e21f06fdb77f7e2f45b5a250381c501045d8ed68c4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:34 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 1933 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=83752400174015600951403012210028&a=0b092f05
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
ef4a259846833abbaec4560fa3e48c5afdc3f39ae38a5fd928f8f00a0d4b51f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:34 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
57512
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 1933 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=83752400174015600951403012210028&a=0b092f05
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
7642d33f07982b761161e0c7ece46ac4451a5cf6f2df50e8a01eed763dcac5f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:34 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
47196
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 1933 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=83752400174015600951403012210028&a=0b092f05
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
d3b998a65601caf0a462cd7a11c3ea8401211531dc343f9f9ad2449b05ce8fce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:34 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
59363
Vary
Accept-Encoding
Content-Type
image/png
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:34 GMT
server
nginx
t
t.lkqd.net/ Frame 762F 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:34 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
rar
as.ad4m.at/ad/ Frame 9942 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f376e9abdd93a2272c6543bf2aff1725%2F506313898071075014&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674230974508&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4sab7s68bex8t02k70qvyq5qer8zgd5v2mv75f6s5r4mnkm9dz6ap1ywc5a0t94g2019rjh4psyy225nmzxbgnh0cybc31y6xw7z4fnn4663ak5161098gseebyhzrbz6edm4yrpm5f7zt1qr51r1h07wx5mr68t26dcvzjvhtr57z0syvx1g4anhry5f00qppxm6bb10caa9ppvzw59pcmg0csjts97z6wcasmapnq334khnbc04ce4a2qbcgmaaycdr4w56pxpkdmst0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmAaWvLzKY4u5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEhQJP0FtyO975n_5PTAzovyWATwGr0DN87sGuGxn18ZmS-pZpI3GcvsZNKhEGv2XsOTeK5kqXxHrLQ0ml5zu5X8y7sg2Fqp4hYHVMMVuyiKCffnDCA-FaSM5L1LqfI-FovHsQ4TAk9wJawjaEdsp38oRbXKrEsfu7SEYGjdE8A5uh5AkqzajJcZkyjs5PgRGpiFovn91IMGTWHSzt_HMa45wOZ3rTYMJ1OtoxhJ05YC8RLv7cljQb3KKAb5GRkqs7j5tGMzVm2Jyckqj8D5yJumi3i0jhHr_CfH8JJZKjn3VSc-84ttLJ6y1Qd1HrCKbUxqWSBm03XW1r7bCq5z0PrfNXWo3EHtfgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1yrPEMCc-JA7UfiUFrOu4Az74ySA%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
485ccf2168afa91bc52324d6b3699c52c87aea8311804073ca025d1ef283f538
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1h3xhtpnqy1qnws37t30g25cngef5pg6nswjf1p1fwhtem3rf7n6kp0eg2cq0er6aejj3sjq8xs2xpp0e478akm3a6dkem1y22thmxgfqsft0r3j574x2ns73qcndate3rpaahsh65w6e5afrfsz9p0x7gx4ansezdhvwbb08r6h5ndrm1bdxc5fs429bf09jqr306va8ceb0brnprpfy07j5eys9z38qz4gr3yydkhccphkj34p29mhj9zr6medv1h8ej9yw1b80132cdj43zjwbfedjx7pf611wynrej1k0n2txm277b4swfqdny6vr3fp5m6zxqx69g3fkvy8f0za17s6tk20n8hk46brfr9jh5hb6c6fvbrr3vf9w111a9kjwajcf62cks7ef915p5rfpkpc0qsmx5vrn4q6arp4s8xbnnjpt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmAaWvLzKY4u5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEhQJP0FtyO975n_5PTAzovyWATwGr0DN87sGuGxn18ZmS-pZpI3GcvsZNKhEGv2XsOTeK5kqXxHrLQ0ml5zu5X8y7sg2Fqp4hYHVMMVuyiKCffnDCA-FaSM5L1LqfI-FovHsQ4TAk9wJawjaEdsp38oRbXKrEsfu7SEYGjdE8A5uh5AkqzajJcZkyjs5PgRGpiFovn91IMGTWHSzt_HMa45wOZ3rTYMJ1OtoxhJ05YC8RLv7cljQb3KKAb5GRkqs7j5tGMzVm2Jyckqj8D5yJumi3i0jhHr_CfH8JJZKjn3VSc-84ttLJ6y1Qd1HrCKbUxqWSBm03XW1r7bCq5z0PrfNXWo3EHtfgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1yrPEMCc-JA7UfiUFrOu4Az74ySA%26client%3Dca-pub-8339469931624128%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
78c91346ff4d2c01-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 16:09:34 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
i.match
a.tribalfusion.com/ Frame 68AA 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEHdYd9K6ZAciWfUCZexXDck&google_cver=1&google_push=AavPq0PCeV2XkIlKzsVipCpkiC6BYjDdaJuYHW6Vsyvw3oLydPrqNAqt4eBsCYWEqDCe5bFd4mh5DV_JBebdQZioy9g-Wr0vUK5G&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0PCeV2XkIlKzsVipCpkiC6BYjDdaJuYHW6Vsyvw3oLydPrqNAqt4eBsCYWEqDCe5bFd4mh5DV_JBebdQZioy9g-Wr0vUK5G%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
78c913471a362c72-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 68AA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WThxOHZnQUEyNnRySndBXw==&google_gid=CAESENy5K5TIvkv9STxLT66N9rA&google_cver=1&google_push=AavPq0NIRFBTHTGyECbhKf0GWh85uR1DwV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WThxOHZnQUEyNnRySndBXw==&google_gid=CAESENy5K5TIvkv9STxLT66N9rA&google_cver=1&google_push=AavPq0NIRFBTHTGyECbhKf0GWh85uR1DwVu68GtuI24TTtLUbWF5xS0KUfMfttrVF9Y9xiyOga-fNSsHpKy5N3BiWo_08RD2PXJsYw
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-yul12825-YUL
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
via
1.1 varnish
server
Varnish
x-timer
S1674230975.613693,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WThxOHZnQUEyNnRySndBXw==&google_gid=CAESENy5K5TIvkv9STxLT66N9rA&google_cver=1&google_push=AavPq0NIRFBTHTGyECbhKf0GWh85uR1DwVu68GtuI24TTtLUbWF5xS0KUfMfttrVF9Y9xiyOga-fNSsHpKy5N3BiWo_08RD2PXJsYw
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 68AA
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPpNYTE8pMyiVnjjRcVxTuU&google_cver=1&google_push=AavPq0MuP3rOk5Lnp5sa-dYL7y-Gx_IfTQaZN8jOFLqkHuJrELdVOKHuPZAZIOvHvsGSWDTfHg8p4eQA6cZ1rb...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MDc2NzI3NTAxNzA0MjA2MQ%3D%3D&google_push=AavPq0MuP3rOk5Lnp5sa-dYL7y-Gx_IfTQaZN8jOFLqkHuJrELdVOKHuPZAZIOvHvsGSWDTfHg8p4eQA6cZ1rbk_oI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MDc2NzI3NTAxNzA0MjA2MQ%3D%3D&google_push=AavPq0MuP3rOk5Lnp5sa-dYL7y-Gx_IfTQaZN8jOFLqkHuJrELdVOKHuPZAZIOvHvsGSWDTfHg8p4eQA6cZ1rbk_oIb2riWlkx_nuA
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MDc2NzI3NTAxNzA0MjA2MQ%3D%3D&google_push=AavPq0MuP3rOk5Lnp5sa-dYL7y-Gx_IfTQaZN8jOFLqkHuJrELdVOKHuPZAZIOvHvsGSWDTfHg8p4eQA6cZ1rbk_oIb2riWlkx_nuA
Date
Fri, 20 Jan 2023 16:09:34 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 68AA
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGvfWEzsScvhW9mguCCE5Q8&google_cver=1&google_push=AavPq0Mz-32VQZeXuXkZv9_3U_1ZAWSkekBrzpcEK-4As6W1rzuQwEdFlD1U9zSOUVqvKf71iU_3Kx7GxxPWMI06oFNbgd8...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Mz-32VQZeXuXkZv9_3U_1ZAWSkekBrzpcEK-4As6W1rzuQwEdFlD1U9zSOUVqvKf71iU_3Kx7GxxPWMI06oFNbgd8ZT0zMNg&google_hm=eS1sTFlRUVQ1RTJwRy5P...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Mz-32VQZeXuXkZv9_3U_1ZAWSkekBrzpcEK-4As6W1rzuQwEdFlD1U9zSOUVqvKf71iU_3Kx7GxxPWMI06oFNbgd8ZT0zMNg&google_hm=eS1sTFlRUVQ1RTJwRy5PVHFHN2hyU1lUNi5KN0RFOWtVeX5B
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 20 Jan 2023 16:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Mz-32VQZeXuXkZv9_3U_1ZAWSkekBrzpcEK-4As6W1rzuQwEdFlD1U9zSOUVqvKf71iU_3Kx7GxxPWMI06oFNbgd8ZT0zMNg&google_hm=eS1sTFlRUVQ1RTJwRy5PVHFHN2hyU1lUNi5KN0RFOWtVeX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 68AA
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL_gje3LgIv6_agmzQ-3AgM&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL_gje3LgIv6_agmzQ-3AgM&google_hm=Y8q8vXyXRKO7KEm-le737QAABJYAAAIB&google_nid=index&google_push=AavPq0MO9mYzyK3C8b04sKO9S1kKkRv5umVpt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL_gje3LgIv6_agmzQ-3AgM&google_hm=Y8q8vXyXRKO7KEm-le737QAABJYAAAIB&google_nid=index&google_push=AavPq0MO9mYzyK3C8b04sKO9S1kKkRv5umVptaKOYdZOFJmL46reChkJr8dUfLSfGzJ2rgDJb6bXzv4Rdc3LBes5fesJ9zZvWdOskw
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ewv%2FX834I7ysbEwvU2ZimZoBopMcc2Fbm85w7nfvSL3dSPjHnGkJUNYfooaHduidYm214k8pwAhG1LkLhG00w5yKadUGy%2F90VgoKf8kFLE15Z0lbD9tHyNL0DKzg8vxD5xqTxb0cwNfKAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL_gje3LgIv6_agmzQ-3AgM&google_hm=Y8q8vXyXRKO7KEm-le737QAABJYAAAIB&google_nid=index&google_push=AavPq0MO9mYzyK3C8b04sKO9S1kKkRv5umVptaKOYdZOFJmL46reChkJr8dUfLSfGzJ2rgDJb6bXzv4Rdc3LBes5fesJ9zZvWdOskw
cache-control
no-cache
cf-ray
78c913471e3e30c3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 68AA
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEOqmXhthixcCpVZ6iJS7_SA&google_cver=1&google_push=AavPq0MwHeTAsHOlMahHTx8U_kEf5f-NKbHnzW57Q0WBNIU7sVYDYAOwQedBZs-eUETERIhdtqGQR7hMwE9RvU4OyGpwvCwaKiSXEw
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0MwHeTAsHOlMahHTx8U_kEf5f-NKbHnzW57Q0WBNIU7sVYDYAOwQedBZs-eUETERIhdtqGQR7hMwE9RvU4OyGpwvCwaKiSXEw&google_hm=Z2Q2OWYyN2E3OGViMD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0MwHeTAsHOlMahHTx8U_kEf5f-NKbHnzW57Q0WBNIU7sVYDYAOwQedBZs-eUETERIhdtqGQR7hMwE9RvU4OyGpwvCwaKiSXEw&google_hm=Z2Q2OWYyN2E3OGViMDNiYTRiMTU=
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0MwHeTAsHOlMahHTx8U_kEf5f-NKbHnzW57Q0WBNIU7sVYDYAOwQedBZs-eUETERIhdtqGQR7hMwE9RvU4OyGpwvCwaKiSXEw&google_hm=Z2Q2OWYyN2E3OGViMDNiYTRiMTU=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 68AA
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEMfCQZFJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d6a150f5-36dc-49d6-bf28-5da25dcbf756&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d6a150f5-36dc-49d6-bf28-5da25dcbf756&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d6a150f5-36dc-49d6-bf28-5da25dcbf756&%%GOOGLE_PUSH_PAIR%%
date
Fri, 20 Jan 2023 16:09:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 68AA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kc4wW6Ozcn6Nf3wdQxCT7gGcZmpYAphLJH11KzuEks00S118pDCnV4HImBzRwIPv5meCMY0Q
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
img
sync.mathtag.com/comp/ Frame D5A0 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by
Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/iframe?mt_uuid=5a0163ca-bcbb-4500-a947-113b34a33c4d&no_iframe=1&synclist=4&mt_lim=1&type=1&source=bidder
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 357 2feb0b5 master cdg-pixel-x25 config:1.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.mathtag.com/sync/iframe?mt_uuid=5a0163ca-bcbb-4500-a947-113b34a33c4d&no_iframe=1&synclist=4&mt_lim=1&type=1&source=bidder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:34 GMT
Server
MT3 357 2feb0b5 master cdg-pixel-x25 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 20 Jan 2023 16:09:33 GMT
viewability
hal900028.redintelligence.net/ Frame 1933 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/viewability?s=83752400174015600951403012210028&a=1bb25ff8&vb=m
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=83752400174015600951403012210028&a=0b092f05
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/request_content.php?s=83752400174015600951403012210028&a=0b092f05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:34 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 1933 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900028.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 19:24:52 GMT
x-content-type-options
nosniff
age
161082
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Jan 2024 19:24:52 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 1933 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900028.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 13:30:55 GMT
x-content-type-options
nosniff
age
527919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jan 2024 13:30:55 GMT
pvClk.min.js
analytics.webgains.io/ Frame 2E99 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g2zrxyepcdsa5mpfx7wybg0bx3eafexsn342sm5z1mc593ctcwd6mw4xgzr78t8rfmf0jchq4116q5rh3crwbacvgfn9ayq7bn2ytx244vgkpf5rq3ma9h7knzkfwsz029bp5x8znhb64ex1nwwk44747mdg0qghkg3dq3s46sgn166p0evg3fgq80x3a8spsvmpdtmfs6sp2ep0ppz7fg792ws6dwgw92bgv88awxsd75afz3s719msq29v12ba57jp%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hsw3ppdfhp8vmykf4dbrh0kj4kjfrs3gzwth79ccnyx4y01aabx1g6f2n7s8vs2y32kvp6cejc37bq7vajvfqp3p52z97nbetewvge5hjt8tbc0qp2zxm2p1pqdbp331vpx5qb439kjrg45c4tfb19qeqcrrpfgky0tcewtx1cy5ys5m3f7acxezebejgte53j3sttaxx2fa4p777erth8gcw7zfj2k06ywp180y9gs0wkpyzrc9zbt79twxrsspbarmb02pwcv8chzwpp0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBCV_vLzKY465MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoE_AFP0BVQ00imEV9BG-DrtJyhQ_fgudY4BBugd3UDhnouc_srXuKiVyeQanmmspQFQNJhfV8QNqRO5JvV4DnkpRKQBpyTilAhyfrwxVhkXGCv7KXVYnEfWMt211dSguL6rlAd2Lhw574z-v6PhYeiP7a41syAPUhMpN9fIsJ2AlR6gKVKfnUMpuc0noGTQ_HhlAldqa050oovxui-JsFCxZjmbTsC-zaxvNsdqDOtPHxBYIR6t5G2mLp4mrt3vZJf-n0TaTTLUcbkVN7b06zpG_9E_Ftds8-AMMymDjHRgbfE4WKwrspXIkOTLAGzh2_TuCcayeIpD0JvzU0BdC_gBAGABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1WI6wq1uCVTXZJ2ufR1pCBf4xThg%252526client%25253Dca-pub-8339469931624128%252526adurl%25253D&clickref=oneidGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47oneid__suite_Netmix_Reach14_AKTION&viewref=oneidJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1oneid__suite_Netmix_Reach14_AKTION
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-11.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 15:31:21 GMT
content-encoding
gzip
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 10:53:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
2294
etag
W/"0d5045593d14c9612a5d5576928a5209"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
p2Q3_A30-KXFk-UKFmSmcQfegu_5x_FIahdb-OuOuMdRnl5UAAy8cQ==
link.html
track.webgains.com/ Frame 2E99 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1oneid__suite_Netmix_Reach14_AKTION&wglinkid=2194035
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C183975%2C14044&b=8xAfDf8fR9w7tgHJHEtxtXKQcGSwT827UYe%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=Z5mTwfBfz5Q4smHDHDtDC6zPC6SXTxWrfWA%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=728&d=90&e=&g=11fbeeb394524b8200c10eaa8f3cd61c%2F12102109115472933496&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1674230974105&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hsw3ppdfhp8vmykf4dbrh0kj4kjfrs3gzwth79ccnyx4y01aabx1g6f2n7s8vs2y32kvp6cejc37bq7vajvfqp3p52z97nbetewvge5hjt8tbc0qp2zxm2p1pqdbp331vpx5qb439kjrg45c4tfb19qeqcrrpfgky0tcewtx1cy5ys5m3f7acxezebejgte53j3sttaxx2fa4p777erth8gcw7zfj2k06ywp180y9gs0wkpyzrc9zbt79twxrsspbarmb02pwcv8chzwpp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBCV_vLzKY465MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoE_AFP0BVQ00imEV9BG-DrtJyhQ_fgudY4BBugd3UDhnouc_srXuKiVyeQanmmspQFQNJhfV8QNqRO5JvV4DnkpRKQBpyTilAhyfrwxVhkXGCv7KXVYnEfWMt211dSguL6rlAd2Lhw574z-v6PhYeiP7a41syAPUhMpN9fIsJ2AlR6gKVKfnUMpuc0noGTQ_HhlAldqa050oovxui-JsFCxZjmbTsC-zaxvNsdqDOtPHxBYIR6t5G2mLp4mrt3vZJf-n0TaTTLUcbkVN7b06zpG_9E_Ftds8-AMMymDjHRgbfE4WKwrspXIkOTLAGzh2_TuCcayeIpD0JvzU0BdC_gBAGABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1WI6wq1uCVTXZJ2ufR1pCBf4xThg%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.176.33.61 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-176-33-61.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
last-modified
Fri, 20 Jan 2023 16:09:34 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 20 Jan 2023 16:10:34 GMT
gtm.js
www.googletagmanager.com/ Frame A90D 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
faf3f4d41a4eeacbf0302f57698938e6622dbd9e7b93992ee010244954691238
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40652
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 20 Jan 2023 16:09:34 GMT
postback
s.update.mediamathtag.com/2/2.88.0/619621/AcUEjkgKEAaTdI2w/ Frame 7C98 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.88.0/619621/AcUEjkgKEAaTdI2w/postback?oz_pl=1&ap=&sr=4&ac=651871&ai=216536&r1=2a01%3A4a0%3A2b%3A%3A&r2=&r3=&pd=avt&ti=616291371190682468&pp=pub-8339469931624128&si=1445604582&ci=619621&dt=6196211556140246740000&de=43003&cr=6622335&c1=4562306&di=https%3A%2F%2Fadncaraota.com&pv=0502ff70-0831-417f-a094-826ec2e9daad&dm=970x250&ui=88a7395e-a9c3-056e-0000-000000000000&_x=1
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//adncaraota.com&ui=88a7395e-a9c3-056e-0000-000000000000&ap=&ti=616291371190682468&pv=0502ff70-0831-417f-a094-826ec2e9daad&pp=pub-8339469931624128&sr=4&de=43003&si=1445604582&dm=970x250&ac=651871&cr=6622335&ai=216536&c1=4562306&r1=2a01:4a0:2b::&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.212.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 20 Jan 2023 16:09:34 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
ts.js
cdn.retailads.net/ Frame 0222 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2104477020
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:34 GMT
last-modified
Fri, 21 Jan 2022 14:35:51 GMT
server
Apache
etag
"14aa-5d6188919baaa"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5290
postback
s.update.mediamathtag.com/2/2.88.0/619621/AcUEjkgKEAaTdI2w/ Frame 7C98 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.88.0/619621/AcUEjkgKEAaTdI2w/postback?ap=&sr=4&ac=651871&ai=216536&r1=2a01%3A4a0%3A2b%3A%3A&r2=&r3=&pd=avt&ti=616291371190682468&pp=pub-8339469931624128&si=1445604582&ci=619621&dt=6196211556140246740000&de=43003&cr=6622335&c1=4562306&di=https%3A%2F%2Fadncaraota.com&pv=0502ff70-0831-417f-a094-826ec2e9daad&dm=970x250&ui=88a7395e-a9c3-056e-0000-000000000000&sid=AcUEjkgKEAaTdI2w&oz_sc=5aebca5fa618ea8c1bda824f&oz_df=1674230974660&oz_l=237&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.88.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.212.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 20 Jan 2023 16:09:34 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
pvClk.min.js
analytics.webgains.io/ Frame 7C98 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=83752400174015600951403012210028&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-11.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 15:31:21 GMT
content-encoding
gzip
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 10:53:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
2294
etag
W/"0d5045593d14c9612a5d5576928a5209"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
dNfcS-D1F8zy61_RFtvaBbWH8M-UUcD1yvyJ7TTlq-8mjIOlTEp_zg==
1x1.png
cdn.track.production.webgains.team/7121/ Frame 7C98 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1674231274&Signature=AbtnyWbSmHH7IulrTExaRdZD6k7kAxJx5YOzF-4THya9cLaar4SB-XraruAHzgG1etqj340ZOG9m-l0Zi8~iceCRs7xyuE0ZlX~JDZxhC2ZRBH3vWsa293bZDzpEixm-neFsR7O2OKWF2a6PuqIZML3QtbmLXKlrRIJIhlZeyN2pOYhn2yvo2wPfI5D6GlSELj6lqK79FCfoVICgSb8kWgyOgKY26cziylhMy7kmX2sat7ic2UIvCVHzGc9Nc6kQKTob4Q~frXbtAdjHmrPR8KqgLgNaeSCRdH1HQk0RVdo2dh~mseRf6w4-9tYBQaQz4DxFmtdF8WPZF8qpRrAn6g__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 20 Jan 2023 00:27:45 GMT
via
1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
56520
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
FXPoutUk_5yyXgeAMUYSKUibRMiI9cUGLGQvBJDZnUiaNQGucEK5CQ==
f489fafd-7787-41e3-8276-1aa806879d83
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/ Frame 0313 		185 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/f489fafd-7787-41e3-8276-1aa806879d83
Requested by
Host: 5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
URL: https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length
185
Content-Type
application/javascript
postback
