discord.org Open in urlscan Pro
2606:4700:3035::ac43:81f7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://discord.org/
Submission Tags: phishingrod
Submission: On January 13 via api (January 13th 2023, 9:16:25 am UTC) from DE — Scanned from DE

Summary HTTP 109 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 24 domains to perform 109 HTTP transactions. The main IP is 2606:4700:3035::ac43:81f7, located in United States and belongs to CLOUDFLARENET, US. The main domain is discord.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 21st 2022. Valid for: a year.

This is the only time discord.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:303... 2606:4700:3035::ac43:81f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:10e... 2a02:26f0:10e::6860:5ba2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:802::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	3.126.34.117 3.126.34.117	16509 (AMAZON-02) (AMAZON-02)
5	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:89cd:9115:4cec:baf2	16509 (AMAZON-02) (AMAZON-02)
1 1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.87.133.65 104.87.133.65	16625 (AKAMAI-AS) (AKAMAI-AS)
1	87.118.116.9 87.118.116.9	31103 (KEYWEB-AS) (KEYWEB-AS)
3	13.41.252.217 13.41.252.217	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.110 65.9.66.110	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.35 13.224.189.35	16509 (AMAZON-02) (AMAZON-02)
4	3.11.171.0 3.11.171.0	16509 (AMAZON-02) (AMAZON-02)
109	26

6 2606:4700:3035::ac43:81f7 (United States)

ASN13335 (CLOUDFLARENET, US)

discord.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10e::6860:5ba2 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

www.worldipv6launch.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:802::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.34.117 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-34-117.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:89cd:9115:4cec:baf2 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.87.133.65 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-87-133-65.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.118.116.9 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: km36617.keymachine.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.41.252.217 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-252-217.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-110.fra56.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-35.fra2.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.11.171.0 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-171-0.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 156	455 KB
18	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 216	123 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 28836 ad4m.at — Cisco Umbrella Rank: 9591 assets.ad4m.at — Cisco Umbrella Rank: 37206	1 MB
8	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 70	4 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	66 KB
6	discord.org discord.org	41 KB
5	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18712 api.webgains.io — Cisco Umbrella Rank: 49878	31 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	194 KB
3	webgains.com track.webgains.com — Cisco Umbrella Rank: 40045	52 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8470	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 702	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 689	2 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 82915 static-de.ad4mat.net — Cisco Umbrella Rank: 115742	4 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 47056	19 KB
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 89082	517 B
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 15193	686 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 691	339 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1861	296 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 306	465 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1808	172 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 813	695 B
1	worldipv6launch.org www.worldipv6launch.org	8 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
109	24

	Domain	Requested by
18	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net discord.org
13	pagead2.googlesyndication.com	discord.org pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	assets.ad4m.at	as.ad4m.at
6	www.gstatic.com	googleads.g.doubleclick.net
6	discord.org	discord.org
5	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	www.google.com	2 redirects discord.org googleads.g.doubleclick.net tpc.googlesyndication.com
4	api.webgains.io	analytics.webgains.io
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	www.googletagservices.com	googleads.g.doubleclick.net
3	track.webgains.com	as.ad4m.at
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	image6.pubmatic.com	2 redirects
2	pm.w55c.net	2 redirects
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	banner.congstar.de	as.ad4m.at
1	www.awin1.com	1 redirects
1	static-de.ad4mat.net	as.ad4m.at
1	onetag-sys.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	discord.org
1	fonts.gstatic.com	fonts.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.worldipv6launch.org	discord.org
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
109	32

This site contains links to these domains. Also see Links.

Domain
www.amazon.com
www.worldipv6launch.org
lippard.blogspot.com
www.salon.com
www.kbuxton.com
hack.org
web.archive.org
www.emperornorton.net
www.discordia.ch
fnord.org
www.youtube.com
www.google.com
www.openbsd.org
www.isipp.com
www.discord.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-21` - `2023-05-21`	a year	crt.sh
www.worldipv6launch.org R3	`2023-01-03` - `2023-04-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-12-13` - `2023-03-13`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-12-14` - `2023-03-14`	3 months	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://discord.org/
Frame ID: B95A4EE3A6BCC29CC71F2E89F8480756
Requests: 20 HTTP requests in this frame