s.update.mediamathtag.com/2/2.88.0/619621/AcUEjkgKEAaTdI2w/ Frame 7C98 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.88.0/619621/AcUEjkgKEAaTdI2w/postback?ap=&sr=4&ac=651871&ai=216536&r1=2a01%3A4a0%3A2b%3A%3A&r2=&r3=&pd=avt&ti=616291371190682468&pp=pub-8339469931624128&si=1445604582&ci=619621&dt=6196211556140246740000&de=43003&cr=6622335&c1=4562306&di=https%3A%2F%2Fadncaraota.com&pv=0502ff70-0831-417f-a094-826ec2e9daad&dm=970x250&ui=88a7395e-a9c3-056e-0000-000000000000&sid=AcUEjkgKEAaTdI2w&oz_sc=5aebca5fa618ea8c1bda824f&oz_df=1674230974842&oz_l=4890&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.88.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.212.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 20 Jan 2023 16:09:34 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame 63D3 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv06t4oOluEu4Aoxn8UHhOjxeaw1Fd7vGnTwAH5gT1UX-kcSKsNcx6W1FoLMJDii-wBZoT556Skeqydw4AS5YNIvMST&sig=Cg0ArKJSzKa_fHK2h35IEAE&cid=CAASF-RoyVPHmFTHCUAjn1hPch0R0_B93nIJ&id=lidar2&mcvt=1000&p=1117,436,1207,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230118&bin=7&avms=nio&bs=0,0&mc=0.92&if=1&vu=1&app=0&itpl=20&adk=3974791747&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674230973312&rpt=589&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 44D8 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEysZZUS3Qfi-IhkP5M-gEdAhFZ-iayAFQl95-4ncx2s9NIBlAGWCjHsRYh0hyuZ7f2uF8ygtMOLCJCEWLtWn_mDsg&sig=Cg0ArKJSzH7PKWTOCwZEEAE&cid=CAASF-RoxnqGZw1WetZMa3vASrHblIjZvHo7&id=lidar2&mcvt=1003&p=92,596,182,1324&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230118&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1600816335&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674230973317&rpt=536&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame 9942 		90 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f376e9abdd93a2272c6543bf2aff1725%2F506313898071075014&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674230974508&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4sab7s68bex8t02k70qvyq5qer8zgd5v2mv75f6s5r4mnkm9dz6ap1ywc5a0t94g2019rjh4psyy225nmzxbgnh0cybc31y6xw7z4fnn4663ak5161098gseebyhzrbz6edm4yrpm5f7zt1qr51r1h07wx5mr68t26dcvzjvhtr57z0syvx1g4anhry5f00qppxm6bb10caa9ppvzw59pcmg0csjts97z6wcasmapnq334khnbc04ce4a2qbcgmaaycdr4w56pxpkdmst0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmAaWvLzKY4u5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEhQJP0FtyO975n_5PTAzovyWATwGr0DN87sGuGxn18ZmS-pZpI3GcvsZNKhEGv2XsOTeK5kqXxHrLQ0ml5zu5X8y7sg2Fqp4hYHVMMVuyiKCffnDCA-FaSM5L1LqfI-FovHsQ4TAk9wJawjaEdsp38oRbXKrEsfu7SEYGjdE8A5uh5AkqzajJcZkyjs5PgRGpiFovn91IMGTWHSzt_HMa45wOZ3rTYMJ1OtoxhJ05YC8RLv7cljQb3KKAb5GRkqs7j5tGMzVm2Jyckqj8D5yJumi3i0jhHr_CfH8JJZKjn3VSc-84ttLJ6y1Qd1HrCKbUxqWSBm03XW1r7bCq5z0PrfNXWo3EHtfgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1yrPEMCc-JA7UfiUFrOu4Az74ySA%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f376e9abdd93a2272c6543bf2aff1725%2F506313898071075014&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674230974508&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4sab7s68bex8t02k70qvyq5qer8zgd5v2mv75f6s5r4mnkm9dz6ap1ywc5a0t94g2019rjh4psyy225nmzxbgnh0cybc31y6xw7z4fnn4663ak5161098gseebyhzrbz6edm4yrpm5f7zt1qr51r1h07wx5mr68t26dcvzjvhtr57z0syvx1g4anhry5f00qppxm6bb10caa9ppvzw59pcmg0csjts97z6wcasmapnq334khnbc04ce4a2qbcgmaaycdr4w56pxpkdmst0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmAaWvLzKY4u5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEhQJP0FtyO975n_5PTAzovyWATwGr0DN87sGuGxn18ZmS-pZpI3GcvsZNKhEGv2XsOTeK5kqXxHrLQ0ml5zu5X8y7sg2Fqp4hYHVMMVuyiKCffnDCA-FaSM5L1LqfI-FovHsQ4TAk9wJawjaEdsp38oRbXKrEsfu7SEYGjdE8A5uh5AkqzajJcZkyjs5PgRGpiFovn91IMGTWHSzt_HMa45wOZ3rTYMJ1OtoxhJ05YC8RLv7cljQb3KKAb5GRkqs7j5tGMzVm2Jyckqj8D5yJumi3i0jhHr_CfH8JJZKjn3VSc-84ttLJ6y1Qd1HrCKbUxqWSBm03XW1r7bCq5z0PrfNXWo3EHtfgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1yrPEMCc-JA7UfiUFrOu4Az74ySA%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1674054542
age
176128
cf-polished
origSize=92334
x-guploader-uploadid
ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 18 Jan 2023 15:09:31 GMT
server
cloudflare
etag
W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary
Accept-Encoding
x-goog-generation
1674054571046429
content-type
text/css
x-goog-hash
crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92gSqgeBrFE9Kh4opYlmkx6OPVug7B7L2BUsUv5781SKbGCdWNoRY4IKXNc7%2BIR5a0U%2FVas10LjeSuKW1sXu37QR1rG4oN1c6J2OIjV9uVng0oQe84%2F7WYE6OC2w5liM9Mko8rWexl0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
92334
cf-ray
78c91349fd652c01-FRA
expires
Fri, 20 Jan 2023 17:09:35 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 9942 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f376e9abdd93a2272c6543bf2aff1725%2F506313898071075014&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674230974508&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4sab7s68bex8t02k70qvyq5qer8zgd5v2mv75f6s5r4mnkm9dz6ap1ywc5a0t94g2019rjh4psyy225nmzxbgnh0cybc31y6xw7z4fnn4663ak5161098gseebyhzrbz6edm4yrpm5f7zt1qr51r1h07wx5mr68t26dcvzjvhtr57z0syvx1g4anhry5f00qppxm6bb10caa9ppvzw59pcmg0csjts97z6wcasmapnq334khnbc04ce4a2qbcgmaaycdr4w56pxpkdmst0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmAaWvLzKY4u5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEhQJP0FtyO975n_5PTAzovyWATwGr0DN87sGuGxn18ZmS-pZpI3GcvsZNKhEGv2XsOTeK5kqXxHrLQ0ml5zu5X8y7sg2Fqp4hYHVMMVuyiKCffnDCA-FaSM5L1LqfI-FovHsQ4TAk9wJawjaEdsp38oRbXKrEsfu7SEYGjdE8A5uh5AkqzajJcZkyjs5PgRGpiFovn91IMGTWHSzt_HMa45wOZ3rTYMJ1OtoxhJ05YC8RLv7cljQb3KKAb5GRkqs7j5tGMzVm2Jyckqj8D5yJumi3i0jhHr_CfH8JJZKjn3VSc-84ttLJ6y1Qd1HrCKbUxqWSBm03XW1r7bCq5z0PrfNXWo3EHtfgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1yrPEMCc-JA7UfiUFrOu4Az74ySA%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1463609
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZSQfa4aBs%2FHYyVSnhnxbIX0KXwwDob%2FR8lStgr6Q8QVq1GGJ1crs5yizEW8LV0Ev90e%2BRDvtYKpGwDKq2suCD1H0E8T%2FUlCzS6lFJQWtddCOwmvhwjbI16cRQUIxFxckHd2Xf2huIe%2Fm6Q1"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78c91349fd672c01-FRA
expires
Sat, 21 Jan 2023 16:09:35 GMT
3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
assets.ad4m.at/product_image/ Frame 9942 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f376e9abdd93a2272c6543bf2aff1725%2F506313898071075014&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674230974508&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4sab7s68bex8t02k70qvyq5qer8zgd5v2mv75f6s5r4mnkm9dz6ap1ywc5a0t94g2019rjh4psyy225nmzxbgnh0cybc31y6xw7z4fnn4663ak5161098gseebyhzrbz6edm4yrpm5f7zt1qr51r1h07wx5mr68t26dcvzjvhtr57z0syvx1g4anhry5f00qppxm6bb10caa9ppvzw59pcmg0csjts97z6wcasmapnq334khnbc04ce4a2qbcgmaaycdr4w56pxpkdmst0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmAaWvLzKY4u5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEhQJP0FtyO975n_5PTAzovyWATwGr0DN87sGuGxn18ZmS-pZpI3GcvsZNKhEGv2XsOTeK5kqXxHrLQ0ml5zu5X8y7sg2Fqp4hYHVMMVuyiKCffnDCA-FaSM5L1LqfI-FovHsQ4TAk9wJawjaEdsp38oRbXKrEsfu7SEYGjdE8A5uh5AkqzajJcZkyjs5PgRGpiFovn91IMGTWHSzt_HMa45wOZ3rTYMJ1OtoxhJ05YC8RLv7cljQb3KKAb5GRkqs7j5tGMzVm2Jyckqj8D5yJumi3i0jhHr_CfH8JJZKjn3VSc-84ttLJ6y1Qd1HrCKbUxqWSBm03XW1r7bCq5z0PrfNXWo3EHtfgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1yrPEMCc-JA7UfiUFrOu4Az74ySA%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1463553
cf-polished
qual=85, origFmt=jpeg, origSize=46259
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10888
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 16:09:44 GMT
server
cloudflare
etag
"b2cf554576629d98986c459034c76d1a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCuzAFfve7Uypznk1qa706mL7JgPHdhOCHmAw4ohA4rIaMwPjQDTCRdym23hzXAwF5TeHblS4ix2IQThsCfzmRTXZqt7gAssvMx47sVL6lUxJjxfEFucebTpSxRf8w%2Bl1ClXCVoYsLWLuhEh"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78c9134a0d7e2c01-FRA
expires
Sat, 21 Jan 2023 16:09:35 GMT
/
partner.o2online.de/a/ Frame 9942
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPjmqLTE1vwCFYD2EQgd8rsLIw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023012017093580681767225X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_N...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023012017093580681767225X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2023012017093580681767225X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f376e9abdd93a2272c6543bf2aff1725%2F506313898071075014&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674230974508&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4sab7s68bex8t02k70qvyq5qer8zgd5v2mv75f6s5r4mnkm9dz6ap1ywc5a0t94g2019rjh4psyy225nmzxbgnh0cybc31y6xw7z4fnn4663ak5161098gseebyhzrbz6edm4yrpm5f7zt1qr51r1h07wx5mr68t26dcvzjvhtr57z0syvx1g4anhry5f00qppxm6bb10caa9ppvzw59pcmg0csjts97z6wcasmapnq334khnbc04ce4a2qbcgmaaycdr4w56pxpkdmst0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmAaWvLzKY4u5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEhQJP0FtyO975n_5PTAzovyWATwGr0DN87sGuGxn18ZmS-pZpI3GcvsZNKhEGv2XsOTeK5kqXxHrLQ0ml5zu5X8y7sg2Fqp4hYHVMMVuyiKCffnDCA-FaSM5L1LqfI-FovHsQ4TAk9wJawjaEdsp38oRbXKrEsfu7SEYGjdE8A5uh5AkqzajJcZkyjs5PgRGpiFovn91IMGTWHSzt_HMa45wOZ3rTYMJ1OtoxhJ05YC8RLv7cljQb3KKAb5GRkqs7j5tGMzVm2Jyckqj8D5yJumi3i0jhHr_CfH8JJZKjn3VSc-84ttLJ6y1Qd1HrCKbUxqWSBm03XW1r7bCq5z0PrfNXWo3EHtfgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1yrPEMCc-JA7UfiUFrOu4Az74ySA%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
88.99.63.132 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads3.sunbonet.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:35 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023012017093580681767225X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2023012017093580681767225X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
date
Fri, 20 Jan 2023 16:09:35 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 9942 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f376e9abdd93a2272c6543bf2aff1725%2F506313898071075014&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674230974508&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4sab7s68bex8t02k70qvyq5qer8zgd5v2mv75f6s5r4mnkm9dz6ap1ywc5a0t94g2019rjh4psyy225nmzxbgnh0cybc31y6xw7z4fnn4663ak5161098gseebyhzrbz6edm4yrpm5f7zt1qr51r1h07wx5mr68t26dcvzjvhtr57z0syvx1g4anhry5f00qppxm6bb10caa9ppvzw59pcmg0csjts97z6wcasmapnq334khnbc04ce4a2qbcgmaaycdr4w56pxpkdmst0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmAaWvLzKY4u5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEhQJP0FtyO975n_5PTAzovyWATwGr0DN87sGuGxn18ZmS-pZpI3GcvsZNKhEGv2XsOTeK5kqXxHrLQ0ml5zu5X8y7sg2Fqp4hYHVMMVuyiKCffnDCA-FaSM5L1LqfI-FovHsQ4TAk9wJawjaEdsp38oRbXKrEsfu7SEYGjdE8A5uh5AkqzajJcZkyjs5PgRGpiFovn91IMGTWHSzt_HMa45wOZ3rTYMJ1OtoxhJ05YC8RLv7cljQb3KKAb5GRkqs7j5tGMzVm2Jyckqj8D5yJumi3i0jhHr_CfH8JJZKjn3VSc-84ttLJ6y1Qd1HrCKbUxqWSBm03XW1r7bCq5z0PrfNXWo3EHtfgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1yrPEMCc-JA7UfiUFrOu4Az74ySA%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1463609
cf-polished
origFmt=png, origSize=24833
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvnR3Jkb97d2HSknCzxEnqVR0cIKTSMItl3NbkPdRxe99BJKNpk27n2%2BKAUtxE0JDc6hj7vAZhUlWRr30RGHLwj805RTaC2%2Bn0txZ1qWN6KSAm4LF8W%2BvLO1YQy4Y6PE1%2BIT0ud%2BsKIhISGl"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78c9134a0d832c01-FRA
expires
Sat, 21 Jan 2023 16:09:35 GMT
FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame 9942 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f376e9abdd93a2272c6543bf2aff1725%2F506313898071075014&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674230974508&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4sab7s68bex8t02k70qvyq5qer8zgd5v2mv75f6s5r4mnkm9dz6ap1ywc5a0t94g2019rjh4psyy225nmzxbgnh0cybc31y6xw7z4fnn4663ak5161098gseebyhzrbz6edm4yrpm5f7zt1qr51r1h07wx5mr68t26dcvzjvhtr57z0syvx1g4anhry5f00qppxm6bb10caa9ppvzw59pcmg0csjts97z6wcasmapnq334khnbc04ce4a2qbcgmaaycdr4w56pxpkdmst0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmAaWvLzKY4u5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEhQJP0FtyO975n_5PTAzovyWATwGr0DN87sGuGxn18ZmS-pZpI3GcvsZNKhEGv2XsOTeK5kqXxHrLQ0ml5zu5X8y7sg2Fqp4hYHVMMVuyiKCffnDCA-FaSM5L1LqfI-FovHsQ4TAk9wJawjaEdsp38oRbXKrEsfu7SEYGjdE8A5uh5AkqzajJcZkyjs5PgRGpiFovn91IMGTWHSzt_HMa45wOZ3rTYMJ1OtoxhJ05YC8RLv7cljQb3KKAb5GRkqs7j5tGMzVm2Jyckqj8D5yJumi3i0jhHr_CfH8JJZKjn3VSc-84ttLJ6y1Qd1HrCKbUxqWSBm03XW1r7bCq5z0PrfNXWo3EHtfgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1yrPEMCc-JA7UfiUFrOu4Az74ySA%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
681293
cf-polished
qual=85, origFmt=jpeg, origSize=85977
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20094
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 16:32:10 GMT
server
cloudflare
etag
"115bea0885590f780802fd14548a1cde"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=idx3Zx0vM028sAdu4jY7DGC%2FQTxXp6kHWk1YkFVAmFBqXsmUWujdBIDkXmRMQBBX1r8TwGTYuge6Av4eIH8wcqKD7LdLgXqK4HGbd3hCb92CrwJ%2FLjej%2BYozzApLuM9nd%2BWSdOhsINynYo5x"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78c9134a0d862c01-FRA
expires
Sat, 21 Jan 2023 16:09:35 GMT
/
partner.blau.de/a/ Frame 9942
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=COrqqLTE1vwCFQOIdwodP0EIdg;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023012017093580681767227X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netm...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023012017093580681767227X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f376e9abdd93a2272c6543bf2aff1725%2F506313898071075014&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674230974508&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4sab7s68bex8t02k70qvyq5qer8zgd5v2mv75f6s5r4mnkm9dz6ap1ywc5a0t94g2019rjh4psyy225nmzxbgnh0cybc31y6xw7z4fnn4663ak5161098gseebyhzrbz6edm4yrpm5f7zt1qr51r1h07wx5mr68t26dcvzjvhtr57z0syvx1g4anhry5f00qppxm6bb10caa9ppvzw59pcmg0csjts97z6wcasmapnq334khnbc04ce4a2qbcgmaaycdr4w56pxpkdmst0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmAaWvLzKY4u5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEhQJP0FtyO975n_5PTAzovyWATwGr0DN87sGuGxn18ZmS-pZpI3GcvsZNKhEGv2XsOTeK5kqXxHrLQ0ml5zu5X8y7sg2Fqp4hYHVMMVuyiKCffnDCA-FaSM5L1LqfI-FovHsQ4TAk9wJawjaEdsp38oRbXKrEsfu7SEYGjdE8A5uh5AkqzajJcZkyjs5PgRGpiFovn91IMGTWHSzt_HMa45wOZ3rTYMJ1OtoxhJ05YC8RLv7cljQb3KKAb5GRkqs7j5tGMzVm2Jyckqj8D5yJumi3i0jhHr_CfH8JJZKjn3VSc-84ttLJ6y1Qd1HrCKbUxqWSBm03XW1r7bCq5z0PrfNXWo3EHtfgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1yrPEMCc-JA7UfiUFrOu4Az74ySA%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads1.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:35 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023012017093580681767227X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
date
Fri, 20 Jan 2023 16:09:35 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 9942 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f376e9abdd93a2272c6543bf2aff1725%2F506313898071075014&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674230974508&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4sab7s68bex8t02k70qvyq5qer8zgd5v2mv75f6s5r4mnkm9dz6ap1ywc5a0t94g2019rjh4psyy225nmzxbgnh0cybc31y6xw7z4fnn4663ak5161098gseebyhzrbz6edm4yrpm5f7zt1qr51r1h07wx5mr68t26dcvzjvhtr57z0syvx1g4anhry5f00qppxm6bb10caa9ppvzw59pcmg0csjts97z6wcasmapnq334khnbc04ce4a2qbcgmaaycdr4w56pxpkdmst0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmAaWvLzKY4u5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEhQJP0FtyO975n_5PTAzovyWATwGr0DN87sGuGxn18ZmS-pZpI3GcvsZNKhEGv2XsOTeK5kqXxHrLQ0ml5zu5X8y7sg2Fqp4hYHVMMVuyiKCffnDCA-FaSM5L1LqfI-FovHsQ4TAk9wJawjaEdsp38oRbXKrEsfu7SEYGjdE8A5uh5AkqzajJcZkyjs5PgRGpiFovn91IMGTWHSzt_HMa45wOZ3rTYMJ1OtoxhJ05YC8RLv7cljQb3KKAb5GRkqs7j5tGMzVm2Jyckqj8D5yJumi3i0jhHr_CfH8JJZKjn3VSc-84ttLJ6y1Qd1HrCKbUxqWSBm03XW1r7bCq5z0PrfNXWo3EHtfgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1yrPEMCc-JA7UfiUFrOu4Az74ySA%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61509
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44710
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:45:52 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoMfxJwFpNGXW%2Ftplpiw0niL7raToE1SUmgnJv69R2tdFaTWGUivf0%2F%2Bt81WfHTDkySwhIiQPDVWOf5hzj7fDCOl5oJFq29rRulSpzkOiqjRq%2FyTkS1XUJLS9T2NP9eiDCDtjEB9UyPkauSr"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78c9134a0d882c01-FRA
expires
Sat, 21 Jan 2023 16:09:35 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 9942 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f376e9abdd93a2272c6543bf2aff1725%2F506313898071075014&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674230974508&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4sab7s68bex8t02k70qvyq5qer8zgd5v2mv75f6s5r4mnkm9dz6ap1ywc5a0t94g2019rjh4psyy225nmzxbgnh0cybc31y6xw7z4fnn4663ak5161098gseebyhzrbz6edm4yrpm5f7zt1qr51r1h07wx5mr68t26dcvzjvhtr57z0syvx1g4anhry5f00qppxm6bb10caa9ppvzw59pcmg0csjts97z6wcasmapnq334khnbc04ce4a2qbcgmaaycdr4w56pxpkdmst0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmAaWvLzKY4u5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEhQJP0FtyO975n_5PTAzovyWATwGr0DN87sGuGxn18ZmS-pZpI3GcvsZNKhEGv2XsOTeK5kqXxHrLQ0ml5zu5X8y7sg2Fqp4hYHVMMVuyiKCffnDCA-FaSM5L1LqfI-FovHsQ4TAk9wJawjaEdsp38oRbXKrEsfu7SEYGjdE8A5uh5AkqzajJcZkyjs5PgRGpiFovn91IMGTWHSzt_HMa45wOZ3rTYMJ1OtoxhJ05YC8RLv7cljQb3KKAb5GRkqs7j5tGMzVm2Jyckqj8D5yJumi3i0jhHr_CfH8JJZKjn3VSc-84ttLJ6y1Qd1HrCKbUxqWSBm03XW1r7bCq5z0PrfNXWo3EHtfgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1yrPEMCc-JA7UfiUFrOu4Az74ySA%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1463603
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226916
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OpTm8C7cKPGAMh36HoJXWDefjyO9fj%2FUqRzJGitnBR1F77pc171mooQfYY%2FjrRaccXeIuexnrjGOSTt%2FVfi1dPjOLV%2FPs4gVv6oBVyGtrYLKrQg%2Blm21C%2BrJGDTkRFOt%2FZIp2ySyVlbwCtS8"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78c9134a0d892c01-FRA
expires
Sat, 21 Jan 2023 16:09:35 GMT
ztpv.php
www.conrad.de/ Frame 9942
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1674230975_d4ed1e10-98dc-11ed-b41e-2266f55646ad&insert=AW&&gdpr=0&gdpr_consent=
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1674230975_d4ed1e10-98dc-11ed-b41e-2266f55646ad&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=f376e9abdd93a2272c6543bf2aff1725%2F506313898071075014&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674230974508&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j4sab7s68bex8t02k70qvyq5qer8zgd5v2mv75f6s5r4mnkm9dz6ap1ywc5a0t94g2019rjh4psyy225nmzxbgnh0cybc31y6xw7z4fnn4663ak5161098gseebyhzrbz6edm4yrpm5f7zt1qr51r1h07wx5mr68t26dcvzjvhtr57z0syvx1g4anhry5f00qppxm6bb10caa9ppvzw59pcmg0csjts97z6wcasmapnq334khnbc04ce4a2qbcgmaaycdr4w56pxpkdmst0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmAaWvLzKY4u5MJm5nsEPqqCNuAmQ4YGEXLaoworwAsCNtwEQASAAYJW6iYKYB4IBF2NhLXB1Yi04MzM5NDY5OTMxNjI0MTI4yAEJqQKhwvBC-yeyPuACAKgDAaoEhQJP0FtyO975n_5PTAzovyWATwGr0DN87sGuGxn18ZmS-pZpI3GcvsZNKhEGv2XsOTeK5kqXxHrLQ0ml5zu5X8y7sg2Fqp4hYHVMMVuyiKCffnDCA-FaSM5L1LqfI-FovHsQ4TAk9wJawjaEdsp38oRbXKrEsfu7SEYGjdE8A5uh5AkqzajJcZkyjs5PgRGpiFovn91IMGTWHSzt_HMa45wOZ3rTYMJ1OtoxhJ05YC8RLv7cljQb3KKAb5GRkqs7j5tGMzVm2Jyckqj8D5yJumi3i0jhHr_CfH8JJZKjn3VSc-84ttLJ6y1Qd1HrCKbUxqWSBm03XW1r7bCq5z0PrfNXWo3EHtfgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1yrPEMCc-JA7UfiUFrOu4Az74ySA%2526client%253Dca-pub-8339469931624128%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:35 GMT
via
1.1 additional-webserver-green-175p (Varnish/7.2)
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=15552000
age
0
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish
158206590
content-type
text/html; charset=UTF-8
cache-control
no-cache
server-timing
intid;desc=c0123d516c7a5f30
cf-ray
78c9134a8f52904f-FRA
expires
-1