Frame: https://discord.org/cgi-bin/ipv4or6.pl
Frame ID: 0552426CAC32FB6EE5C91C011019D68C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html
Frame ID: 9F5B3837D2D52CA275EC8EDB427E6392
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8280778023961707&output=html&h=280&slotname=8487228440&adk=4078063067&adf=1482507344&pi=t.ma~as.8487228440&w=1200&fwrn=4&fwrnh=100&lmt=1673111830&rafmt=1&format=1200x280&url=https%3A%2F%2Fdiscord.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673601380873&bpp=11&bdt=539&idt=244&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&correlator=6218421071876&frm=20&pv=2&ga_vid=2080548781.1673601381&ga_sid=1673601381&ga_hid=1164508892&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3925006714193045&tmod=1727053975&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=SMLbbXGJTY&p=https%3A//discord.org&dtd=258
Frame ID: 2A257925DAE63F1D19944E461080727B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8280778023961707&output=html&adk=1812271804&adf=3025194257&lmt=1673111830&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fdiscord.org%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673601380897&bpp=1&bdt=563&idt=241&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=6218421071876&frm=20&pv=1&ga_vid=2080548781.1673601381&ga_sid=1673601381&ga_hid=1164508892&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3925006714193045&tmod=1727053975&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=248
Frame ID: 9165445F5E4AAAF5EABD6C797EFB57A9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8280778023961707&output=html&h=90&adk=3275936948&adf=1148928269&pi=t.aa~a.198987588~i.8~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673111830&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1247212538&ad_type=text_image&format=1200x90&url=https%3A%2F%2Fdiscord.org%2F&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673601381792&bpp=1&bdt=1458&idt=1&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2259475650fa262a-2236b10041db0073%3AT%3D1673601381%3ART%3D1673601381%3AS%3DALNI_MYJVy6_GeBvngo7XQo8NIWqwrvnvw&gpic=UID%3D00000ba1fc0f74e4%3AT%3D1673601381%3ART%3D1673601381%3AS%3DALNI_MaTMvoTRBGB5HFfAwpUpwdpaIvoIg&prev_fmts=1200x280%2C0x0&nras=2&correlator=6218421071876&frm=20&pv=1&ga_vid=2080548781.1673601381&ga_sid=1673601381&ga_hid=1164508892&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3925006714193045&tmod=1727053975&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sW5YBWksfB&p=https%3A//discord.org&dtd=5
Frame ID: E7F3DBE050C901B28576060F6147DF51
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1CFECD28794B9FC0054C456DADB12FD5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1
Frame ID: 63B969F1EF1F6DE25AB5A60119A1E0C2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1
Frame ID: 71FEB0FECB8A2882A889886C5DD2AF28
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 46511058BC2AF3EB6CACCFEC54EFE69F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9EDC21617B766E6CC8D9729D21A3272B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cp0SzZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgSyAU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kNocW4UOz0Aw1ajQ-IBRx8zOdXdL8JBQcwG-ao8M4r-PBT2k_BuuABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODI4MDc3ODAyMzk2MTcwNxgA&sigh=nl5BmtjEryA&uach_m=[UACH]&cid=CAQSOwDq26N9i_37GMmjwfuZOQaQdRs-ppFA3FT1gKLebX3bLvZgNmajVdvs0NjXZAiGavJPsGb4o5VndKPQGAEgEw
Frame ID: B21B4A1DFE8519281E960726B56F0A29
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k7va0j6x9as4mbbwnbfhzpg5596vbsjpcbs1bq9k6tvdx4xgbbqd6stxes43vn5pppdb3fr61ndv99raqn29a0vzydy5j2v649ggzbqs1q4w247s4f8frnx79kve4qnn27nw05zw9tfyws1p14rbae6f1fhrr4bm1knga71q5ra6v3t98y1hv5gjb44b59k93vmvwmgp3pzkm33hcr2h004y7wfk4x3yj4r1prtefmanv5h7d1ak6vc09sets4axtg6e7g2sa1hfhxcbwapxbfja2ygyy4y3q006pjypd6e9y3ax6sncxrf6arxaf6804ryptvrd5sehzxz15nqxkm012hc2kbjskvjzh6vf9kfxjw7sn7kkqkwx89mk26bkqwqghpna47924bx38a8y2pd08fh3tdnd7h3yzabqbswcgz9&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8CdtZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgS1AU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kdIU3c5RKV0z97Xyo-l3jAQqJV3_2CgzBQK3TMTussc_ZmrWgRiNhKoqABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1sswXrGzIKKqDbbj1UWvJiBGLHyA%26client%3Dca-pub-8280778023961707%26adurl%3D
Frame ID: A9D4CC8A227E512DBB1BE3C76CB7C4E0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 152EC6E2D58EBA766CE8832D3C0692E0
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Frame ID: CD5ACC0BACBBC1BD0CB77BF67D236993
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Frame ID: 4FA7A0A1F61685FC458AF4D807D376F5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Frame ID: C10D68ED307DD0673CC82B4AEC2AEC8F
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: ABFABAE3E73D17D30E940D1CF623E0CA
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C321034&b=241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwV%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=4QZHEf5fAYZ9CGH9HdtzCjWrtbSpTrgbCXz%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=728&d=90&e=&g=71d18fbff1f6a3a04ab286821f509986%2F14655329639347042942&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1673601382527&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgst4qspnsd5p79kzhzbn72f3jg37pryjr6nptan96x42thtadmcbfxp86246ycv082keqtdehq64qd0383f1hj33ncrq8hah4k8f8cgdv4hsfdyxf4tf1hb6wpqa8gdmdsyz13ydz46hyka29ja3sps2ggqqtzpdx59hfa982sxzhtf756jmctpbwn6m2xneptg7afhrpe494yskkbtdv5d799zp1mc8vt8ybr7wcvn73ahbgx116ke5qe275pfr28zsq688vnggfhrb10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CdtZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgS1AU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kdIU3c5RKV0z97Xyo-l3jAQqJV3_2CgzBQK3TMTussc_ZmrWgRiNhKoqABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1sswXrGzIKKqDbbj1UWvJiBGLHyA%2526client%253Dca-pub-8280778023961707%2526adurl%253D&y=1&s=&z=0
Frame ID: CEBB8915E481979C403B50311C992392
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 80E8296D82A384D0BC52C4F607D4F953
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2BEB7B3048DE0943ECA24F45E4772AB7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