Redirect headers

Date
Fri, 20 Jan 2023 16:09:35 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1674230975_d4ed1e10-98dc-11ed-b41e-2266f55646ad&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
postback
s.update.mediamathtag.com/2/2.88.0/619621/AcUEjkgKEAaTdI2w/ Frame 7C98 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.88.0/619621/AcUEjkgKEAaTdI2w/postback?ap=&sr=4&ac=651871&ai=216536&r1=2a01%3A4a0%3A2b%3A%3A&r2=&r3=&pd=avt&ti=616291371190682468&pp=pub-8339469931624128&si=1445604582&ci=619621&dt=6196211556140246740000&de=43003&cr=6622335&c1=4562306&di=https%3A%2F%2Fadncaraota.com&pv=0502ff70-0831-417f-a094-826ec2e9daad&dm=970x250&ui=88a7395e-a9c3-056e-0000-000000000000&sid=AcUEjkgKEAaTdI2w&oz_sc=5aebca5fa618ea8c1bda824f&oz_df=1674230975027&oz_l=6608&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.88.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.212.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 20 Jan 2023 16:09:34 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
ad
v.lkqd.net/ Frame 56B2 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1149379&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fadncaraota.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56318%2C1%2C&c4=true&c5=&c6=56318&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=79440511&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
41b5ae724a5f9fe9b1c366baf49de647d9e408556eff785856ef09ef3e39c735

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:35 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1404
vpaid.js
ad.lkqd.net/vpaid/ Frame 918E 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:35 GMT
content-encoding
gzip
x-sp-metadata
HS256.CM+Vq54GEoUBCiRkYzRlY2IwMi05MDQ1LTRjNzEtOGQ0Yy03NTAyNzRkMDFmZmUQmOLbkZXR/AIaBgi/+aqeBiIKODEuOTUuNS4zNSiyugIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGQ2ZDY1MGUyLWI1ZmEtNDM5My05ZGQwLWM1ZmMyM2RmMmRjNhjF5AMiGAgCEhRjZHMzMzMuZnI4Lmh3Y2RuLm5ldA==.RUxcNKcl0zYNp7W78mJ/bU45kr8kLS+kzMg7ZQR7hfQ=
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1674230975.cds290.fr8.hn,1674230975.cds333.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0c4a6b368be0ef92884f5059206d92611626b6131418658281dff18e4141b2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11141
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 16:09:35 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame 670F 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Fri, 20 Jan 2023 16:09:35 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1674230975.cds290.fr8.hn,1674230975.cds288.fr8.c
x-sp-metadata
HS256.CM+Vq54GEoUBCiQyZGMyN2FjNy00MmVkLTQxYWUtYTg3Yi02ZGY1Zjg3MGNkODIQmOLbkZXR/AIaBgi/+aqeBiIKODEuOTUuNS4zNSiyugIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDFmZmNjZTI4LTM0NmEtNGYzZS1hODA5LTYwNzc4NWJlZTM1ZhjaDiIYCAISFGNkczI4OC5mcjguaHdjZG4ubmV0.kzLkJ7me6d6OhXVEGcIKmDHPGIbQv9ifxfmHqfpE1W0=
ad
v.lkqd.net/ Frame 918E 		94 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1149379&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fadncaraota.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56318%2C1%2C&c4=true&c5=&c6=56318&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=79440511&m=&rtv=1&thost=adncaraota.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
df975ab6989dd3a6bc6bad741579aa01a32f90391a3cbb0425cbf084b76a4af3

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 20 Jan 2023 16:09:35 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4723
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1149379&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fadncaraota.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56318%2C1%2C&c4=true&c5=&c6=56318&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=79440511&m=&rtv=1&thost=adncaraota.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Fri, 20 Jan 2023 16:09:35 GMT
server
nginx
postback
s.update.mediamathtag.com/2/2.88.0/619621/AcUEjkgKEAaTdI2w/ Frame 7C98 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.88.0/619621/AcUEjkgKEAaTdI2w/postback?ap=&sr=4&ac=651871&ai=216536&r1=2a01%3A4a0%3A2b%3A%3A&r2=&r3=&pd=avt&ti=616291371190682468&pp=pub-8339469931624128&si=1445604582&ci=619621&dt=6196211556140246740000&de=43003&cr=6622335&c1=4562306&di=https%3A%2F%2Fadncaraota.com&pv=0502ff70-0831-417f-a094-826ec2e9daad&dm=970x250&ui=88a7395e-a9c3-056e-0000-000000000000&sid=AcUEjkgKEAaTdI2w&oz_sc=5aebca5fa618ea8c1bda824f&oz_df=1674230975414&oz_l=392&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.88.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.212.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 20 Jan 2023 16:09:35 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
tracking-event
api.webgains.io/ Frame 7C98 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 20 Jan 2023 16:09:35 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Fri, 20 Jan 2023 16:09:35 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 2E99 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 20 Jan 2023 16:09:35 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Fri, 20 Jan 2023 16:09:35 GMT
server
nginx
cs
cs.lkqd.net/ Frame 670F
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=60c28c14-4e92-4b86-a65c-fced014233fc
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=60c28c14-4e92-4b86-a65c-fced014233fc
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=60c28c14-4e92-4b86-a65c-fced014233fc
date
Fri, 20 Jan 2023 16:09:35 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 670F 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 670F 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 670F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2930553025957810747
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2930553025957810747
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2930553025957810747
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:35 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 670F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=teGXuYRATmdgaXdHAJtNPlFfBSM
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=teGXuYRATmdgaXdHAJtNPlFfBSM
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:35 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=teGXuYRATmdgaXdHAJtNPlFfBSM
Date
Fri, 20 Jan 2023 16:09:35 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 38FE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adncaraota.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4160
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 15:00:15 GMT
expires
Sat, 20 Jan 2024 15:00:15 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2C8B 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c707766465b4d641df531416c0add130ca3d9575a98acc946bb7ecf312d5e38a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MB-kjO0jP228UVdYxbIJpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adncaraota.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-MB-kjO0jP228UVdYxbIJpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 16:09:35 GMT
expires
Fri, 20 Jan 2023 16:09:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
pagead2.googlesyndication.com/bg/ Frame 38FE 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30379
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16089
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Jan 2024 07:43:16 GMT
postback
s.update.mediamathtag.com/2/2.88.0/619621/AcUEjkgKEAaTdI2w/ Frame 7C98 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.88.0/619621/AcUEjkgKEAaTdI2w/postback?ap=&sr=4&ac=651871&ai=216536&r1=2a01%3A4a0%3A2b%3A%3A&r2=&r3=&pd=avt&ti=616291371190682468&pp=pub-8339469931624128&si=1445604582&ci=619621&dt=6196211556140246740000&de=43003&cr=6622335&c1=4562306&di=https%3A%2F%2Fadncaraota.com&pv=0502ff70-0831-417f-a094-826ec2e9daad&dm=970x250&ui=88a7395e-a9c3-056e-0000-000000000000&sid=AcUEjkgKEAaTdI2w&oz_sc=5aebca5fa618ea8c1bda824f&oz_df=1674230975649&oz_l=35&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.88.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.212.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 20 Jan 2023 16:09:35 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
067027a3-7f91-43d3-a3e5-a0f7f6580ab0
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/ Frame 7C98 		802 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/067027a3-7f91-43d3-a3e5-a0f7f6580ab0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
facd25d708d9c13ecbbee553e7eb9e729075f1e929bb528cad034217135f0692

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length
802
Content-Type
t
t.lkqd.net/ Frame AD38 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:36 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ Frame 2C8B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023011101&jk=3838471428749248&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:36 GMT
server
nginx
/
adx.adform.net/adx/ 		65 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fadncaraota.com%2F
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://adncaraota.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/ 		65 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fadncaraota.com%2F&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://adncaraota.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		832 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C78026141118018039411768667378%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ce32678eed0ddc21c76fa328e4c78414a9fb7e3165ed90ff638e013d888eddba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:35 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
832
x-sticky-vk
1674230975673097-333
Expires
Fri, 20 Jan 2023 16:09:35 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		832 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C78026141118018039411061113520%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2f007cdfe9d9a7632269464ce5d3aacb47bff5887889e2326b2a7458f17a5deb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:35 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
832
x-sticky-vk
1674230975753006-403
Expires
Fri, 20 Jan 2023 16:09:35 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		816 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C17139180887802614111801803941,,&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ee9e1fb6d144f06e8b0718dbd35a5f9cc8dcc8a0836b7e13b9ec8fff2784f716