legion of dynamic discord

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

109
Requests

94 %
HTTPS

60 %
IPv6

24
Domains

32
Subdomains

26
IPs

5
Countries

2263 kB
Transfer

3914 kB
Size

13
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.amazon.com/Attack-50-Foot-Blockchain-Contracts-ebook/dp/B073CPP581/thelipblo-20/
Title: Attack of the 50-Foot Blockchain

Search URL Search Domain Scan URL

URL: https://www.worldipv6launch.org/

Search URL Search Domain Scan URL

URL: https://lippard.blogspot.com/
Title: The Lippard Blog

Search URL Search Domain Scan URL

URL: https://www.salon.com/tech/feature/1999/07/22/scientology/index.html
Title: Salon magazine article about Scientology

Search URL Search Domain Scan URL

URL: https://www.kbuxton.com/discordia/
Title: discordian information

Search URL Search Domain Scan URL

URL: https://hack.org/mc/texts/apocrypha2.pdf
Title: The Apocrypha Discordia

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/20090730020410/https://www.geocities.com/Area51/Zone/7971/panpleasant/apocrypha.html
Title: Internet Archive of HTML

Search URL Search Domain Scan URL

URL: http://www.emperornorton.net/
Title: Emperor Norton I

Search URL Search Domain Scan URL

URL: https://www.discordia.ch/Programs/
Title: The Emperor Norton Utilities

Search URL Search Domain Scan URL

URL: https://fnord.org/
Title: fnord.org

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/19981203030046/www.whatis.com/fnord.htm
Title: www.whatis.com/fnord.htm

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=bUqVrH4luXc&feature=youtu.be
Title: Adam Gorightly on the publishing history of the Principia Discordia

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/20190102191404/http://www.openspf.org/
Title: Sender Policy Framework (SPF)

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/20040603011449/http://www.microsoft.com/mscorp/twc/privacy/spam_callerID.mspx
Title: Caller ID for E-Mail

Search URL Search Domain Scan URL

URL: https://www.google.com/

Search URL Search Domain Scan URL

URL: https://www.openbsd.org/

Search URL Search Domain Scan URL

URL: https://www.isipp.com/iadb.php

Search URL Search Domain Scan URL

URL: https://www.discord.org/leonard
Title: Uncle Joe's Discord

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 66

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 68

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMdeJ8iUo5IFLLcN-iDMBpU&google_cver=1&google_push=AavPq0MvXpX2sshsy48vxPdNZAsadbq-WfgbntLN_GPY6MabwqZbM-H6Z8FUemA92ZWfnEZLRUNBJEFjkbFl1Qu3OT_kNR6RePp1Byc HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMdeJ8iUo5IFLLcN-iDMBpU&google_cver=1&google_push=AavPq0MvXpX2sshsy48vxPdNZAsadbq-WfgbntLN_GPY6MabwqZbM-H6Z8FUemA92ZWfnEZLRUNBJEFjkbFl1Qu3OT_kNR6RePp1Byc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZXFjUWJZNWYxUGdnYUc1&google_gid=CAESEMdeJ8iUo5IFLLcN-iDMBpU&google_cver=1&google_push=AavPq0MvXpX2sshsy48vxPdNZAsadbq-WfgbntLN_GPY6MabwqZbM-H6Z8FUemA92ZWfnEZLRUNBJEFjkbFl1Qu3OT_kNR6RePp1Byc

Request Chain 70

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEC3VV1ChU3pyW0LusdjMhW4&google_cver=1&google_push=AavPq0Pfksv0ISjoIBgWyQVWxVsZOBIGp9qk-jN4E4aL-YQvD5_QNHqTJ0s9aeSf_EZagDPKG4mf4ZRZuGn8YaucnO0sAkpLkzq7r4G1 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEC3VV1ChU3pyW0LusdjMhW4&google_cver=1&google_push=AavPq0Pfksv0ISjoIBgWyQVWxVsZOBIGp9qk-jN4E4aL-YQvD5_QNHqTJ0s9aeSf_EZagDPKG4mf4ZRZuGn8YaucnO0sAkpLkzq7r4G1&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tfvz5nlxR5m3o780OunTGg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0Pfksv0ISjoIBgWyQVWxVsZOBIGp9qk-jN4E4aL-YQvD5_QNHqTJ0s9aeSf_EZagDPKG4mf4ZRZuGn8YaucnO0sAkpLkzq7r4G1

Request Chain 71

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEMHlbyoBzMQvw5iCOvYOac&google_cver=1&google_push=AavPq0P-SPfjDqSuUlozwNQFx2ad_buk-cBHpL2XbD0oMLLMmhLvq1OzCwRbAj6zpnxccn6ZpvhBFGR_MAgAOg7Dfvq1BkuXVaDXJB1o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENVQjFWOVEtMUMtN09MNg==&google_push=AavPq0P-SPfjDqSuUlozwNQFx2ad_buk-cBHpL2XbD0oMLLMmhLvq1OzCwRbAj6zpnxccn6ZpvhBFGR_MAgAOg7Dfvq1BkuXVaDXJB1o

Request Chain 73

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBnPldYFz8-4-PDP_gBFLn8&google_cver=1&google_push=AavPq0NWoyU-sjwCPsPg7eqSVzbQcuHbHwquxZBFczh32kzM2nxRtFmWzUDtum-XVcwSCj0YOUKsYsqO7-AWf4T2imJS8zJg8Xk8t8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NWoyU-sjwCPsPg7eqSVzbQcuHbHwquxZBFczh32kzM2nxRtFmWzUDtum-XVcwSCj0YOUKsYsqO7-AWf4T2imJS8zJg8Xk8t8s

Request Chain 90

https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneid241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwVoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1673601382_f2b62d70-9322-11ed-ad94-2233c4476c8a

109 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
discord.org/ 6 KB
3 KB 621ms
397ms Document
text/html 2606:4700:3035::ac43:81f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://discord.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:81f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ea22509acbb5f3a229673eb230b1ea382435e54a2c7436e7099f1a3783c4846

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 788d08509fc69ba0-FRA
content-encoding: br
content-type: text/html
date: Fri, 13 Jan 2023 09:16:20 GMT
last-modified: Sat, 07 Jan 2023 17:17:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsQZCCQ4%2BX3ZdXHNCXHLAEN4HzCFZnHcuKPvMShY%2FkV1UOrZ%2BGYvy8MirKaG2wWcDGRK59rkflfH3Bc1GnCUTWSnJArOOw8W79tNeCZi38ndBkBK2YGVzWFqUSpVtdZPvDbdUQGBv4AH1w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 ddate.js Show response
discord.org/ 3 KB
1 KB 397ms
395ms Script
application/javascript 2606:4700:3035::ac43:81f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://discord.org/ddate.js
Requested by: Host: discord.org
URL: https://discord.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:81f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f6c08d122cb5100e5fc413efc7958ff5875cc6a9ec184791635acecf9b52696

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discord.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:20 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 10 Jan 2022 01:31:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPMmr64EgFpPEUNRoR%2F1CzW99KSGXVDsmrYd%2FCgIQG4wkgr9bpLaTQuHUovgRj7kdPL3koZ%2FRgwNxcVhntJLI%2BAlRgZDZroiNbsvcFc4ZWlQ%2BdNYWMEeFpbUtiLbrHdW047cXnIknNOvbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 788d0853fda49ba0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 World_IPv6_launch_banner_128.png
www.worldipv6launch.org/wp-content/themes/ipv6/downloads/ 8 KB
8 KB 353ms
99ms Image
image/png 2a02:26f0:10e::6860:5ba2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.worldipv6launch.org/wp-content/themes/ipv6/downloads/World_IPv6_launch_banner_128.png

Requested by

Host: discord.org
URL: https://discord.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::6860:5ba2 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

1d6a9bf47f17d08ebd3be570f94321b0e2a1b7dc6c7957a635662b9bf5beda8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discord.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:20 GMT
strict-transport-security: max-age=15768000
last-modified: Mon, 27 Aug 2018 09:50:17 GMT
server: nginx
x-amz-cf-pop: MXP64-C2
etag: "5b83c959-1fbe"
content-type: image/png
cache-control: max-age=15198
accept-ranges: bytes
content-length: 8126
x-amz-cf-id: t6vGznPujjnGa38O3qT1GrVkCL304wor98Tr5wUP6XD4lnXf1QYx1Q==
expires: Fri, 13 Jan 2023 13:29:38 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 200ms
101ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: discord.org
URL: https://discord.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31d9ddfd5aa343ae6554a44fa1344b430c8968bd19795e67090e177135179c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discord.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49518
x-xss-protection: 0
server: cafe
etag: 12737597945816938511
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 09:16:20 GMT

GET
H2 200 Logo_25wht.gif
www.google.com/logos/ 2 KB
2 KB 85ms
29ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/logos/Logo_25wht.gif

Requested by

Host: discord.org
URL: https://discord.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4488333adcd7deb7572caaa680e1a4d9df638ed0738f20b064408fd67fac9428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discord.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 12:00:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1607
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 13 Jan 2023 09:16:20 GMT