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:35 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
816
x-sticky-vk
1674230975705077-336
Expires
Fri, 20 Jan 2023 16:09:35 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		816 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C10577908467802614111801803941,,&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
71bb2a0919d6b6f934f189cd812fad1943ca087d7a5798edcca81719c29d950f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:35 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
816
x-sticky-vk
1674230975684093-425
Expires
Fri, 20 Jan 2023 16:09:35 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1004 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fadncaraota.com%2F&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C78026141118018039411710547745%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
55492e5976313eec87f99294779a9041ed4b4e4fac77c4335b4f6a034ffef5ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:35 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
619
expires
Fri, 20 Jan 2023 16:09:35 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1003 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fadncaraota.com%2F&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C7802614111801803941533628878%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
38854a707e2158f322102ca92759a1397c8cd81bddbc507c17e5500ec83bc40c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:35 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
618
expires
Fri, 20 Jan 2023 16:09:35 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1003 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fadncaraota.com%2F&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C7802614111801803941906185886%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e06d525c7f9d44bad343f69b192b3a517a046bf0b07e3540a836e57f108c5f8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:35 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
618
expires
Fri, 20 Jan 2023 16:09:35 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		816 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C21218837287802614111801803941,,&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3159d75f9147f753e005cf0f7d3d06e70ba29ee34e604d21b0cc6bbe372bef72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:35 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
816
x-sticky-vk
1674230975777005-419
Expires
Fri, 20 Jan 2023 16:09:35 GMT
postback
s.update.mediamathtag.com/2/2.88.0/619621/AcUEjkgKEAaTdI2w/ Frame 7C98 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.88.0/619621/AcUEjkgKEAaTdI2w/postback?ap=&sr=4&ac=651871&ai=216536&r1=2a01%3A4a0%3A2b%3A%3A&r2=&r3=&pd=avt&ti=616291371190682468&pp=pub-8339469931624128&si=1445604582&ci=619621&dt=6196211556140246740000&de=43003&cr=6622335&c1=4562306&di=https%3A%2F%2Fadncaraota.com&pv=0502ff70-0831-417f-a094-826ec2e9daad&dm=970x250&ui=88a7395e-a9c3-056e-0000-000000000000&sid=AcUEjkgKEAaTdI2w&oz_sc=5aebca5fa618ea8c1bda824f&oz_df=1674230975808&oz_l=716&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.88.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.212.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 20 Jan 2023 16:09:35 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:36 GMT
server
nginx
t
t.lkqd.net/ Frame AD38 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:36 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame 918E 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 21D1 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop162.fr8.t,1674230973.cds342.fr8.shn,1674230973.dop162.fr8.t,1674230975.cds006.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 21D1 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1674230975878
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:35 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop237.fr8.t,1674230975.cds244.fr8.shn,1674230975.cds244.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame 21D1 		0
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:35 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230975813097-400
Expires
Fri, 20 Jan 2023 16:09:35 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 21D1 		301 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fadncaraota.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:35 GMT
Server
nginx
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1674230975833089-342
Expires
Fri, 20 Jan 2023 16:09:35 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 21D1 		67 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C56318%2C1%2C78026141118018039411768667378%2C%2C&_fw_gdpr_consent=&vav=8c51e1a9d67cf1e42f31b82591d32423&vaviv=e10674fc71e6f22920543e8399b56c4a&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fadncaraota.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:35 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1674230975909009-368
Expires
Fri, 20 Jan 2023 16:09:35 GMT
t
t.lkqd.net/ Frame AD38 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:36 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:36 GMT
server
nginx
user-matching
ads.stickyadstv.com/ Frame 21D1 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:35 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230975905048-425
Expires
Fri, 20 Jan 2023 16:09:35 GMT
user-matching
ads.stickyadstv.com/ Frame 21D1 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V7VT13K79NFPB82B92V8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:35 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230975877079-412
Expires
Fri, 20 Jan 2023 16:09:35 GMT
postback
s.update.mediamathtag.com/2/2.88.0/619621/AcUEjkgKEAaTdI2w/ Frame 7C98 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.88.0/619621/AcUEjkgKEAaTdI2w/postback?ap=&sr=4&ac=651871&ai=216536&r1=2a01%3A4a0%3A2b%3A%3A&r2=&r3=&pd=avt&ti=616291371190682468&pp=pub-8339469931624128&si=1445604582&ci=619621&dt=6196211556140246740000&de=43003&cr=6622335&c1=4562306&di=https%3A%2F%2Fadncaraota.com&pv=0502ff70-0831-417f-a094-826ec2e9daad&dm=970x250&ui=88a7395e-a9c3-056e-0000-000000000000&sid=AcUEjkgKEAaTdI2w&oz_sc=5aebca5fa618ea8c1bda824f&oz_df=1674230975965&oz_l=3660&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.88.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.212.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 20 Jan 2023 16:09:35 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame B1BF 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop162.fr8.t,1674230973.cds342.fr8.shn,1674230973.dop162.fr8.t,1674230976.cds006.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame B1BF 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1674230976033
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:36 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop237.fr8.t,1674230976.cds244.fr8.shn,1674230976.cds244.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame B1BF 		0
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:36 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230975991059-390
Expires
Fri, 20 Jan 2023 16:09:36 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame B1BF 		301 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fadncaraota.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:36 GMT
Server
nginx
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1674230976023073-338
Expires
Fri, 20 Jan 2023 16:09:36 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame B1BF 		67 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C56318%2C1%2C78026141118018039411061113520%2C%2C&_fw_gdpr_consent=&vav=b5760b6783f6c447767d2531c3f61f6a&vaviv=8ac3062692bde55d92eb443f383ad683&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fadncaraota.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:36 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1674230976031068-337
Expires
Fri, 20 Jan 2023 16:09:36 GMT
user-matching
ads.stickyadstv.com/ Frame B1BF 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:36 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230976097002-421
Expires
Fri, 20 Jan 2023 16:09:36 GMT
user-matching
ads.stickyadstv.com/ Frame B1BF 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
F51Q481A4W91CPY36X5W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:36 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230976107007-391
Expires
Fri, 20 Jan 2023 16:09:36 GMT
t
t.lkqd.net/ Frame AD38 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:36 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:36 GMT
server
nginx
postback
s.update.mediamathtag.com/2/2.88.0/619621/AcUEjkgKEAaTdI2w/ Frame 7C98 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.88.0/619621/AcUEjkgKEAaTdI2w/postback?ap=&sr=4&ac=651871&ai=216536&r1=2a01%3A4a0%3A2b%3A%3A&r2=&r3=&pd=avt&ti=616291371190682468&pp=pub-8339469931624128&si=1445604582&ci=619621&dt=6196211556140246740000&de=43003&cr=6622335&c1=4562306&di=https%3A%2F%2Fadncaraota.com&pv=0502ff70-0831-417f-a094-826ec2e9daad&dm=970x250&ui=88a7395e-a9c3-056e-0000-000000000000&sid=AcUEjkgKEAaTdI2w&oz_sc=5aebca5fa618ea8c1bda824f&oz_df=1674230976134&oz_l=374&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.88.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.212.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 20 Jan 2023 16:09:36 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 00D4 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop162.fr8.t,1674230973.cds342.fr8.shn,1674230973.dop162.fr8.t,1674230976.cds006.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 00D4 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1674230976219
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:36 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop237.fr8.t,1674230976.cds244.fr8.shn,1674230976.cds244.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame 00D4 		0
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:36 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230976170062-331
Expires
Fri, 20 Jan 2023 16:09:36 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 00D4 		301 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fadncaraota.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:36 GMT
Server
nginx
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1674230976190077-424
Expires
Fri, 20 Jan 2023 16:09:36 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 00D4 		67 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C56318%2C1%2C17139180887802614111801803941%2C%2C&_fw_gdpr_consent=&vav=e099ce48bac99a883a3cf241ddcc4b6a&vaviv=3e5bc0865182b309e04ab91e1801356f&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fadncaraota.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:36 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1674230976219039-356
Expires
Fri, 20 Jan 2023 16:09:36 GMT
user-matching
ads.stickyadstv.com/ Frame 00D4 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:36 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230976249037-358
Expires
Fri, 20 Jan 2023 16:09:36 GMT
user-matching
ads.stickyadstv.com/ Frame 00D4 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
91FW4N962J24VPWZRKVW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:36 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230976204093-393
Expires
Fri, 20 Jan 2023 16:09:36 GMT
t
t.lkqd.net/ Frame AD38 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:36 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:36 GMT
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023011101&jk=3838471428749248&bg=!OTqlOn7NAAYDMoyoIzI7ACkAdvg8WsbTF5Np_1ZYU7Eq38OYMc1xVJ476Ay4J-uB9MLuXVpLGryY3QIAAACWUgAAAANoAQcKAEGWWSS0BfgQSAZKvkmfzoZgLtC-xbONqwnabpa-ijMLY0iIyu6_CGQdBla8WaqcueTGECCXiamFDkyN1gHTbYuoApkCnrpSb4vVfJb6Ptkdc8vUktSyTUW-bXecXzFhipKJXhmxZsx2Z7U35QoSWEg5NC3S4NWrM977q0vNyH_Yy8PV29HNaPmGc6g_bBbgLiUuUfLigDjbMwcDSjxEMoEF-_KCad5dZ2TdkaZnkp9VNii_zYz9jwa39mxb8dRPQ1Gi3pd5FPETMCE65h7zuU2FhbDf6vs01EqplzvtW_G0cudm4ZGMhX21-PSW4I-a-jGCT9Lb5_vsYsNrkD-DWaKy1F-ek20pEwwzoSO6i0ehUE4aQlfAX3BSdV5OVsC7c_T24Q_xevEEv_MHwtcXTyd-onHc_SqTjkplUl1NsJTYQ8AWeLCslfIcwasf6GlUWc04uEen5KQnN5XPDvZY4wlJ1PV28U2B3-xu7W1lACUxZLBEV-iAYrW8k-Iz1k0vvi30WoJ29rU7_9f81-BT5GOgKYKaG7S4bAhdEKfmV44WdUIMAjcjFz24FxITAs2X9czSPXCXb94Ph2cVF5zo8nWszo_HDvT5jhMd5KMSch8OPnjFLXcc8Pg1Ujn5kLGvmD2cpLeOMIQnjwhhEyn65P6TCrIAGwWD_ccqdjCBd59P1T34zX34jlcYTBwF1G9spZ4HryB7DylWmsIx1FQ2me4Nl50OL6H2SiZ_571jSNVvXXmDsXi4TOeyir3nIWLpxVcPXfnIA0DnIihGjkNLgU9J9cj2AEtm2Bv9UDAd1C5qSlnLj0E3TZga4F0P5awozZvpyzDegTwMRVUCx6U0pA_g7-HbkwljidvCak399uJDY7PIRX-x740ROOlRhk-CrmbNWRmZdiTwXZ2IE1ndgPT6RklcBg0fn4W2bX8nCDBB_0Zmy2YVrmmg_3d_ZgZMixyzuPkU-giphJpx_Dk-9gQBSdc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:36 GMT
server
nginx
t
t.lkqd.net/ Frame AD38 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:36 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
ad
v.lkqd.net/ Frame 56B2 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1149379&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fadncaraota.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56318%2C1%2C&c4=true&c5=&c6=56318&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=6527654&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
5ad484874bb6fed659e22ac18ba83642e97910b32a18fb4167193ae9da6fbdcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:36 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1401
vpaid.js
ad.lkqd.net/vpaid/ Frame 7DD8 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:37 GMT
content-encoding
gzip
x-sp-metadata
HS256.CNGVq54GEoUBCiRhYzRjOTNmYi0zYzI3LTQ4ZTgtYmFlNS1hZmJlNzdlYTRiOTEQmOLbkZXR/AIaBgjB+aqeBiIKODEuOTUuNS4zNSiyugIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDhkNjE4OWJkLTBjZTMtNDljNy1hYzU0LWVmOTA1NmU3MzE5ZBjF5AMiGAgCEhRjZHMzMzMuZnI4Lmh3Y2RuLm5ldA==.fls+1EQbyld/cUoFZYyI2L+NJwmYiziZ/xXUs+LWxxw=
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1674230976.cds290.fr8.hn,1674230977.cds333.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
usync.html
ad.lkqd.net/cookie-sync/ Frame 1E48 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Fri, 20 Jan 2023 16:09:37 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1674230977.cds290.fr8.hn,1674230977.cds288.fr8.c
x-sp-metadata
HS256.CNGVq54GEoUBCiRjMTRhN2FlNS05Nzg1LTQ2MTctODIwZC1kMTc4Yjg5NzJjZjUQmOLbkZXR/AIaBgjB+aqeBiIKODEuOTUuNS4zNSiyugIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDMyZjkwYzI4LTEyYTgtNDFhZi04MzVmLWQ3ZDE2NmEyYjBhZBjaDiIYCAISFGNkczI4OC5mcjguaHdjZG4ubmV0.RCaEoBgixLPpZ+lRHzUTyGtf84QR53hBZ6IwwaRmp/s=
ad
v.lkqd.net/ Frame 7DD8 		94 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1149379&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fadncaraota.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56318%2C1%2C&c4=true&c5=&c6=56318&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=6527654&m=&rtv=1&thost=adncaraota.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
b94b432cd4f3e7a6cdc7fa4d1c21142f275341f651d94a70006420b476e48e71

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 20 Jan 2023 16:09:37 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4661
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1149379&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fadncaraota.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56318%2C1%2C&c4=true&c5=&c6=56318&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=6527654&m=&rtv=1&thost=adncaraota.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Fri, 20 Jan 2023 16:09:37 GMT
server
nginx
cs
cs.lkqd.net/ Frame 1E48
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=7116506a-86b5-460f-be2c-3c838ddad97e
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=7116506a-86b5-460f-be2c-3c838ddad97e
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:37 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=7116506a-86b5-460f-be2c-3c838ddad97e
date
Fri, 20 Jan 2023 16:09:37 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 1E48 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:37 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 1E48 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:37 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 1E48
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2930553025957810747
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2930553025957810747
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:37 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2930553025957810747
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:36 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 1E48
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=teGXuYRATmdgaXdHAJtNPlFfBSM
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=teGXuYRATmdgaXdHAJtNPlFfBSM
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:37 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=teGXuYRATmdgaXdHAJtNPlFfBSM
Date
Fri, 20 Jan 2023 16:09:37 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
t
t.lkqd.net/ Frame A149 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:37 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
/
adx.adform.net/adx/ 		65 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fadncaraota.com%2F
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://adncaraota.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/ 		65 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fadncaraota.com%2F&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://adncaraota.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		815 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C4837642986392330272467070526,,&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
80775549f0cbc5ae87715b6744a238b783e06258d5317c3c5e7824d2a8cee04a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:37 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Cneonction
close
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
815
x-sticky-vk
1674230977237043-507
Expires
Fri, 20 Jan 2023 16:09:37 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		832 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C63923302724670705261229706236%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
852bfcf38aa6f2a577756e577b1d1c585f87cefdee09046016ac84f4eab135f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:37 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
832
x-sticky-vk
1674230977244041-371
Expires
Fri, 20 Jan 2023 16:09:37 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		831 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C6392330272467070526802176756%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4ddb89a5240684d7e3563ed7426456e1f0a98aae9b6b5dc5f9e1c345e6f6911f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:37 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
831
x-sticky-vk
1674230977221085-333
Expires
Fri, 20 Jan 2023 16:09:37 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		815 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C2943312036392330272467070526,,&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e86eab3fe3d1d46aca0f053fef64c4fe4df7e40238e8c66f7c5a03fd7a653df0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:37 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
815
x-sticky-vk
1674230977274028-417
Expires
Fri, 20 Jan 2023 16:09:37 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		816 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C19855124186392330272467070526,,&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
23dc94e20d3f49fe8095570012f5b7ca9c7fbcfeff5dda2acf6c38e593d9111b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:37 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
816
x-sticky-vk
1674230977242079-409
Expires
Fri, 20 Jan 2023 16:09:37 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1003 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fadncaraota.com%2F&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C6392330272467070526178481902%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ae02aafc89895198861bf2dc532996003b018d625b2c16cc980b76397a1060f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:37 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
620
expires
Fri, 20 Jan 2023 16:09:37 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1003 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fadncaraota.com%2F&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C6392330272467070526220994163%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
81643cbbba3780fee6a89e81763043d2096fcf7a56967ebccd2f44cfe0ccc20d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:37 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
620
expires
Fri, 20 Jan 2023 16:09:37 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1004 B
864 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fadncaraota.com%2F&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C63923302724670705261844572110%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e2e0d3ffc12ab53102e81ad9ab54148159a82315547c7e54d7b50e66c944e957

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:37 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
621
expires
Fri, 20 Jan 2023 16:09:37 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:37 GMT
server
nginx
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:37 GMT
server
nginx
t
t.lkqd.net/ Frame A149 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:37 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame 7DD8 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame BFF0 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop162.fr8.t,1674230973.cds342.fr8.shn,1674230973.dop162.fr8.t,1674230977.cds006.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame BFF0 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1674230977392
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:37 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop237.fr8.t,1674230977.cds244.fr8.shn,1674230977.cds244.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:37 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230977367052-425
Expires
Fri, 20 Jan 2023 16:09:37 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame BFF0 		301 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fadncaraota.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:37 GMT
Server
nginx
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1674230977400031-355
Expires
Fri, 20 Jan 2023 16:09:37 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame BFF0 		67 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C56318%2C1%2C4837642986392330272467070526%2C%2C&_fw_gdpr_consent=&vav=6db6d5c4ebaec533923977e2786b287c&vaviv=ecf693b9771d2c06c655b1a64624cf49&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fadncaraota.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:37 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1674230977393049-369
Expires
Fri, 20 Jan 2023 16:09:37 GMT
t
t.lkqd.net/ Frame A149 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:37 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:37 GMT
server
nginx
user-matching
ads.stickyadstv.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7FVQ8M7Z29J3XAG60WVT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:37 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230977392082-356
Expires
Fri, 20 Jan 2023 16:09:37 GMT
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame A48C 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop162.fr8.t,1674230973.cds342.fr8.shn,1674230973.dop162.fr8.t,1674230977.cds006.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame A48C 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1674230977581
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:37 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop237.fr8.t,1674230977.cds244.fr8.shn,1674230977.cds244.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame A48C 		0
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:37 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230977525071-342
Expires
Fri, 20 Jan 2023 16:09:37 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame A48C 		301 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fadncaraota.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:37 GMT
Server
nginx
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1674230977566060-385
Expires
Fri, 20 Jan 2023 16:09:37 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame A48C 		67 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C56318%2C1%2C63923302724670705261229706236%2C%2C&_fw_gdpr_consent=&vav=a1db3b91044fb45ac0f88cd557546027&vaviv=fd244827d24a698fdc4075ae9c32e7d9&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fadncaraota.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:37 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1674230977566062-385
Expires
Fri, 20 Jan 2023 16:09:37 GMT
user-matching
ads.stickyadstv.com/ Frame A48C 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:37 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230977618044-416
Expires
Fri, 20 Jan 2023 16:09:37 GMT
user-matching
ads.stickyadstv.com/ Frame A48C 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MNWZ5WPES9883BFR1YNR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:37 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230977618037-359
Expires
Fri, 20 Jan 2023 16:09:37 GMT
t
t.lkqd.net/ Frame A149 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:37 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:37 GMT
server
nginx
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame AEF6 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop162.fr8.t,1674230973.cds342.fr8.shn,1674230973.dop162.fr8.t,1674230977.cds006.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame AEF6 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1674230977766
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:37 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop237.fr8.t,1674230977.cds244.fr8.shn,1674230977.cds244.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame AEF6 		0
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:37 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230977765017-380
Expires
Fri, 20 Jan 2023 16:09:37 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame AEF6 		301 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fadncaraota.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:37 GMT
Server
nginx
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1674230977770034-354
Expires
Fri, 20 Jan 2023 16:09:37 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame AEF6 		67 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C56318%2C1%2C6392330272467070526802176756%2C%2C&_fw_gdpr_consent=&vav=45752403303a857df37f842df84b25e0&vaviv=e10674fc71e6f22920543e8399b56c4a&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fadncaraota.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:37 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1674230977832001-543
Expires
Fri, 20 Jan 2023 16:09:37 GMT
user-matching
ads.stickyadstv.com/ Frame AEF6 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:37 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230977809027-338
Expires
Fri, 20 Jan 2023 16:09:37 GMT
user-matching
ads.stickyadstv.com/ Frame AEF6 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RS4SAZC44T3K98PCF4GN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:37 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230977813031-404
Expires
Fri, 20 Jan 2023 16:09:37 GMT
t
t.lkqd.net/ Frame A149 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:37 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:37 GMT
server
nginx
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame C40E 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop162.fr8.t,1674230973.cds342.fr8.shn,1674230973.dop162.fr8.t,1674230978.cds006.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame C40E 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1674230978033
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:38 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop237.fr8.t,1674230978.cds244.fr8.shn,1674230978.cds244.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame C40E 		0
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:38 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230978014045-588
Expires
Fri, 20 Jan 2023 16:09:38 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame C40E 		301 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fadncaraota.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:38 GMT
Server
nginx
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1674230978008073-394
Expires
Fri, 20 Jan 2023 16:09:38 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame C40E 		67 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C56318%2C1%2C2943312036392330272467070526%2C%2C&_fw_gdpr_consent=&vav=f422073947419f8c51240bdc11a1cbb4&vaviv=6be24d82834c192deeadcedc0e775b56&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fadncaraota.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:38 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1674230978021056-349
Expires
Fri, 20 Jan 2023 16:09:38 GMT
t
t.lkqd.net/ Frame A149 		0
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:38 GMT
server
nginx
user-matching
ads.stickyadstv.com/ Frame C40E 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:38 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230978067032-428
Expires
Fri, 20 Jan 2023 16:09:38 GMT
user-matching
ads.stickyadstv.com/ Frame C40E 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0VVBCCPJTHJ3DHCW6ZS0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:38 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230978038064-374
Expires
Fri, 20 Jan 2023 16:09:38 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:38 GMT
server
nginx
t
t.lkqd.net/ Frame A149 		0
0
ad
v.lkqd.net/ Frame 56B2 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1149379&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fadncaraota.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56318%2C1%2C&c4=true&c5=&c6=56318&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=82874050&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
b94ccbceee415b4286f15356e36801edceb048e70936802cee94e929ef6487fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:38 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1405
postback
s.update.mediamathtag.com/2/2.88.0/619621/AcUEjkgKEAaTdI2w/ Frame 7C98 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.88.0/619621/AcUEjkgKEAaTdI2w/postback?ap=&sr=4&ac=651871&ai=216536&r1=2a01%3A4a0%3A2b%3A%3A&r2=&r3=&pd=avt&ti=616291371190682468&pp=pub-8339469931624128&si=1445604582&ci=619621&dt=6196211556140246740000&de=43003&cr=6622335&c1=4562306&di=https%3A%2F%2Fadncaraota.com&pv=0502ff70-0831-417f-a094-826ec2e9daad&dm=970x250&ui=88a7395e-a9c3-056e-0000-000000000000&sid=AcUEjkgKEAaTdI2w&oz_sc=5aebca5fa618ea8c1bda824f&oz_df=1674230978671&oz_l=294&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.88.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.212.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 20 Jan 2023 16:09:38 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
vpaid.js
ad.lkqd.net/vpaid/ Frame 0462 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:38 GMT
content-encoding
gzip
x-sp-metadata
HS256.CNKVq54GEoUBCiRhYTIxN2JiMy05NDIxLTQwNTktYjJkNS0xNWYxZDg1MDZkMDIQmOLbkZXR/AIaBgjC+aqeBiIKODEuOTUuNS4zNSiyugIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGE1ODVjNjVjLTUzYjktNDUxMS1iNzUwLTQ2MDViNzMwYmI4MhjF5AMiGAgCEhRjZHMzMzMuZnI4Lmh3Y2RuLm5ldA==.gqCMFjBeSwI/X60MKdf86k/7RfXCmrX7uJgB8ngb83Y=
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1674230978.cds290.fr8.hn,1674230978.cds333.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
usync.html
ad.lkqd.net/cookie-sync/ Frame 26A8 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Fri, 20 Jan 2023 16:09:38 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1674230978.cds290.fr8.hn,1674230978.cds288.fr8.c
x-sp-metadata
HS256.CNKVq54GEoUBCiRiNGUwY2Y1Mi03ZTNhLTQxYzQtOTE0My1hYzE1ZmY2ZmY1OWIQmOLbkZXR/AIaBgjC+aqeBiIKODEuOTUuNS4zNSiyugIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDQwZTBiZGUyLWQ1MzgtNDMxYi05NTU3LTE2YmYzYThiZjU2ZhjaDiIYCAISFGNkczI4OC5mcjguaHdjZG4ubmV0.LdmbUf5r3bNwSHNaYanHWJKPZ+EOeOjdnGoXlBUkAhs=
ad
v.lkqd.net/ Frame 0462 		103 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1149379&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fadncaraota.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56318%2C1%2C&c4=true&c5=&c6=56318&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=82874050&m=&rtv=1&thost=adncaraota.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e9b1a9f81a886655a40f6220d9a740e75fe9bdc55ea4a8c41797a4a0d4036d5c