GET
H2 200 openbsdpower.gif
discord.org/icons/ 3 KB
4 KB 386ms
383ms Image
image/gif 2606:4700:3035::ac43:81f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discord.org/icons/openbsdpower.gif
Requested by: Host: discord.org
URL: https://discord.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:81f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc8935eab32560a568ab0c2e4a7dab444dd0b1dc2e0210593ced343e8f350d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discord.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:20 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 22 Dec 2011 23:18:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAV%2BTdcyF5Gm9abqPpTWuXUdx7soYG2AEpTKNNsFVNZ29Y3dtrtPGSPHfOU83v8YpkY5%2F6uAH8dTr3W7Rma2q4ggc%2BXka40yZMeN7ejrVlRPltLRN05MqqupOKc2At87roYk72uJPeHzwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 788d0853fdad9ba0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3334

GET
H2 200 iadb-logo.jpg
discord.org/icons/ 29 KB
30 KB 396ms
393ms Image
image/jpeg 2606:4700:3035::ac43:81f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discord.org/icons/iadb-logo.jpg
Requested by: Host: discord.org
URL: https://discord.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:81f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f22179ab929ec12233cb5c427e79ffe36688935b7a79a43e6e966d08cb4e6c0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discord.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:20 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 22 Dec 2011 23:20:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33f7fJ4ERAx7JYlH%2BzlOnp0iSZzJ%2F9cEIv%2BuQXqTB4h%2BpBVQfmRnNQruk8kBOPQa7zK5s0Ba993qtKGRkPCOy%2BqDax%2BhyeyWKxjwjLoUhcsK%2FXvykxvEuMNPbi2T1R2sICsnVonqk92KRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 788d0853fdae9ba0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30138

GET
H2 200 discord.jpg
discord.org/images/ 2 KB
2 KB 391ms
390ms Image
image/jpeg 2606:4700:3035::ac43:81f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discord.org/images/discord.jpg
Requested by: Host: discord.org
URL: https://discord.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:81f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7c866697b6d0a1b31a9d6a6b02f900781f931cb4717511d2465aba88118695a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discord.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:20 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 14 Sep 1999 03:18:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KcqGEn5e36yIxQxbEprjQG3hsC4jdA%2BO6tQHJVxFZPqisfbJsh3f65MrTYfJdN4FS1SEvdcP4AT02%2BRO3IjCPmQtVlYHhX%2BFh7hcKdBux0Xbs%2FV6OpEE%2FafOx3zhoXa%2FmN5MAl0DPkeUfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 788d0853fdb29ba0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2024

GET
H3 200 ipv4or6.pl Show response
discord.org/cgi-bin/ Frame 0552 104 B
549 B 377ms
376ms Document
text/html 2606:4700:3035::ac43:81f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://discord.org/cgi-bin/ipv4or6.pl
Requested by: Host: discord.org
URL: https://discord.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:81f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caa783c709a6961ab22200c02d0896ee059807fd56458087c18412f8a8606ea8

Request headers

Referer: https://discord.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 788d08567af92bc7-FRA
content-encoding: br
content-type: text/html
date: Fri, 13 Jan 2023 09:16:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97msnCrCC2quSwkayY2NR6KsbEzRBhonCdaQq0Sjzz3YImJYkuPYM4L24sMgrQuQ1u83puzP31ProjXNeKzMwpjR5llbjD1IXtDAPrh3mhLYY6GXQ%2BGU7y3aevkSXV2EJ6m9T7pa3WSGLA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 356 KB
117 KB 102ms
102ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8280778023961707&plah=discord.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30b414e63e540e7ccc4d1c2790f01d96d420452db53606a3de775fbdb7463197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discord.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119973
x-xss-protection: 0
server: cafe
etag: 13696131441240402094
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 09:16:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/ Frame 9F5B 10 KB
5 KB 130ms
33ms Document
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29033
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 01:12:28 GMT
etag: 10353107486223812946
expires: Fri, 27 Jan 2023 01:12:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
695 B 79ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=discord.org&callback=_gfp_s_&client=ca-pub-8280778023961707&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8280778023961707&plah=discord.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa6a70ffa48cc7ca38bf67860c9ea45f92218c320c00b5a9aed948aca55e6ed1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discord.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 174ms
57ms Script
application/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=discord.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discord.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 94ms
31ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=discord.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discord.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2A25 92 KB
33 KB 536ms
535ms Document
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8280778023961707&output=html&h=280&slotname=8487228440&adk=4078063067&adf=1482507344&pi=t.ma~as.8487228440&w=1200&fwrn=4&fwrnh=100&lmt=1673111830&rafmt=1&format=1200x280&url=https%3A%2F%2Fdiscord.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673601380873&bpp=11&bdt=539&idt=244&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&correlator=6218421071876&frm=20&pv=2&ga_vid=2080548781.1673601381&ga_sid=1673601381&ga_hid=1164508892&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3925006714193045&tmod=1727053975&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=SMLbbXGJTY&p=https%3A//discord.org&dtd=258

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adf46f0f237f4bac5044b5001efc5fb5e35c76546194f4e0ea8fef36558d63bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33381
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 09:16:21 GMT
expires: Fri, 13 Jan 2023 09:16:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9165 233 KB
63 KB 595ms
595ms Document
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8280778023961707&output=html&adk=1812271804&adf=3025194257&lmt=1673111830&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fdiscord.org%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673601380897&bpp=1&bdt=563&idt=241&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=6218421071876&frm=20&pv=1&ga_vid=2080548781.1673601381&ga_sid=1673601381&ga_hid=1164508892&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3925006714193045&tmod=1727053975&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=248

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07cfa1b11432962e4d8675b31cafdad6b983e9062cc6e10e5f21753cee454a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 64250
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 09:16:21 GMT
expires: Fri, 13 Jan 2023 09:16:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1fa652aa70ababc78244f8b54c5f124c.js Show response
www.gstatic.com/mysidia/ Frame 2A25 9 KB
5 KB 119ms
33ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1fa652aa70ababc78244f8b54c5f124c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8280778023961707&output=html&h=280&slotname=8487228440&adk=4078063067&adf=1482507344&pi=t.ma~as.8487228440&w=1200&fwrn=4&fwrnh=100&lmt=1673111830&rafmt=1&format=1200x280&url=https%3A%2F%2Fdiscord.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673601380873&bpp=11&bdt=539&idt=244&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&correlator=6218421071876&frm=20&pv=2&ga_vid=2080548781.1673601381&ga_sid=1673601381&ga_hid=1164508892&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3925006714193045&tmod=1727053975&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=SMLbbXGJTY&p=https%3A//discord.org&dtd=258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efaee115f8c9c7c11e2e17bd4d580db1136571500686a8f68cdba7a5117576a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4234
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 01:56:13 GMT

GET
H2 200 1361b6196af0d1e07082d1e4b1fa3dae.js Show response
www.gstatic.com/mysidia/ Frame 2A25 10 KB
4 KB 120ms
34ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1361b6196af0d1e07082d1e4b1fa3dae.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b81de03dc76c342204854b74474275c57695d85b80f5a5406eaf0af8323f2352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:56:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4492
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 01:56:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2A25 8 KB
1 KB 77ms
28ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 13 Jan 2023 09:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 08:34:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Jan 2023 09:16:21 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 2A25 2 KB
818 B 20ms
19ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:01:06 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame 2A25 22 KB
9 KB 82ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:01:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 2A25 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:01:06 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 2A25 18 KB
7 KB 83ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:01:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A25 157 KB
49 KB 184ms
87ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Jan 2023 09:16:21 GMT