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 20 Jan 2023 16:09:38 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
5311
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1149379&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fadncaraota.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56318%2C1%2C&c4=true&c5=&c6=56318&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=82874050&m=&rtv=1&thost=adncaraota.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Fri, 20 Jan 2023 16:09:38 GMT
server
nginx
cs
cs.lkqd.net/ Frame 26A8
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=e80ce781-cc2f-4d73-9c30-85f241dc9279
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=e80ce781-cc2f-4d73-9c30-85f241dc9279
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:39 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=e80ce781-cc2f-4d73-9c30-85f241dc9279
date
Fri, 20 Jan 2023 16:09:38 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 26A8 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:39 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 26A8 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:39 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 26A8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2930553025957810747
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2930553025957810747
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:39 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2930553025957810747
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 26A8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=teGXuYRATmdgaXdHAJtNPlFfBSM
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=teGXuYRATmdgaXdHAJtNPlFfBSM
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:39 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=teGXuYRATmdgaXdHAJtNPlFfBSM
Date
Fri, 20 Jan 2023 16:09:38 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
t
t.lkqd.net/ Frame EE32 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:39 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:39 GMT
server
nginx
av
vidoomy-d.openx.net/v/1.0/ 		48 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fadncaraota.com%2F&cb=590281969&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C27253336883161881661208964609,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:39 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/xml
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://adncaraota.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ 		65 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fadncaraota.com%2F
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://adncaraota.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/ 		65 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fadncaraota.com%2F&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://adncaraota.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		816 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C14557498782725333688316188166,,&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ca44bf25fce819841aef26bf33576c1e8198933df2e5c7f8850316fdbfd236c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
816
x-sticky-vk
1674230978957091-339
Expires
Fri, 20 Jan 2023 16:09:39 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		831 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C2725333688316188166681087288%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9a2307bfd1c3993fdb5d74816305b5c2dfd13ee3ec0e3eb599afb4df2f465e5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
831
x-sticky-vk
1674230978971080-358
Expires
Fri, 20 Jan 2023 16:09:39 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		832 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C27253336883161881661214046522%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7ed794a2001e8707600a5a64ba912efe07fdadfae36ba1c5934b7b17eebd4c58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
832
x-sticky-vk
1674230979040000-409
Expires
Fri, 20 Jan 2023 16:09:39 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		816 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C10467820582725333688316188166,,&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
30ce059c97e066e3a38b803be84685724edb0273325a49488d772ca71ea6cc2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
816
x-sticky-vk
1674230979016062-386
Expires
Fri, 20 Jan 2023 16:09:39 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		815 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C2987718982725333688316188166,,&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
30f2330207f95238c488b41a641149901f7fd6f1b871552e2058a0d765d49feb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
815
x-sticky-vk
1674230979047013-383
Expires
Fri, 20 Jan 2023 16:09:39 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1003 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fadncaraota.com%2F&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C2725333688316188166647638481%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2dc62bd3bb815a3c0c7a98c91c6f01e56fab967100b066f1bcd2375d44a5ac97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:39 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
619
expires
Fri, 20 Jan 2023 16:09:39 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1003 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fadncaraota.com%2F&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C2725333688316188166161850490%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
524f3a5dd388284379592278aec9d673855ecde2536cb363a00c661972e9e2b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:39 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
619
expires
Fri, 20 Jan 2023 16:09:39 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1003 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fadncaraota.com%2F&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C2725333688316188166762916235%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5d0c18ffb6c065f10684ce641bdaf313d795de1bfc1e00eabd9e8f6efbb1c5e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:39 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
620
expires
Fri, 20 Jan 2023 16:09:39 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:39 GMT
server
nginx
t
t.lkqd.net/ Frame EE32 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:39 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame 0462 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame A9F8 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop162.fr8.t,1674230973.cds342.fr8.shn,1674230973.dop162.fr8.t,1674230979.cds006.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame A9F8 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1674230979165
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:39 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop237.fr8.t,1674230979.cds244.fr8.shn,1674230979.cds244.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame A9F8 		0
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230979167011-332
Expires
Fri, 20 Jan 2023 16:09:39 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame A9F8 		301 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fadncaraota.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1674230979115099-421
Expires
Fri, 20 Jan 2023 16:09:39 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame A9F8 		67 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C56318%2C1%2C14557498782725333688316188166%2C%2C&_fw_gdpr_consent=&vav=f18b1219c94a99b695e5e49653a140a5&vaviv=f25a3909ca4648aaa38f765e1083af42&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fadncaraota.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1674230979171036-583
Expires
Fri, 20 Jan 2023 16:09:39 GMT
t
t.lkqd.net/ Frame EE32 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:39 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:39 GMT
server
nginx
user-matching
ads.stickyadstv.com/ Frame A9F8 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230979151092-430
Expires
Fri, 20 Jan 2023 16:09:39 GMT
user-matching
ads.stickyadstv.com/ Frame A9F8 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5J5G3ZRKYQGQ5MPBWVG0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230979192044-346
Expires
Fri, 20 Jan 2023 16:09:39 GMT
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame BEB4 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop162.fr8.t,1674230973.cds342.fr8.shn,1674230973.dop162.fr8.t,1674230979.cds006.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame BEB4 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1674230979320
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:39 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop237.fr8.t,1674230979.cds244.fr8.shn,1674230979.cds244.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame BEB4 		0
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230979254086-369
Expires
Fri, 20 Jan 2023 16:09:39 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame BEB4 		301 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fadncaraota.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1674230979291079-383
Expires
Fri, 20 Jan 2023 16:09:39 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame BEB4 		67 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C56318%2C1%2C2725333688316188166681087288%2C%2C&_fw_gdpr_consent=&vav=d4909add263ad2aad7d339283dc23ebe&vaviv=b4c5630a919aecf68c38de3c26cd90ae&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fadncaraota.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1674230979274097-339
Expires
Fri, 20 Jan 2023 16:09:39 GMT
user-matching
ads.stickyadstv.com/ Frame BEB4 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230979344037-360
Expires
Fri, 20 Jan 2023 16:09:39 GMT
user-matching
ads.stickyadstv.com/ Frame BEB4 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z47NN7KYCF72B58SZQS2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230979344054-400
Expires
Fri, 20 Jan 2023 16:09:39 GMT
t
t.lkqd.net/ Frame EE32 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:39 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:39 GMT
server
nginx
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame B5E9 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop162.fr8.t,1674230973.cds342.fr8.shn,1674230973.dop162.fr8.t,1674230979.cds006.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame B5E9 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1674230979503
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:39 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop237.fr8.t,1674230979.cds244.fr8.shn,1674230979.cds244.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame B5E9 		0
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230979516000-347
Expires
Fri, 20 Jan 2023 16:09:39 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame B5E9 		301 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fadncaraota.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1674230979485055-564
Expires
Fri, 20 Jan 2023 16:09:39 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame B5E9 		67 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C56318%2C1%2C27253336883161881661214046522%2C%2C&_fw_gdpr_consent=&vav=1e64d84657e5ed4032d351b689943165&vaviv=cc2007863bd19856465bfbca218ea25f&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fadncaraota.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1674230979532003-373
Expires
Fri, 20 Jan 2023 16:09:39 GMT
user-matching
ads.stickyadstv.com/ Frame B5E9 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230979562016-516
Expires
Fri, 20 Jan 2023 16:09:39 GMT
user-matching
ads.stickyadstv.com/ Frame B5E9 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7JM94GYYYA908NTDBD5S
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230979540039-377
Expires
Fri, 20 Jan 2023 16:09:39 GMT
t
t.lkqd.net/ Frame EE32 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:39 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:39 GMT
server
nginx
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 1C9E 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop162.fr8.t,1674230973.cds342.fr8.shn,1674230973.dop162.fr8.t,1674230979.cds006.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 1C9E 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1674230979704
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:39 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop237.fr8.t,1674230979.cds244.fr8.shn,1674230979.cds244.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame 1C9E 		0
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230979634098-353
Expires
Fri, 20 Jan 2023 16:09:39 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 1C9E 		301 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fadncaraota.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1674230979667082-408
Expires
Fri, 20 Jan 2023 16:09:39 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 1C9E 		67 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C56318%2C1%2C10467820582725333688316188166%2C%2C&_fw_gdpr_consent=&vav=07e2e77fbd33489e112597f98ab76387&vaviv=476c0faffb53e5f6b249aec1c3d0a459&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fadncaraota.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1674230979699064-340
Expires
Fri, 20 Jan 2023 16:09:39 GMT
user-matching
ads.stickyadstv.com/ Frame 1C9E 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230979701077-343
Expires
Fri, 20 Jan 2023 16:09:39 GMT
user-matching
ads.stickyadstv.com/ Frame 1C9E 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8WJEPRZ10PYR977F1WJ2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:39 GMT
Server
nginx
nnCoection
close
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Access-Control-Allow-Credentials
true
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230979723053-345
Expires
Fri, 20 Jan 2023 16:09:39 GMT
t
t.lkqd.net/ Frame EE32 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:39 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:39 GMT
server
nginx
t
t.lkqd.net/ Frame EE32 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:40 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:39 GMT
server
nginx
postback
s.update.mediamathtag.com/2/2.88.0/619621/AcUEjkgKEAaTdI2w/ Frame 7C98 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.88.0/619621/AcUEjkgKEAaTdI2w/postback?ap=&sr=4&ac=651871&ai=216536&r1=2a01%3A4a0%3A2b%3A%3A&r2=&r3=&pd=avt&ti=616291371190682468&pp=pub-8339469931624128&si=1445604582&ci=619621&dt=6196211556140246740000&de=43003&cr=6622335&c1=4562306&di=https%3A%2F%2Fadncaraota.com&pv=0502ff70-0831-417f-a094-826ec2e9daad&dm=970x250&ui=88a7395e-a9c3-056e-0000-000000000000&sid=AcUEjkgKEAaTdI2w&oz_sc=5aebca5fa618ea8c1bda824f&oz_df=1674230979975&oz_l=268&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.88.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.240.212.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 20 Jan 2023 16:09:39 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
ad
v.lkqd.net/ Frame 56B2 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1149379&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fadncaraota.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56318%2C1%2C&c4=true&c5=&c6=56318&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=76777102&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
d01c4e5e8a06c05ed543e117225289bbed1d451aa6003332e0649301393aa4c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:40 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1404
vpaid.js
ad.lkqd.net/vpaid/ Frame CCCC 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:40 GMT
content-encoding
gzip
x-sp-metadata
HS256.CNSVq54GEoUBCiQ1OTkwMTMyZi1iMmIzLTQyNzktYWMzZS1mYmRiYTA3ZmNlNzcQmOLbkZXR/AIaBgjE+aqeBiIKODEuOTUuNS4zNSiyugIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDQ2MmViZjUxLWVkY2QtNGNlYS1hMTkyLTM1ZDdhYjYzNWU0ZRjF5AMiGAgCEhRjZHMzMzMuZnI4Lmh3Y2RuLm5ldA==.l+/Z9He0wNEWvXTjR+URT3nU8jVOwzw27gFJyvtWIwI=
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1674230980.cds290.fr8.hn,1674230980.cds333.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
usync.html
ad.lkqd.net/cookie-sync/ Frame E01E 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Fri, 20 Jan 2023 16:09:40 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1674230980.cds290.fr8.hn,1674230980.cds288.fr8.c
x-sp-metadata
HS256.CNSVq54GEoUBCiRlNTRjNTEzMS0zM2I3LTQ2YmQtOGYyNC0zOTc2ZjAzM2ZiMDIQmOLbkZXR/AIaBgjE+aqeBiIKODEuOTUuNS4zNSiyugIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDAxMzM4NzJlLWVjYTktNDY1Zi05NDI1LTkyOGEyMDNiYTE0NBjaDiIYCAISFGNkczI4OC5mcjguaHdjZG4ubmV0.cxF5C8KJQHsExC+VIEK0qopUkyIPQgkC6vBUYJ7Vs4M=
ad
v.lkqd.net/ Frame CCCC 		102 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1149379&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fadncaraota.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56318%2C1%2C&c4=true&c5=&c6=56318&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=76777102&m=&rtv=1&thost=adncaraota.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
77fa866045cfe421b0633892dc144ccb414f5cb726874474dab61193c5444233

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 20 Jan 2023 16:09:40 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4956
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1149379&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fadncaraota.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56318%2C1%2C&c4=true&c5=&c6=56318&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=76777102&m=&rtv=1&thost=adncaraota.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Fri, 20 Jan 2023 16:09:40 GMT
server
nginx
cs
cs.lkqd.net/ Frame E01E
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=07475443-c017-4e9a-9747-40c6bad0455a
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=07475443-c017-4e9a-9747-40c6bad0455a
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=07475443-c017-4e9a-9747-40c6bad0455a
date
Fri, 20 Jan 2023 16:09:40 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame E01E 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame E01E 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame E01E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2930553025957810747
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2930553025957810747
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2930553025957810747
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame E01E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=teGXuYRATmdgaXdHAJtNPlFfBSM
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=teGXuYRATmdgaXdHAJtNPlFfBSM
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.66 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:09:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=teGXuYRATmdgaXdHAJtNPlFfBSM
Date
Fri, 20 Jan 2023 16:09:40 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
t
t.lkqd.net/ Frame 0F21 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:40 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:40 GMT
server
nginx
av
vidoomy-d.openx.net/v/1.0/ 		48 B
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fadncaraota.com%2F&cb=474049872&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C2907390703661520970983052332,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:40 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/xml
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://adncaraota.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ 		65 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fadncaraota.com%2F
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://adncaraota.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/ 		65 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fadncaraota.com%2F&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://adncaraota.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		816 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C10085921692907390703661520970,,&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
707764cfbbe09ad58f5c5a43326e44b548296f60b5344d52ef54f0dbe1c33979

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:40 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
816
x-sticky-vk
1674230980820087-514
Expires
Fri, 20 Jan 2023 16:09:40 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		832 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C29073907036615209702055304743%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a4710f6e3d875768cdd2e1bd818ea1934a27debe925b8c983c6ffc773aa6892f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:40 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
832
x-sticky-vk
1674230980821093-370
Expires
Fri, 20 Jan 2023 16:09:40 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		831 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C2907390703661520970390855556%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cff23a369dfed40d8c5dbdb2f5bd6299917998431c6bf889525a3645cc3854dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:40 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
831
x-sticky-vk
1674230980835090-575
Expires
Fri, 20 Jan 2023 16:09:40 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		816 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C18041355972907390703661520970,,&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9d274141586be01518211cbd1fe70b53fc6286fa8331fcd93f19b22c44f31f35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:40 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
816
x-sticky-vk
1674230980869046-415
Expires
Fri, 20 Jan 2023 16:09:40 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		815 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C7215453362907390703661520970,,&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
eda91013cf6c5ac6efa537b814da9abfb85877fdee7f5f864aba20bf72f76179

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:40 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
815
x-sticky-vk
1674230980859060-401
Expires
Fri, 20 Jan 2023 16:09:40 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1003 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fadncaraota.com%2F&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C2907390703661520970507205788%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43a04cf9b79302b18608bae48ec203cd2516ab2cdd4051bedc38005c283da4ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:40 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
619
expires
Fri, 20 Jan 2023 16:09:40 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1003 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fadncaraota.com%2F&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C2907390703661520970120993519%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
406f830e761cef97885504dd7f3fefff9ea2788bafdb9ddf46daea5b075e80da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:40 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
618
expires
Fri, 20 Jan 2023 16:09:40 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1003 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fadncaraota.com%2F&schain=1.0%2C1%21vidoomy.com%2C56318%2C1%2C2907390703661520970171712609%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:40 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://adncaraota.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
618
expires
Fri, 20 Jan 2023 16:09:40 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:41 GMT
server
nginx
t
t.lkqd.net/ Frame 0F21 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://adncaraota.com
date
Fri, 20 Jan 2023 16:09:41 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame CCCC 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame CB72 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop162.fr8.t,1674230973.cds342.fr8.shn,1674230973.dop162.fr8.t,1674230981.cds006.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame CB72 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1674230981524
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:41 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop237.fr8.t,1674230981.cds244.fr8.shn,1674230981.cds244.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame CB72 		0
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:41 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230981538006-583
Expires
Fri, 20 Jan 2023 16:09:41 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame CB72 		301 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fadncaraota.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:41 GMT
Server
nginx
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1674230981529039-376
Expires
Fri, 20 Jan 2023 16:09:41 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame CB72 		67 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C56318%2C1%2C10085921692907390703661520970%2C%2C&_fw_gdpr_consent=&vav=60ef77b1759d5bba32bd5801fce2affc&vaviv=cc1010ca669a3c649d413003ce8d70ab&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fadncaraota.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:41 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1674230981550022-401
Expires
Fri, 20 Jan 2023 16:09:41 GMT
user-matching
ads.stickyadstv.com/ Frame CB72 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:41 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230981507099-396
Expires
Fri, 20 Jan 2023 16:09:41 GMT
user-matching
ads.stickyadstv.com/ Frame CB72 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7X9EX05AZD8PXCMVPS8V
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:41 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230981587017-514
Expires
Fri, 20 Jan 2023 16:09:41 GMT
t
t.lkqd.net/ Frame 0F21 		0
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.109 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://adncaraota.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://adncaraota.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 20 Jan 2023 16:09:41 GMT
server
nginx
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 4AA0 		342 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop162.fr8.t,1674230973.cds342.fr8.shn,1674230973.dop162.fr8.t,1674230981.cds006.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
117960
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 4AA0 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1674230981673
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 16:09:41 GMT
Last-Modified
Thu, 26 May 2022 08:10:46 GMT
ETag
"1653552646"
X-HW
1674230973.dop237.fr8.t,1674230981.cds244.fr8.shn,1674230981.cds244.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame 4AA0 		0
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 16:09:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:41 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230981666016-396
Expires
Fri, 20 Jan 2023 16:09:41 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 4AA0 		301 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fadncaraota.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:41 GMT
Server
nginx
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1674230981649085-364
Expires
Fri, 20 Jan 2023 16:09:41 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 4AA0 		67 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C56318%2C1%2C29073907036615209702055304743%2C%2C&_fw_gdpr_consent=&vav=b973337ccb29ab2ec9b04535a33835b4&vaviv=f97e8f68bb73f783b1beeccad7d3b007&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.5.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fadncaraota.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:41 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://adncaraota.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1674230981714013-526
Expires
Fri, 20 Jan 2023 16:09:41 GMT
user-matching
ads.stickyadstv.com/ Frame 4AA0 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adncaraota.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 16:09:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 16:09:41 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRjNmVmMWU4OTU3MDNlYTFlZjA1MTJlNDM3MzY=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1674230981728009-345
Expires
Fri, 20 Jan 2023 16:09:41 GMT
user-matching
ads.stickyadstv.com/ Frame 4AA0 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
0
0
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 6A5D 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
certify.alexametrics.com
URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Noticias%20de%20Venezuela%20y%20el%20Mundo%20-%20Caraota%20Digital&time=1674230970415&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fadncaraota.com%2F&random_number=1894232497&sess_cookie=c9ce8320185cff1382f6b04f2f0&sess_cookie_flag=1&user_cookie=c9ce8320185cff1382f6b04f2f0&user_cookie_flag=1&dynamic=true&domain=caraotadigital.net&account=Vg7Io1IWhe10em&jsv=20130128&user_lang=en-US
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/ecm3?id=74c6ef1e895703ea1ef0512e43736&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Domain
cdn.stickyadstv.com
URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js

Verdicts & Comments Add Verdict or Comment

357 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| oncontentvisibilityautostatechange undefined| $ function| jQuery object| tdb_globals object| tdwGlobal object| tdaGlobal function| documentInitOneSignal function| OneSignal object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| td_user_incorrect string| td_email_user_empty string| td_pass_empty string| td_pass_pattern_incorrect string| td_retype_pass_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target function| gtag object| dataLayer string| pm_tag string| pm_pid object| _atrk_opts object| block_tdi_66 object| block_tdi_69 object| block_tdi_73 object| block_tdi_78 object| block_tdi_92 object| block_tdi_101 object| block_tdi_106 object| block_tdi_115 object| block_tdi_128 object| block_tdi_132 object| block_tdi_138 object| block_tdi_144 object| block_tdi_150 object| block_tdi_154 object| block_tdi_160 object| block_tdi_166 object| block_tdi_167 object| block_tdi_171 object| block_tdi_172 function| atrk boolean| _atrk_fired object| google_tag_manager function| _typeof function| _0x14619f function| _0x5303 function| _0x4636 function| _regeneratorRuntime function| asyncGeneratorStep function| _asyncToGenerator object| googletag object| gtsur undefined| Cookies object| block_tdi_178 object| block_tdi_179 object| block_tdi_183 object| block_tdi_184 object| google_tag_data string| GoogleAnalyticsObject function| ga object| CleverCore boolean| CleverCoreLoaded function| _ object| tdbAutoload object| gaplugins object| gaGlobal object| gaData object| $jscomp object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box number| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdStickyRow object| tdScrollToClass object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdHeader object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdShowVideo object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage object| tdAjaxVideoModal object| tdfAjaxFlickr object| tdPopupModal object| tdReadingProgressBar object| tdConfirm function| $f function| onYouTubeIframeAPIReady object| addComment function| asp_SimpleBar object| ASL object| ASL_INSTANCES object| WPD function| _ASL_load undefined| eventHub object| tdbMenu object| tdbMenuItemPullDown object| tdbSearch object| tdcPostSettings function| tdbGetMobileTemplates object| _stq function| st_go function| linktracker_init object| wpcom object| _wpd_el number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 function| cnxps object| t object| n object| a object| e object| r object| teadsscript object| teads function| callPlayers function| __tcfapi_8928924878912 object| vpaidLoader object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| pbjsChunk object| pbjs object| ADAGIO object| mnet number| PREBID_REFRESH_TIMEOUT boolean| execPreBid object| hbAdunitsFilter boolean| STREAM_PREBID object| hbFilterCountryList object| ndgBiddersList object| apstagSlots object| adUnits function| initDefinesHB function| execHB function| fetchHeaderBids function| _getGPTSlots function| markRefreshSlotsHB function| _markDfpSlotsRefresh function| _markDfpSlotKey function| _getRefreshHBSlots function| _displayGPTSlots function| ndgDefineSlotsDFP function| initPubstack object| apstag boolean| apstagLOADED object| lkqd object| mobile_blocked_mfs function| lkqd_http_response object| lotame_sync_16576 function| lotameIsCompatible function| sync16576_ba function| sync16576_b undefined| sync16576_c undefined| sync16576_ca undefined| sync16576_d function| sync16576_e object| sync16576_g function| sync16576_da function| sync16576_ea object| sync16576_ object| sync16576_ha object| sync16576_o object| sync16576_ta object| sync16576_K function| sync16576_aa function| sync16576_a function| sync16576_f function| sync16576_h function| sync16576_i function| sync16576_j function| sync16576_k function| sync16576_ga function| sync16576_fa function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_p function| sync16576_ia function| sync16576_ja function| sync16576_r function| sync16576_ka function| sync16576_s function| sync16576_t function| sync16576_q function| sync16576_u function| sync16576_la function| sync16576_v function| sync16576_w function| sync16576_x function| sync16576_y function| sync16576_z function| sync16576_A function| sync16576_B function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_C function| sync16576_ma function| sync16576_G function| sync16576_H function| sync16576_na function| sync16576_oa function| sync16576_I function| sync16576_J function| sync16576_pa function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_L function| sync16576_M function| sync16576_N function| sync16576_O function| sync16576_P function| sync16576_Q function| sync16576_R function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_Z function| sync16576_X function| sync16576__ function| sync16576_Y function| sync16576_0 function| sync16576_1 function| sync16576_2 function| sync16576_3 function| sync16576_8 function| sync16576_ua function| sync16576_4 function| sync16576_6 function| sync16576_va function| sync16576_wa function| sync16576_9 function| sync16576_7 function| sync16576_5 function| sync16576_xa function| sync16576_ya function| sync16576_za function| sync16576_Aa function| sync16576_$ function| sync16576_Ba function| sync16576_Ca function| sync16576_Da function| sync16576_Ea function| setImmediate function| clearImmediate object| ID5 object| sas object| apntag object| _ADAGIO object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| ONFOCUS object| GoogleGcLKhOms object| google_image_requests

79 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
adncaraota.com/ Name: clever-last-tracker-64971
Value: 1
.adncaraota.com/ Name: _ga
Value: GA1.2.563312922.1674230971
.adncaraota.com/ Name: _gid
Value: GA1.2.1013771205.1674230971
.adncaraota.com/ Name: _gat_gtag_UA_89380884_1
Value: 1
gml-grp.com/ Name: CEK
Value: a
gml-grp.com/ Name: XYZ
Value: 120&0&148&&&&0&1&&f060dba8-daaa-4256-9eb2-89bf254a6a9a&&a_825b_904&
gml-grp.com/ Name: A_904
Value: a=904&r=0&fv=0&lv=0&vc=0&fc=20230120&lc=20230120040931&cc=1
gml-grp.com/ Name: PM_11
Value: c=VEABJYYFMRBAADE&s=825&ad=904&md=0&pm=11&d=20230120160931&ip=2890330890&r=0&ref=https://lp.cleverwebserver.com/&RedirectParams=btag%3da_825b_904c_VEABJYYFMRBAADE%26utm_medium%3d431%26utm_source%3d2%26siteid%3d825
.betano.de/ Name: btag
Value: a_825b_904c_VEABJYYFMRBAADE
.betano.de/ Name: __cf_bm
Value: _hqF9IHU7yC5FZKYRedQelQcCnZDDtDe50FRg_Y3OAk-1674230971-0-AXEJdRdHcWGJ7glB3552rS3T6VCOj1acbgni044V4gpoW1BwT5QnSGDtEI1spSD0NPqTZr91McKJqs2SWvj3aN4=
.adncaraota.com/ Name: __gads
Value: ID=30f7ce4f07f2d2f7-228f04126adb0081:T=1674230971:S=ALNI_MbxVJIztUO5Bx1KESS5SuTUxGAdSA
.adncaraota.com/ Name: __gpi
Value: UID=00000bc7235ce172:T=1674230971:RT=1674230971:S=ALNI_MYPijdJ2ulv6N_HU7PxgHNPd_xn9w
.gmlinteractive.com/ Name: __cf_bm
Value: 2_EIIR9NifPgD38.wf_rejIWVkjb2TYaauaOo7RVTCc-1674230971-0-AZB8K3yaaj1G14PW+EA7d2BIcWlJ5FuCYANPwqSDGkhc913wEfP7TDl4BBIJX484NovYVc6ELcYYgJA6zYC/9ic=
.bidswitch.net/ Name: tuuid
Value: d6a150f5-36dc-49d6-bf28-5da25dcbf756
.bidswitch.net/ Name: c
Value: 1674230971
.bidswitch.net/ Name: tuuid_lu
Value: 1674230971
.yahoo.com/ Name: A3
Value: d=AQABBLu8ymMCEKAIWK-wCYS0Wbo8JNwNF0IFEgEBAQEOzGPUYwAAAAAA_eMAAA&S=AQAAAtVsJo_CFM4Kyj2anE1yP3c
.bing.com/ Name: MUID
Value: 34B27606A2386E7E20456499A3B36F0F
.doubleclick.net/ Name: IDE
Value: AHWqTUnqpOx6ZKJw6abZG-CBFtm_edOikYFSOJgPXhGb9lKlV-02dXaevXWoOwqxDs4
.mgid.com/ Name: __cf_bm
Value: LoW0uxrTUt.HsEDQpcB.eI8l6ID7pu6IZ6czqVFkp6E-1674230971-0-AZYtvkG36+grCaHaWVh1PGHm21SbsBJIBgE4bY0k8CCH6xzCvoc5oZ3ttNaPeWAt37zjVvQ6HM7zs+lZwOnT+3k=
.mathtag.com/ Name: uuid
Value: 5a0163ca-bcbb-4500-a947-113b34a33c4d
.turn.com/ Name: uid
Value: 2930553025957810747
adncaraota.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.adncaraota.com/ Name: sharedid
Value: 81d288fd-f16b-4763-830c-d899b561ad71
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBiRHAMAgDsIm44wtOx3FIOwXDV+JFYNcWZ6YkP5PjXaKxjr5sNG3GCumhD2z0B9RN2ckyAAAA
.ads.stickyadstv.com/ Name: UID
Value: 74c6ef1e895703ea1ef0512e43736
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6ImQ2YTE1MGY1LTM2ZGMtNDlkNi1iZjI4LTVkYTI1ZGNiZjc1NiIsImV4cGlyZXMiOjE2NzY4MjI5NzJ9LCJZQUgiOnsidWlkIjoieS1YRGJ5YmhCRTJ1RTZfbWhqV1EwR1BnNFBpLkZIRWFTY0VmZVFuRUUtfkEiLCJleHBpcmVzIjoxNjc2ODIyOTcxfX19
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlP87AqGOszKmJNVTm8h7j3-VdT3RjW1VYhTlSyiQDMo7sYsnK63aSbQsanL5a3VZa-vIajS1hPOyNksLPPEPOmXlOOTPqsrP1c
.prebid.a-mo.net/ Name: __amc
Value: 1_1674230972_1674230972
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-b5e197b9-8440-4e67-6069-7747009b4d3e.FI5ATVVJPwWklKy7GZ6bu4iQ4xIbrn6fJac6ngwvNyc
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AteGXuYRATmdgaXdHAJtNPlFfBSM.56ka4yHZ6dtMHIZnQhoyZhLj5ePlxZ9b6AyIrpt0Adg
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 3719041338435332026
.ads.stickyadstv.com/ Name: pxId
Value: 7169
.statcounter.com/ Name: is_unique
Value: sc12780676.1674230973.0
.statcounter.com/ Name: is_visitor_unique
Value: 1674230973285331044
.ads.stickyadstv.com/ Name: uid-bp-30833
Value: 1
.fwmrm.net/ Name: _uid
Value: "v2e78_7190767274985939360"
.analytics.yahoo.com/ Name: IDSYNC
Value: "1982~29j4:18yx~29j4"
.mathtag.com/ Name: mt_mop
Value: 4:1674230973
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: v2e78_7190767274985939360
.ads.stickyadstv.com/ Name: MRM_UID
Value: v2e78_7190767274985939360
.adfarm1.adition.com/ Name: UserID1
Value: 7190767275017042061
.lijit.com/ Name: ljt_reader
Value: GBMpKGZHfsG0Xkp-SsmyJequ
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22CA584461-A8B7-4E49-B7C8-C546414140CF%22%7D
.casalemedia.com/ Name: CMID
Value: Y8q8vXyXRKO7KEm.le737QAA
.casalemedia.com/ Name: CMPS
Value: 1174
.casalemedia.com/ Name: CMPRO
Value: 1174
.media.net/ Name: visitor-id
Value: 3172325738173179000V10
.media.net/ Name: data-g
Value: CAESEGZ8ApYmrt0XsoAwf1g4830~~3
.de17a.com/ Name: guid
Value: 1.8738100706962900049
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEJc8gPHeesmGNrMgZStcyoE
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y8q8vgAA26trJwA_
.yieldmo.com/ Name: yieldmo_id
Value: gd69f27a78eb03ba4b15%7C1674230974233%7C0%7C
.iapac.to/ Name: __cf_bm
Value: dpiAfTNx1byJevEgedPWtH5gwpCANDYHzrkfZ3aUJLk-1674230974-0-AYf9zt4Acl9S4G8S48YwbxOMC/49rKcfENbUIx4sL0/kNkjRu1kLyGWQgPMP2BYbVhzc9DxtVmmJQLEuMdBXW7hRtuf/aEDYwglUrJI3PRDu7NycUh5o/Z42tUvdcAf4Tcj6qZw79iFKSUgdqCyuzRU=
.awin1.com/ Name: awpv20044
Value: 412871|1674230974|d48f6db1-98dc-11ed-911d-22634f140525
.retailads.net/ Name: ppb2172
Value: 2104477020
.awin1.com/ Name: awpv14098
Value: 296283|1674230974|d495af41-98dc-11ed-b75e-22395f55e803
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: T4h.RSWpbGjgOfBhqmWFiSP9vmros7PBusrt98Hqp_4-1674230974-0-Afp+hjZ7b4DjSjMxw7Z1u8j+8d3NQYTGSB/4Qoa7vuNDwCsILEkuSQxNmbX4hMBXznz7n4Yb24HXof2ZPWOOq7s=
.awin1.com/ Name: awpv11938
Value: 412871|1674230974|d4a23260-98dc-11ed-911d-22634f140525
.futalis.de/ Name: raSIDb
Value: 2104477020
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1674230974714,"clickCookie":false}}
.congstar.de/ Name: staticentry
Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1674230974_d4a23260-98dc-11ed-911d-22634f140525%22%2C%22sp%22%3A%22awin%22%7D
.tribalfusion.com/ Name: ANON_ID
Value: afntmImge07ousnA7jfZbruuUUnRlPZbaspfgcZaf2RZaR7koXDfvix4nIu42p7lVx0SRkHdY9O7UyNVKP0srPWXDjLd
.o2online.de/ Name: nscQ485
Value: V
pb.media01.eu/ Name: DTU
Value: 4428CC55E5CABC850FAA27ED0DE346B8
.awin1.com/ Name: awpv11354
Value: 412871|1674230975|d4ed1e10-98dc-11ed-b41e-2266f55646ad
.awin1.com/ Name: AWSESS
Value: 377129:2470185
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI4MDAwMDAwMDA2MTY3NDIzMDk3NXZsZWExZGUyMDIzMDEyMDE3MDkzNTgwNjgxNzY3MjI1WDExNzcwM1YxMjI2MTMyNzAyTVN2aWV3b25laWQ3MnhjcWZnekhqWG1ydXJIWEhndEF0VlZlZkdUMVRNSkNNb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExNzcwMw
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023012017093580681767225X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTI4MDAwMDAwMDA2MTY3NDIzMDk3NXZsZWExZGUyMDIzMDEyMDE3MDkzNTgwNjgxNzY3MjI1WDExNzcwM1YxMjI2MTMyNzAyT
www.conrad.de/ Name: HTLP_timestamp
Value: 1674230975
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI3MDAwMDAwMDA2MTY3NDIzMDk3NXZsZWExZGUyMDIzMDEyMDE3MDkzNTgwNjgxNzY3MjI3WDExMzc1MlYxMjI1MTMxMTA2TVN2aWV3b25laWRSNVhmZ2Y2UUZYMjdUa0h3SDN0UXRkZEFGd1R6VDdnczdvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoNDNfVG9wUm90YU1vbnRoMTEzNzUy
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2023012017093580681767227X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
.csync.loopme.me/ Name: viewer_token
Value: e80ce781-cc2f-4d73-9c30-85f241dc9279