GET
H2 200 3dc49c9b9e6a6b78323daad710439309.js Show response
www.gstatic.com/mysidia/ Frame 2A25 33 KB
14 KB 33ms
32ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3dc49c9b9e6a6b78323daad710439309.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14046
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 01:56:14 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 150 KB
51 KB 114ms
114ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b603ade38ad776f731d6a818da597da1c90c748e572ee9adce19b0b190b3cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discord.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52354
x-xss-protection: 0
server: cafe
etag: 10416526248683264750
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 09:16:21 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 57ms
56ms Script
application/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=discord.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discord.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 30ms
29ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=discord.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discord.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E7F3 31 KB
12 KB 312ms
312ms Document
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8280778023961707&output=html&h=90&adk=3275936948&adf=1148928269&pi=t.aa~a.198987588~i.8~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673111830&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1247212538&ad_type=text_image&format=1200x90&url=https%3A%2F%2Fdiscord.org%2F&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673601381792&bpp=1&bdt=1458&idt=1&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2259475650fa262a-2236b10041db0073%3AT%3D1673601381%3ART%3D1673601381%3AS%3DALNI_MYJVy6_GeBvngo7XQo8NIWqwrvnvw&gpic=UID%3D00000ba1fc0f74e4%3AT%3D1673601381%3ART%3D1673601381%3AS%3DALNI_MaTMvoTRBGB5HFfAwpUpwdpaIvoIg&prev_fmts=1200x280%2C0x0&nras=2&correlator=6218421071876&frm=20&pv=1&ga_vid=2080548781.1673601381&ga_sid=1673601381&ga_hid=1164508892&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3925006714193045&tmod=1727053975&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sW5YBWksfB&p=https%3A//discord.org&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ba0fba0603bdcee9944bf383b409f6a8d399c8c6de9479c5a0887eddcfba22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12645
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 09:16:22 GMT
expires: Fri, 13 Jan 2023 09:16:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2A25 0
0 76ms
75ms Fetch
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_ICHZSHBY5bTCrvEmLAPpoOO0ArRrb27boyA1NKKEO3Ug72SDhABIJqn9QFglYKAgJQHoAHvnf_bKMgBAakC9kUllIQgez6oAwHIA8sEqgS8AU_QaCDHO7mnP7g1BgkarXoQ2jgttFlDU7UFWU35nPkBnYWyHDaC0DlppnJz6O2Emowvx7PaXhcNjFPcEmuVxWk2xSSV5T1pQmyO1upWURSW1GUSdKbjQDwIrfpV3ASXUhS2ktLxl4Jw8wlxencui-3l4HqPNZUab_MAVZqxBITNw55dQgq1xJ3m5hLvw3GZOHcQAGsUSo-iy-GtlT0BzYCfwAzYDEX1iJtXRJ_Qy_AeT5oEzcksscgbDaGFwASprZKz_gOSBQQIBBgBkgUECAUYBIAHnsPVuwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCY7AHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUBNAVAYAXAbIXHAoaCAASFHB1Yi04MjgwNzc4MDIzOTYxNzA3GAA&sigh=X9jF2W4qhiA&uach_m=[UACH]&cid=CAQSGwDq26N9epZXaik28FOlf4RpSd1PO-shiicZEBgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8280778023961707&output=html&h=280&slotname=8487228440&adk=4078063067&adf=1482507344&pi=t.ma~as.8487228440&w=1200&fwrn=4&fwrnh=100&lmt=1673111830&rafmt=1&format=1200x280&url=https%3A%2F%2Fdiscord.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673601380873&bpp=11&bdt=539&idt=244&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&correlator=6218421071876&frm=20&pv=2&ga_vid=2080548781.1673601381&ga_sid=1673601381&ga_hid=1164508892&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3925006714193045&tmod=1727053975&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=SMLbbXGJTY&p=https%3A//discord.org&dtd=258
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 13 Jan 2023 09:16:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 13 Jan 2023 09:16:21 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1CFE 143 B
166 B 34ms
33ms Document
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8280778023961707&output=html&h=280&slotname=8487228440&adk=4078063067&adf=1482507344&pi=t.ma~as.8487228440&w=1200&fwrn=4&fwrnh=100&lmt=1673111830&rafmt=1&format=1200x280&url=https%3A%2F%2Fdiscord.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673601380873&bpp=11&bdt=539&idt=244&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&correlator=6218421071876&frm=20&pv=2&ga_vid=2080548781.1673601381&ga_sid=1673601381&ga_hid=1164508892&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=295&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3925006714193045&tmod=1727053975&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=SMLbbXGJTY&p=https%3A//discord.org&dtd=258
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1959
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 08:43:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2A25 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35dc1e07839c624b878755af00ec2780c5432275934adc30152795c39d52641d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1CFE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

110ms
110ms

Document
text/html

2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 09:16:21 GMT
expires: Fri, 13 Jan 2023 09:16:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 09:16:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 55ms
54ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=discord.org

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discord.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=discord.org

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discord.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/ Frame 63B9 10 KB
4 KB 34ms
33ms Document
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 01:12:24 GMT
etag: 10353107486223812946
expires: Fri, 27 Jan 2023 01:12:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/ Frame 71FE 10 KB
4 KB 34ms
33ms Document
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 01:12:24 GMT
etag: 10353107486223812946
expires: Fri, 27 Jan 2023 01:12:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 63B9 4 KB
732 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 13 Jan 2023 09:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 08:05:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Jan 2023 09:16:22 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 63B9 205 B
229 B 32ms
32ms Image
image/png 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 05:28:43 GMT
x-content-type-options: nosniff
age: 13659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 13 Jan 2024 05:28:43 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 63B9 604 B
628 B 33ms
32ms Image
image/png 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 22:03:39 GMT
x-content-type-options: nosniff
age: 40363
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 12 Jan 2024 22:03:39 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/ Frame 63B9 19 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:40:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48960
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8191
x-xss-protection: 0
server: cafe
etag: 7335088802737092762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:40:22 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 71FE 0
0 77ms
76ms Fetch
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2kRGZSHBY_qaDNnPywXr_IDIBYOohvZtgeH4uOoQzrWlu4wOEAEgmqf1AWCVgoCAlAegAZyv-6gCyAECqAMByAPJBKoEwAFP0NypAFDG5mKjdvxpFJQOZhS5abwi_51kOn7VDAPPbp68sq2IhawcHyn3v2fc9-6_l1JYiRX8SgIr783pM85K3pQA4C7iIktLHPDbaytv4dqimlrT4d8FCW5UYcQWwQA9TNMtRDky4x2wt8FZkji3rx8ohUlKHacZoMsxyS9a6qm80KSDlE-r6jFboWv-qX4-YMmgAbEfX2L5uZAj9F09pVsGqaAjO3m6TO7T94lXabOwJi_GIwrJH8ge_FBL4i7ABOiNnq2xBJIFBAgEGAGSBQQIBRgEoAYCgAfM0ITXAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPiyBtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMO0BUBmBYBgBcBshccChoIABIUcHViLTgyODA3NzgwMjM5NjE3MDcYAA&sigh=Cd_bs6XXReg&uach_m=[UACH]&cid=CAQSGwDq26N9TQ97-RhWxD4zhhZh0cPmnHeMAtcH0RgBIBM