4 Console Messages

Source Level URL
Text
network error URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Noticias%20de%20Venezuela%20y%20el%20Mundo%20-%20Caraota%20Digital&time=1674230970415&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fadncaraota.com%2F&random_number=1894232497&sess_cookie=c9ce8320185cff1382f6b04f2f0&sess_cookie_flag=1&user_cookie=c9ce8320185cff1382f6b04f2f0&user_cookie_flag=1&dynamic=true&domain=caraotadigital.net&account=Vg7Io1IWhe10em&jsv=20130128&user_lang=en-US
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security warning URL: https://tags.newdreamglobal.com/admanager/newglobal.sdk.min.js?v=1.4.22&h=www.caraotadigital.net(Line 8)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
worker error URL: blob:https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/f489fafd-7787-41e3-8276-1aa806879d83
Message:
Mixed Content: The page at 'blob:https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/f489fafd-7787-41e3-8276-1aa806879d83' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/f489fafd-7787-41e3-8276-1aa806879d83
Message:
Mixed Content: The page at 'blob:https://5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com/f489fafd-7787-41e3-8276-1aa806879d83' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12738953.fls.doubleclick.net
1f2e7.v.fwmrm.net
5a1df78c1c76e14ddbd3cbb69405d6a3.safeframe.googlesyndication.com
851d37d4b44b7dd00bfaaa7f382c6c5a.safeframe.googlesyndication.com
a.mgid.com
a.teads.tv
a.tribalfusion.com
a.vidoomy.com
aax-dtb-cf.amazon-adsystem.com
ad-server.eu
ad.doubleclick.net
ad.lkqd.net
ad.turn.com
ad4m.at
adncaraota.com
ads.stickyadstv.com
ads.travelaudience.com
ads.vidoomy.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
adv.office-partner.de
adx.adform.net
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
bat.bing.com
bcp.crwdcntrl.net
bit.ly
c.amazon-adsystem.com
c.statcounter.com
c1.adform.net
call.cleverwebserver.com
cc.adingo.jp
cd.connatix.com
cdn.gmlinteractive.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.onesignal.com
cdn.retailads.net
cdn.stickyadstv.com
cdn.track.production.webgains.team
cds.connatix.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
connect.facebook.net
cs.lkqd.net
cs.media.net
csync.loopme.me
d.vidoomy.com
d5p.de17a.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
free.xjs.lol
futalis.de
g2.gumgum.com
ghb.adtelligent.com
gml-grp.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900028.redintelligence.net
hb.undertone.com
i.connectad.io
ia.51.la
ib.adnxs.com
id5-sync.com
js.users.51.la
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lp.cleverwebserver.com
match.adsrvr.org
medialead.de
mp.4dex.io
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pb.media01.eu
pixel.mathtag.com
pixel.rubiconproject.com
pixel.wp.com
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
prod-rtb.ad4mat.net
pubads.g.doubleclick.net
pv.medialead.de
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
s.amazon-adsystem.com
s.tribalfusion.com
s.update.mediamathtag.com
s2.adform.net
sc-static.net
script.4dex.io
scripts.cleverwebserver.com
securepubads.g.doubleclick.net
sender.clevernt.com
shb.richaudience.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.teads.tv
t.lkqd.net
t.teads.tv
tags.crwdcntrl.net
tags.mathtag.com
tags.newdreamglobal.com
tpc.googlesyndication.com
tr.snapchat.com
track.adform.net
track.webgains.com
ui.cleverwebserver.com
ups.analytics.yahoo.com
v.lkqd.net
vidoomy-d.openx.net
vpaid.pubmatic.com
www.awin1.com
www.betano.de
www.conrad.de
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.iapac.to
www.lead-alliance.net
www.statcounter.com
www.telefonica-partner.de
x.bidswitch.net
ads.stickyadstv.com
cdn.stickyadstv.com
certify.alexametrics.com
s.amazon-adsystem.com
t.lkqd.net
103.143.19.103
104.18.33.19
104.20.218.77
108.178.23.114
13.112.20.39
13.32.27.119
13.32.27.59
13.32.27.98
13.32.28.197
13.32.28.235
141.95.33.111
141.95.98.65
142.250.185.102
142.250.185.194
144.76.238.55
145.239.193.130
146.20.128.109
146.20.128.66
147.75.85.234
148.69.64.76
151.101.2.49
151.101.66.137
151.139.128.10
162.55.101.208
167.233.14.134
172.217.18.6
172.64.193.36
18.184.195.113
18.194.214.184
18.66.120.247
185.29.134.244
185.29.134.249
185.89.210.46
192.0.76.3
2.16.186.10
2.18.233.201
2.18.36.193
2001:41d0:701:1000::96f
2001:4de0:ac19::1:b:3b
2001:678:cb4:bbbb::11
213.155.156.165
23.203.125.36
23.35.228.23
23.35.229.56
2600:1901:0:76b9::
2606:4700:10::6816:3456
2606:4700:10::ac43:8ae
2606:4700:1::6813:874e
2606:4700:20::681a:61b
2606:4700:20::681a:9a9
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700:3032::6815:5505
2606:4700:3037::6815:547f
2606:4700::6810:5714
2606:4700::6812:18f6
2606:4700::6812:19ad
2606:4700::6812:272
2606:4700::6812:7e05
2606:4700::6812:9ce
2606:4700::6812:e234
2606:4700::6813:b210
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:806::2008
2a00:1450:4001:80e::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2003
2a00:1450:4001:82b::2002
2a00:1450:400c:c04::9d
2a00:1450:400d:802::2002
2a00:1450:400d:803::2004
2a00:1450:400d:806::200e
2a00:1450:400d:807::2002
2a00:1450:400d:808::200a
2a00:1450:400d:80c::2002
2a01:4f8:d0a:2321::2
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a05:d018:d29:3602:17a1:3e8:dac1:363e
2a06:98c1:3120::c
2a0b:4d07:401::1
2a0c:5c81:5142::2
3.11.171.0
3.123.54.53
3.126.56.137
3.19.54.139
3.33.220.150
3.69.181.182
34.107.148.139
34.202.12.145
34.240.212.15
34.249.42.161
34.98.64.218
35.176.33.61
35.190.0.66
35.190.43.134
35.214.223.115
37.157.2.234
37.157.4.23
37.157.6.236
44.239.231.111
51.89.9.254
52.17.225.185
52.46.155.104
52.49.185.121
54.76.176.197
63.251.14.3
65.9.66.11
65.9.66.68
67.199.248.11
69.173.144.138
69.20.43.192
78.46.85.162
81.17.55.160
84.200.5.215
85.114.159.118
87.118.116.9
88.198.250.30
88.99.165.19
88.99.63.132
92.123.36.4
94.23.99.218
95.100.75.47
00c603588363e209cafc09978d5b224375b31deb5c38ef3f9fe9bf63ddbcff8e
02093b937ce34d695215347c10766f46fafb76f84215ce92215705fb124bec03
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
037364280dcc434cb6e38775c90993d9aed3cc258ca17c7201ec8d4b7f3778d8
0508879415f71a0365c46e1e8a0215a2d813b4214f97007cdea6fa4e2e8af177
0635be399fd1806def7cb25c2987925643494144da4a302ddc3e4d0813c216cc
0698d1c8922f79eb47afe08542376b15a3803b22c8d225cb6cb44620e85dda66
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07a84a863c58683c2eac788db2d984f7b9052c2f7ac15a16600ba5298c0b303b
07c1daed6b27399ba8216cb37b29dee60d16960ce761500b49b4ba0c82bba0be
07d17f03c93a871c79bc007d75662feb9f3921f1adb302feb286ffee5dc416ed
080e18a8c761c3d30b7ec08aa65f87109a0228367eafd0a12fcefda58d10e8ad
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09d6674c0bc9543a340c42d49caf519951cf076609a0f5255e26afe872863f84
0a57bbb1521936377d57a2b6496674c61491aa0d064225cb530e989f24024dd9
0a7d2f94018c8bd2bf09011fbcb636ec29b139dd31efcc3e87d6e202fb6baf84
0ab92e23b9623c3fccf68d46cadbd93d05f036748841426873023584963d58a5
0aecb9f8f67b46a29a9bc7f266245bb96bf7dc08baf2ff373fa737e260519549
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b91ea362857bc25fc32d81a80617bf2e2cde60459413475977da961ec5008c5
0dca778d85afa24947ac4cf448cc359592e1b3f1249cc6707b894d002ae595b6
0f92254fef830040210b7cc346ceaf3771b4a1a39a27575a4c0cc40c6a6ef68f
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336
10094e3448750a4d28c63270c34a48a713985bcc5602ffc783e2a3e187d9ccff
10af6b5460ae34b66af571d7029f5be7b28dab50cbcb6cacc3ccf3a408a20ed2
10f50cd99b1a13ac83e67d2c8d7b3896e2d63b44d4f9d3a98d752ece428052a3
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
12c29862dd3cfe93dbe15f2ae569788037cc73b98fb8937ff4181418a96c061c
1353d3cfd641b4848f94b3bd3c3f936536718e2f53c91095d5f3cb9793e3354e
14a77bc82e039ce4be0d9ba9b0237495b0a9578d34eb92d444093d440f6190ba
14dc9ad1cc88c36a20050674541f9061a1addcd0f81f596e6de3392ce83ef5b0
16411906e723c15abd78a54488794aef148a12e4b777456f50efa50f6b68ce4c
183de06346cd2f5d2971ffacf358c7bd5439ef3e10ba009de1dc80759da49b67
18fd322583b992be8df5cc0713fee5fc2ec1f43004f1d838cfe1a76d49cb8f4a
19d4fa5e5f7164cfa51ca5e06216f551c4905d14ee02301a5ad2bb70272b7a3e
1a9781804536086e6623fae64e0a919c935c7af8132dc1889dac37545ac31d69
1ab21a02aaf32c19e95a3984175e7e7e51c41db981449b02260e0ea92bfd7ffc
1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02
1bd94554377493c9a9beccce2b78d57cfa423501bf3e48edbff437c375f2db94
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d471f9df7a105b0ef9f3d0fe4cd1dd02db01f165cac2bd6487561fe8b567d48
1eea0cf16e1620ffdb2c737f6c7e34c54a98abe3bb19305ac1527a4d509c69ed
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2343a4133467aa17ca002db1ee405415429a4ea809f8c9af22bfd4e5fee30782
23a52160454c8881beb890d62b32823d1a9e73eafef0d26b5081601d1cdff270
23dc94e20d3f49fe8095570012f5b7ca9c7fbcfeff5dda2acf6c38e593d9111b
2417d43626ce95596ede1ee0114a9138f176d8dada471e60fe0505fc99d82ef8
2514773ddc7501401d9d564d958ea68a1b1b3f67040a17adefd26c6b9fa28d57
25580bfd22d2f81f1890997d54a8ce7512aa189bdcb27aa9484768c86c8716b4
2685c1caf9a3e6616da70c63212ff6d6a6747e4929edf55832ebd18ef7a43ccf
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26a39fa908f7c7cc71ce0da7d45b86a318626233387386f19e354e6025fac385
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
274dd651bcd7fb15970688e74213c99b45b18206082fd4d4bf4027eeb84ec7b2
27d77819fd284e307e2ec7f89d543554a7b52df3c79af75914bf3bb7b168e9c9
27ead7f47a3fb4d1e7cbef0c68e28bde7ea18923cf41d8ca82ba13584eebc710
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
29c87a6d59d762cd22e651bcbbb53118bdce7c40222e4695925ba9f774d440f1
29ff3bb5b4d5344fa4221eca0cb675ee1ba9c7f3963dfdec469bbeccd50e8091
2a49a2ecae4cd2c655ea5317f7d1be88eb6a7dea174cab51f5a9da3a9a21c80a
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ae87de7e1d989a91608161cc59a43be6814c831f708dcb18ea75ca9a3467b35
2b31a7a0f83cde3576559461ff292a3aa8e675365aad931486cc76061fb0aba5
2be6e959e64d13635ca90a168d613e69ca369a3b901fc0ba391bf496b74876aa
2c0bcb73a9ca9483f3d74255ce1a77f5fbc491f09a5516929e55b4c38c2e9ecd
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
2d71ca94de9506b3a982fc8b65424796ad3dd7dfb94e04fa0c5c7da2c95cb847
2d7af35b7be5f569339957a842b7ebf4041f6b9dff0e6ae917858f034cef7ff0
2dc62bd3bb815a3c0c7a98c91c6f01e56fab967100b066f1bcd2375d44a5ac97
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e7766721aedc9bd817b7f12632f9b31db6d13a6460a203bd570c1e015db18e9
2eb4cc68e9809d9f853fad37a020a1398f0ce753122683cfd3cb7e4f06cef1cd
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2ef1fc50a9d78f044028f3ba7378c5bbec0188de74a5217491040f9ba435fca4
2f007cdfe9d9a7632269464ce5d3aacb47bff5887889e2326b2a7458f17a5deb
2f14036c090fa298c52773b84223d9bb0f55ed6bfa48cae4fdcc23265f1f852f
2f4b8d0ccc453598a51ce23aa9c20088a8198c820686a54d1b18e94068a4b3bd
2f7b92fabec21b0fe79c58794253b214f4bfe1d5a1f86f1a708e98cb7a0b0b45
2f948cb326fb01522ffcdca5d88e2454e28b8f22e127647f6c86ad1f9f89ff3b
30ce059c97e066e3a38b803be84685724edb0273325a49488d772ca71ea6cc2b
30f2330207f95238c488b41a641149901f7fd6f1b871552e2058a0d765d49feb
3154b9c7dc15cdd4c6b2554df282ff2d14c57760d5fc77b67b6adcd310619bbb
3159d75f9147f753e005cf0f7d3d06e70ba29ee34e604d21b0cc6bbe372bef72
315f3bfce8194c7da7fe7670b94aea00ca4f08051bccf68229806f4deb545a96
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
319b4b95139277e09f7940a3ca91e18ced75b6b087805fe6ac8924f51ae70d49
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3316ff97e39d6251fc6c22c27caacd66a72f9790147f3c1ee254467b5e80be71
36c074e04ac3f2d28eb6f31527e4fbf120a4514d9e7b35d0316440ad142bcdcd
370fed0964514aabf7661865ed047a2471c9d73de002971e32e417cfb6f0615f
3778272d51b41b5325e7adfe8c54c2e4c0df8ad20bb052a5f7cc6d37943a5911
37dff26e70863d037194dabb2c1d3e3da7b7abd0d39c18bbea5a08adfeb2b723
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598
38854a707e2158f322102ca92759a1397c8cd81bddbc507c17e5500ec83bc40c
39997388d4cdd9cb0b622da3900c4f1f43fe7033301b3b69fdf4ae5fd6a2676b
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
39c820bba5e4e99b06b23c660de74b9d8110b86007e8645b5a21110f56aa57c0
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c
3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e
406f830e761cef97885504dd7f3fefff9ea2788bafdb9ddf46daea5b075e80da
4096a6628067ac9e305e96b2d7e1e67e3c8e29a9c867aae3b4002a065739d0c3
4187093b33041aee7875d9646f9de4106ad0ead1a5b673fd09a89cd04b528651
418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b
41b5ae724a5f9fe9b1c366baf49de647d9e408556eff785856ef09ef3e39c735
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
423672bad5fc192b8cddfd7d55c4f1005c34c950098dc5492aa1b2d8cc9e84af
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
43a04cf9b79302b18608bae48ec203cd2516ab2cdd4051bedc38005c283da4ea
458ec4591f418e2e66ba18f35e86e1b2d24221c707b240649292e8aa2df1ac0b
45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7
45e0deda0bb673ef2511f37bab5b0f731ed0e348d6c3de1087c25173b42cffea
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
46336d17bc0deae32fd48d3697163d7845b46f846ef4b247fd01358d7f349a20
4669f93c23967fa33e4b9acfa2f9fc8d47cee2808f44a64ac48a14b230438504
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
469959bf51c9744dfee4efae727e9ffe4e8991b43e91e0ee1752c784e2f657b7
475979a6f3814e9be6832579a13447b91f420c0ad7f8685218c3cdba5f85c702
47fb0ccf10509295971899c1fd58fccf76698037add41816c22674b448d094e7
485ccf2168afa91bc52324d6b3699c52c87aea8311804073ca025d1ef283f538
4873b20f1a4561114f55aa1114e0bb530bd87e12054a8159446b4aff75c48c2b
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1
48fdcad6248cad75d16876289b4543334d70d7aab6c06f79160034568468f813
4ab70b4b0190c362012679e4067c4137d8adf4ee5761f990e20aab4ee783cce2
4ae1bc187a25252e5c4dcb33e066bfdcd29c2369b971072e08c07a7c1dff9a3c
4b1f15e6afd4e6cda71f9578ebc56a15b0b65ba90874192353b008e804a989ad
4b29dca64a17cd54722a426c187415377d7fc4cb6d2e38a49c5ade9adefe5dd3
4b7693154069c53a16468d09d89c9eba5da6c0dfc69cf4d7eb675e32ba663361
4cd7a0d2c9eb03966a0dc60658526c20fa4e8ee4a0660da469f55edaf9a18c9f
4ddb89a5240684d7e3563ed7426456e1f0a98aae9b6b5dc5f9e1c345e6f6911f
4e16cf57d5864a0923be893617f104cda5486ea3b4eb1f8a1d402a9debd74eb8
4e5ea255737aa9f7af3c5fb9ae79ecdbbf59d8657a7e767f2784e054e6189283
4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a
4f790a75578636271e575f2b9af507c997e9986cc39257888056878f8116b176
51a47645bcb938a434a7c4e54ffd7c24ee82dea8f280e159a34bd1a88d61bf24
520e55ee027a47cb6de8d51884f3df3557572a543e20762a5d8bce0c1b058df0
524f3a5dd388284379592278aec9d673855ecde2536cb363a00c661972e9e2b1
53dca2fef84e7c318ac91b0a499a423a1863de66e338c930c9b085dbe84f8aa8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55492e5976313eec87f99294779a9041ed4b4e4fac77c4335b4f6a034ffef5ee
558a02d951572852b6e6d2400ef43a834452c74bb02fe96accb880f49bcf1ca9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
5651b43b4e8e488d108feb52c447449fb94668c833bc8099951ffa55e0d7e9a1
56d25cdb8fcd743018954ccbdec1701c7cf814243719132103e8d6b39634dbf1
56e9075c1b7e53dadd79fb69c8604af738f553133865145b2796bd64d75b0b15
5709d01258ca876940de2d4adb2d22944bdd08294acc62aeda0d8233330177bf
5740bce57f68562d42e8ca6f6eb70dca3bc33be11ef0361e78274d360f41adc9
582278063c6f97f70b739bc1530060e16e176bb7b792ec5bd542d2083ed6b21c
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
586ababf0995e76ffaab0f4283fd44b679945b87b9172e616e010d91f6d30c17
58a34a98a2d0b2823ca5b8d3602c02efa1ba0364d3bdb4549499cfb4f594a2f7
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a4671186138a8ef784de3704c6df8f640c2f273e15941a4793c5844db2a606d
5a66e353f9533a2c9c20b1df9da3bb3f19db620ab9773a7e1594cf67b79b7b82
5ad484874bb6fed659e22ac18ba83642e97910b32a18fb4167193ae9da6fbdcf
5b226b3707b90e3542e8776ddd7e32e7f42f0586de4059bf3876de98c7aea595
5c7bf7bd941608a78b93872b8ac2508dc754dc6bf26271de549092826d7faa18
5c80505133c2b387dbe571c9b908be7e815b86ec57d1cb8de7f1b8212cb0d304
5d0c18ffb6c065f10684ce641bdaf313d795de1bfc1e00eabd9e8f6efbb1c5e2
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d63715c3e74f56f56f02445733f7d1e1ba3332d37d4e2cb0cfac2b14ef85dc7
5dfc4db7222f86795ac40122b8191821cee6b746751ebc9ecd80fab9aae08ff3
5e594a7be0db0d34f5e02752659ef7f5dc6ed39937033c2a203ec6d336eeeee6
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5fec456c222cb1709f0bf269d9442402ff8e9a5b45ee186a6a06f0566f35f2b2
603295796b1d5d7cb7d8864b19dbc400928801f8019c6f05e0f59d9ce97b79df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
633b156edd6a32c425a6208ab23dd393267ba2ee301308afe7c64aca4d4dc223
6419ce8f3d4438ea28462a0f0e7e882d7e380ca6a9aadfae2d58ae20f80d5a9b
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
64bd7474c39b90eb35f70dd654579311f3fc32ab42e13021cbfd0aa1a9b4a269
64f9e98a68d94c6ee1bdaee26992bd796d293641ad202e3d311c146dabe3b67d
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
65d02dbb4c42a46f94539c26aa591fa11b4514ee88238f4bcf97c14cdb4ac6b2
6610cfb284c5370ed1cd73333301a0fd21d0149efdcd366dd7b8fe35a5949806
66835c68755c41cf5d9255618a0cdddb04ea853bc96e8703b77ee32717796950
6764d1ceca55223d425248b80a02eca133fddb83163a2841c9d84965f44206d3
689ce64440b4c5e67453bc766df1d3403564c83456add5bdafb87d9c88979611
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e
6d3e15ebfb1a7f36a51af6a8cc98696bc234ad0b067534b2f062196a14cd96d8
6d64b93969a3eb2095f43284244315dacda766db1bf333023d18d1cd41622d40
6fb98e63c635f4259abc952989b3835e17deba7edbda965ab4ce43d08ac9ed51
707764cfbbe09ad58f5c5a43326e44b548296f60b5344d52ef54f0dbe1c33979
70c8863d1f8191f5eae09e3895ec780548d805598b5375b401d957c8b873b39e
71bb2a0919d6b6f934f189cd812fad1943ca087d7a5798edcca81719c29d950f
71c95cf16e98f27581726418334c6395355cb6addbb3514dce9146edce39e389
721d15716663b5588d40b75b955521d14f1cf1c4dcded1251f5f25a5fdefbe20
727491564ced2e5ba1df35ed4c0428cc4504be726b80609eb99e2cd304126468
73405a39c5115064b8d43f724421500867dbe5ad8dd5b5374c6242daeb5d2472
744d480621094fe11672faf0637af9f5c8bfffac08854bb1ea4de09a9b181b9d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0
7642d33f07982b761161e0c7ece46ac4451a5cf6f2df50e8a01eed763dcac5f5
7668ad2d758ed874c4111801a36f17f643cbbf8f65e238656e629a177daea5d5
7692abe2c59e1a9db3d398b11d2ae8c53034c853a72f4942191ece3d277f58f5
7794166bc12ed958f2381df56441d380c91e3228355ffd0a68ecf134d1814369
77fa866045cfe421b0633892dc144ccb414f5cb726874474dab61193c5444233
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79a8be80052338003d7a5383011dd4b800b2ea657cc221e533202251ec7c9693
7affc06449b06acde5f9a2bd18e402ec0e06056f21544b88316078ff29935ca5
7b55e1194e4dabbd5a85a3d854f32054c115d027e2f672318d8d760c1f20c7f9
7c1948f93d05ee8808919c39e651fcc3669b2f7db5581fce2dc661cb0120e4ee
7c2349ae1475ee53cd1d141e44c5d60aa873b89ad04b6a2d118f08a07436d05e
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7dbb49ddcd3b1e721208e2c26313ab67fe407a4efd941f1191b39f87d674dd79
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
7ed794a2001e8707600a5a64ba912efe07fdadfae36ba1c5934b7b17eebd4c58
7f2728a2041a51616a243a6b2056cdcee7596c16535da108deaadac1471ae867
8027f6c61db6a927250829c5aad340669ad102864bf97eab4ca43d77ae98c88c
80775549f0cbc5ae87715b6744a238b783e06258d5317c3c5e7824d2a8cee04a
808718570cb51650c65f4bcdca017b5b84824f0557412dc175c0838f935edff7
811e3c1818cf214f70e385407c6ddd120b3f7e919d297f2bd0fe5d2410f499df
81643cbbba3780fee6a89e81763043d2096fcf7a56967ebccd2f44cfe0ccc20d
81a9d6c6141ccf3cedf315b1d56113eee52017068c53dae46f357cdc4b571777
828ee1a6d76421e7e56e158ad102afad39f3d22122a8af59793b6c4a09ed6414
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
835bc35cee5d5475c4231b20f6c5e8d54df304c821e2b242a380b8557df255df
839570576ef780747ae2196acd47d9243fd64a8f2c24462b7de166364c9e03af
840d808e452f790eabe4643e3962d7335b267551bfec533c07bf72a89c8be3ac
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852bfcf38aa6f2a577756e577b1d1c585f87cefdee09046016ac84f4eab135f3
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
875552def1182c67a795f31be89dfee4bf6e4049888520efdcdaa98cfd1fe7f4
875614250bc202cfce4176b3abc9bbc5ae9932c76e83145e1247928d295cd694
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87f02ef14d447da49a2a27ab1aa76307681f49c87103623fe3b30d7573a59595
89ccbdd0cc312573d297a97071805ff85a2e7126af5369f958c32eb45accdb67
8a20a547740ca269c5b876c6c5c28f4e628a513dfc1a1d987065af962a5dba42
8cab7ebcb001d65b37f2340f7f5ecfe5a077c480b63e98806df14f07567d8ddf
8d014a487d1035bdf8f9c6ac043819594839e27a2ba90dd9f287b851db93f0bd
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
9097a2c579616889e829be95554ebf90ec5900045f4d2282cce31d5a999acc03
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
928c4f3e7616bfc3e08c571610a4f7c78dcab8559a7bb364f87e24e582f0ec63
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93568939cfa0949a5a2620b60dbd958ee1a3c3b65ded5f6850215f9e2a347160
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
95303813f1b2177a68b737a6a05425741398624c074f90f052cd2feea2ed8e35
95578a285701cd61a735c0bf64fe0b601c2ddac47215fa5f9e63831a10aee70c
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9715e377be39dbdbf51427ed460a879b2af1dbd6af62a00e2d013f2ba2be1ff2
97720b11aa98c6a59e8a7f880c3833f7a1c510d56e6bb91e57e6f26db4b8128d
98af5e2d044165db4fe04e7a288c125ad78d50bd9e212ca6e520e5a55140e869
98d60902450f33760e812c292cba852a01906856a630f14bfe597135b7087de3
99406a3b6c92ac6d32b035c72debb20bf0fa0f39cd41d0447eebca703780fadf
99d671015b498de1c0a5a9600f801e7c108fdc4b1e3432f91b8d4beb9c4f2b90
99f43e50f4179af4ebf4c93668866d5a5607914fa0a5daa087354c3159d3fa03
9a2307bfd1c3993fdb5d74816305b5c2dfd13ee3ec0e3eb599afb4df2f465e5f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b8b20759af0c29b988cd3999840e667ac91a1494e81b0b6566f502f919d9be9
9c35ea1fe5c59fa818975e32505a31e50c73e57694b72111e153505b12202817
9d1d32f6fd1ed2900029c8afdf804a635950357b2c472d542333a1f6e4aa123e
9d274141586be01518211cbd1fe70b53fc6286fa8331fcd93f19b22c44f31f35
9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d
9da88e942e6aee489526e53e74f2eebe0788e57037a3056a4e883014f326d7d5
9e22fcfd7d416f13407c9972f8a9a9376daa97d7241b4d45aba87a80616af7ce
9e9e228389f4fd18d520866b8f759b6827622048cccd7700b4e947005833cbe1
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
9fa1cd1ead9e7d49e3226830297e4303c8f5cf9ec854afdfd33d2b0782e02fb9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31
a0c4a6b368be0ef92884f5059206d92611626b6131418658281dff18e4141b2f
a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf
a1a74eef6e94e2e8414e313d3dac9c34b11fccf52909e9eb833ce2cf70ced650
a1dff8b0c66227748951c4ff891f146f49c5a382ac8e3d6e3c2e9cf8aa560dc8
a23bb136ad266c6eebeb58e81bdc3b84ae5e4f04c17d2d70795e212bb89c31a1
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a4710f6e3d875768cdd2e1bd818ea1934a27debe925b8c983c6ffc773aa6892f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6425fe83f8534efa000d92df45dd6eaa9424e06da01d01b1a113d3f9c816f6c
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501
a90f3071f749920d5c06cd9fbbd71919955e7d38736a8ef285b31a19b9e9ea85
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa829f946cf28c584e2cccb15f9d703c3961e2b4a62a520c299d3b60121efd5d
ab445da64dec12a85d693a0462bd7e17c3c9748fb3f80473a22b73642eaf3e8d
ad5ebf276cf9626fcb9ae0b61bdd9113f80f32a9b95567f1af6785b54f852472
ae02aafc89895198861bf2dc532996003b018d625b2c16cc980b76397a1060f3
aea270df28a0dfe348914d7599bf3bdea41ab267a82e965c8c71ab9586957146
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
afb5164ee1c645847bf848aa89321cf08cb03285cc8dc2b59ab3947f9f859573
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f047da89de24239ae5a2263f5a9f80446edc0bb39c04e0ca9be5180cd93719
b36ebc1362d3555129167a16bedc847a673641830ca69de91ae720f696f101a1
b3ed8ddc41db1353c216f3e023ee9e420d7309b9c2ddedf266114f9c21c39464
b4839beb28ec854ebd57ce5b7c721d100b8f03c53d698778c02079f65b5df39b
b5078fe3251e3f037b896dffa0fbbfdc2450d21ac8da9e3794f77aed7a1a7918
b574669ac419e9857b34bd603555cc632152f8122f6b154d049e13cc0a167b35
b5ab475b5011457169092e0fc6652cdf0d109f571e70a7e20b8bce4a85e7986c
b5f8441263d80cc3de4171fa50088b3a21cab396a44f8c9c019b154affa46e62
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b79857c55a84526d91f002190fcf79d2231104683af6060d89e7aca11999668d
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b87960aa5a6d9939cb6150071ab997f8c40b9f1babc6407137b58f9084a28831
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
b8f1135ea80282d2e0bd6dee5179a0603a6c71e9bbb972f84bea266c91c4b733
b94b432cd4f3e7a6cdc7fa4d1c21142f275341f651d94a70006420b476e48e71
b94ccbceee415b4286f15356e36801edceb048e70936802cee94e929ef6487fd
b98ae5b1748d571b68d5319d5b178af603c17156fb76988a73dc271e81eee74d
bb5a8101ef0e236335a8b755d9b9c4d20251574bbcc81db1ad26a24ebd579321
bbc5ef2abe8a48ed90b5af150b5339e5a38f573e32f4b0866d534f12324f22ac
bc3117af6d5d667e0f1d395920b3dcffa2b20ce721ef61a4eb42cc90c3469c1a
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf120d67ccb2fc607b731e34e750411ccbf85676322171d1f84c00a3e00123f5
bf6004b181d3ba9f88b44da6d5a24af6cf6e21fe0790ebfd4761a0eb42e28f00
bf9f723c8119c017afec425fdbe058bd4404e0c5853ff4a72164449d8507a210
c0c3e14ffa0963a91bcb39b11292d899230a6ab9e36205d5df32de122989f330
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1e84daad91d25b2406ce20c1eb6d8ddf368b723637e49a6dfb22a9eef5cc607
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c5e699934cfe12bf4a603217c46f701a31d4e6a3e11c0f32a83e2668b4d15e1f
c707766465b4d641df531416c0add130ca3d9575a98acc946bb7ecf312d5e38a
c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a
c765a4d7cb40a19bd835baffa38cdff9c608ba2c391348f8dbd982e043fa54a3
c8b66c6e9c9c68db13267ce3c3a0823451f6630de4e7348d6c11c23b53982782
c953f80cf0bb98945638528f71bafd7e837aac873b241533013b5170535e78fd
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9e09bdb3791f472a2f33410ddc9e8bcd3b6ae0c66a0a2918c480388105e197e
ca44bf25fce819841aef26bf33576c1e8198933df2e5c7f8850316fdbfd236c3
ca86bed615e44b2afda71d3deeacf617f45c29188627816d86477559bb7d439b
cbdd087284a70c0c849cf1a5582c775e0fd2770a0da03448b4b4602de4778d1a
cc75c92c970b9b9b4ea98bdce25142d32aee462d66d6e04090e78e299957f365
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
ce2fa11eff42b673dc8ae241abe3041fec938d59f9529aab5223eeba69da51d2
ce32678eed0ddc21c76fa328e4c78414a9fb7e3165ed90ff638e013d888eddba
cfccafe0e38530273a45e5940e9ea883576a7ce1ffdf0f0b03945e847a23cec6
cff23a369dfed40d8c5dbdb2f5bd6299917998431c6bf889525a3645cc3854dc
d01c4e5e8a06c05ed543e117225289bbed1d451aa6003332e0649301393aa4c1
d0a51069610f44d6b5b7b82d3c07408c46f07f933931d88adb36ee06e815d049
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d1948b809a04912efd39b9d82e7029245446aab614b635d9a59aa5c70746926a
d3322ccb3912f7a9485eb1d75971fd5e1eb49c6575ff5ad985fb5496333e8c8b
d36bf948c72a91f8e605bbf3e1b80a78978ad70ef5ce130b3c5326c16179533c
d3b998a65601caf0a462cd7a11c3ea8401211531dc343f9f9ad2449b05ce8fce
d5ad358b8cc22850af96aa13a72af3eb531113a0a0b65df2c4c560185a4bd967
d630f81f0eae71d39b680ab8012f2b090106574cc44883b22b04995fcca904dc
d6ce1e9f88828a127605a5789cabae0675ed332f11606aa866419c7d4cb20b7a
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d8125a847e5c88bf83c55156399834fc731cc4312912489ff4839fe9a6c583e1
d87af7a2528beb59a990e0414df87b4e4115f77f3a4a750f6616ff189b70345a
da8b00f157aa030065e2d6a06149909cd367c6ebe8613a0ee506e636b1f7aae0
daba759602fd6fc7078d30a3e48b56f356d83d00af1560e44e4603cef86cfef8
db2963b3811bd47f67796a7784449445df013ca299929405afbfb2267fd95ea9
dbdd6ee7cd1378f51947cc64cb131bca5ce2376938e30337136f49fbaefc7609
dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598
dc8e9eeb1841d1217f795c9efce8abb9aab848322c61ab0db0ebb4137f65ae0b
dcc6b633543bcc378409b05b180dd30d3d8104624c0948612f7ea501b103fe25
dd18a408a35aa5d393458657eb24fb56ab754ece3f88bd78a038e5793d3f6991
debc67218ac76a7e02237ef5d72e9d7bf7d2ee0d3cc55bfeb34996fe772c4c79
decefdd980f72ab98d766495bc5a710370622b806e1435c8abf42e788766747b
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df74fb97057ccdda96ec9e21f06fdb77f7e2f45b5a250381c501045d8ed68c4a
df975ab6989dd3a6bc6bad741579aa01a32f90391a3cbb0425cbf084b76a4af3
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
e06d525c7f9d44bad343f69b192b3a517a046bf0b07e3540a836e57f108c5f8a
e0bfab163b0b139943e2adcc4c126125461d95899402d2729577668a46bcb2e5
e0c7af74a0475c6e4271473be45f0e149f1abf3eef5262aaa4ac9c3e965d5406
e11066131581f19cd6717950c6483495007f3daab3b91dff4d07cd2619a3fba1
e1a983faded7a039e65930d85143d6715ca7feacbf8e736b45afef060f88d301
e2e0d3ffc12ab53102e81ad9ab54148159a82315547c7e54d7b50e66c944e957
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41e4e859658c300c741db4cbd6e3ecdfdc585dc5a5e7bb43c95af08828f2fbe
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e86eab3fe3d1d46aca0f053fef64c4fe4df7e40238e8c66f7c5a03fd7a653df0
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9b1a9f81a886655a40f6220d9a740e75fe9bdc55ea4a8c41797a4a0d4036d5c
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ebf63c3f7cbb4f5e717791733bc60a10c22851a6644214638b71b99ca09d3ce8
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b
ecc8fde05f670acbd603d4e5eb4e84110aefc2b2c068c724964c3ef72a106709
ed3d464c3aa5eb66ec9e339294ed9091f79d6d4a9ae7db3da5d2f74d971d1b7f
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
eda91013cf6c5ac6efa537b814da9abfb85877fdee7f5f864aba20bf72f76179
edf39e09777e39291e3ac1fbad91e47bd35cd7e847ac72e853415146a8023c1b
ee07ec1e84701538e771c0b836a4ebd946a2a6a491d55f6a13996818f9869c6f
ee3b146d80e3efd0ba957149970944d70f9c27b1248ae13eb728d9ce51a81288
ee9e1fb6d144f06e8b0718dbd35a5f9cc8dcc8a0836b7e13b9ec8fff2784f716
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da
ef3cf87c9cc03c2200218d78ca89ab0204d936d7673a4179bb56108601707068
ef4a259846833abbaec4560fa3e48c5afdc3f39ae38a5fd928f8f00a0d4b51f5
ef8f067f829af7c95936a36f38e54c98ab090f937f5557e4c78829ed8fcf5ffd
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f2391d0dc61f4497df3a74fbda5a4859550985f894ef16da096e2b1d5a73af09
f2395683ce82442577bf579c2e04c631b752ca49ab04fe3efdf2283166a11ae5
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f2e583b93859f1b81b62c0f5bd87a821284fe6fd75854e2a78d9db5e4bb6b6c5
f2f4412b6bacf6c84aca42e2aa63e05c0e85092572c7ad173653812370781807
f37d13cf590002a9f7795d37da613e76ccdf7c7f2a634a77efba7c0e1df9c22b
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3c66ae2b673449b26b585190434659cf344d6bfb0538dbeecd564ffd4088e31
f45f65b9887d26e6b897907581d257fb8bda69f120c5b5c31ef2a5b00e080fe6
f475a72b76b33337f011368d533d32a18606f397e6db25adcd47d63f0df88e1d
f47d0207062ee7293f73e74183aab3403d0ada6eee7c68d393ad7f298e41c867
f4c1f2543b3dd849a17f849a4786a3fcc1725c895ed38603ba0c9e8963446c84
f4e0d1e486e663ad600a8c68224f47051bbc27412e497a07e7a769fcde1a4269
f52104e0b981fb7d87b051932bb93ab545a68c459b87018a7403655fab0de051
f564a47e365ffaf182ae4d20b962faab229c18f7fd4601f9063e14e794920bcc
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5c2cb31fc2272388f426f2016ad2ce2fc1d19741c39e09a670bf83452bb8b60
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7c340fb289996d82c1b449ee2e9bb2ae513228dfd668e93167659367439e8d0
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f89c6e01dda9dce70ce27a525200928133bf6c1fd7267af651ace7f81c297b2e
f8f330dbb5fad8679ce45cc6c04912712f650a0d41c424f6ea18c22ed489fbeb
f94fcbaa5dcb411470fe6ffff74b74f8c056643381f2bb230f6876c6984fee2e
f9866bdc234e1d469246d7c24b71f8166317d8c641e330ceb83ee4a7b117a0b8
facd25d708d9c13ecbbee553e7eb9e729075f1e929bb528cad034217135f0692
faf3f4d41a4eeacbf0302f57698938e6622dbd9e7b93992ee010244954691238
fdfbb661e5d5f32edf12ea356c0e6d457c96cc209d6601b310cc277bb950e8b6
fe7ef7bb05984eae7db7f5b429696e921cd5b2d7239e350b204a22ca94a244e8
ff692e5631e32bb99f79e26cad459de95ff155ac30874a43a47ca5bf0d4e919f
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2