Requested by

Host: discord.org
URL: https://discord.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 13 Jan 2023 09:16:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame 71FE 22 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51316
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:01:06 GMT

GET
H3 200 4479272642314150291
tpc.googlesyndication.com/daca_images/simgad/ Frame 71FE 68 KB
68 KB 27ms
26ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/4479272642314150291

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eeb0a46cf5270666c48fc29ec39ad02c36f219c6b82027e4b0e44baf03b585e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 08:45:46 GMT
x-content-type-options: nosniff
age: 261036
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69896
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 01:26:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Jan 2024 08:45:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 71FE 3 KB
1 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51316
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:01:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 71FE 18 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51316
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:01:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 71FE 157 KB
48 KB 118ms
117ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Jan 2023 09:16:22 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 71FE 33 KB
13 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69e3696168c1f8450ca1adc4b18437bfec8cc351b02dc20ab1fa8ff2322b8d8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 21:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43538
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13528
x-xss-protection: 0
server: cafe
etag: 13359207343814801873
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 21:10:44 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 2A25 28 KB
28 KB 69ms
21ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 21:35:41 GMT
x-content-type-options: nosniff
age: 42041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 21:35:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4651 8 KB
895 B 27ms
27ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 13 Jan 2023 09:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 08:01:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Jan 2023 09:16:22 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 4651 2 KB
765 B 25ms
25ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51316
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:01:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame 4651 22 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51316
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:01:06 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 4651 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51316
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:01:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 4651 18 KB
7 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51316
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:01:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4651 157 KB
48 KB 186ms
184ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Jan 2023 09:16:22 GMT

GET
H3 200 3dc49c9b9e6a6b78323daad710439309.js Show response
www.gstatic.com/mysidia/ Frame 4651 33 KB
14 KB 33ms
32ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3dc49c9b9e6a6b78323daad710439309.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14046
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 01:56:14 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9EDC 143 B
166 B 33ms
33ms Document
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1960
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 08:43:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 71FE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f991c9e88058944fd6f26508acdc5c706df1ea9614ab5ae29525d3db460d2af0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B21B 0
0 74ms
74ms Fetch
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cp0SzZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgSyAU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kNocW4UOz0Aw1ajQ-IBRx8zOdXdL8JBQcwG-ao8M4r-PBT2k_BuuABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODI4MDc3ODAyMzk2MTcwNxgA&sigh=nl5BmtjEryA&uach_m=[UACH]&cid=CAQSOwDq26N9i_37GMmjwfuZOQaQdRs-ppFA3FT1gKLebX3bLvZgNmajVdvs0NjXZAiGavJPsGb4o5VndKPQGAEgEw

Requested by

Host: discord.org
URL: https://discord.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8280778023961707&output=html&h=90&adk=3275936948&adf=1148928269&pi=t.aa~a.198987588~i.8~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673111830&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1247212538&ad_type=text_image&format=1200x90&url=https%3A%2F%2Fdiscord.org%2F&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673601381792&bpp=1&bdt=1458&idt=1&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2259475650fa262a-2236b10041db0073%3AT%3D1673601381%3ART%3D1673601381%3AS%3DALNI_MYJVy6_GeBvngo7XQo8NIWqwrvnvw&gpic=UID%3D00000ba1fc0f74e4%3AT%3D1673601381%3ART%3D1673601381%3AS%3DALNI_MaTMvoTRBGB5HFfAwpUpwdpaIvoIg&prev_fmts=1200x280%2C0x0&nras=2&correlator=6218421071876&frm=20&pv=1&ga_vid=2080548781.1673601381&ga_sid=1673601381&ga_hid=1164508892&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3925006714193045&tmod=1727053975&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sW5YBWksfB&p=https%3A//discord.org&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 13 Jan 2023 09:16:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame B21B 0
0 82ms
29ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hkn05sxx6dhny1pfaahyy0tmshf63hmhepsns0thz2yvsr2z571mmm8d0j7q7wykchmme1agwryecfert0bmb5mxh0fjhmjte0m72x9vc3vzzy1vya2mn5p1s1pmqrwftmzpvgr5bbq92bykkbw2ndbenadsrgy2sg061xtzhctqztpkydhkp8vtbbnjgazvkgdygsxty7gqehep8dmd7jxcbr7jqjx314476eqpadkzg7hm5y13kn3zavwgmrsyrydyhrkyy3d58ybkawgf57h5nz6hdgsxk5m1g8tmmdm3tcdkbnxw2yke1wbthsggv9qxks67yyq88bcjbrngq9nf38s958wpcnc9jc28e6x6gdpxyz51gxm36jbpn5vt1wxds0bsc&b=Y8EhZQANAmUKsp9eAA3TXN5D0q0s-xoX6z6rYw
Requested by: Host: discord.org
URL: https://discord.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 13 Jan 2023 09:16:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame A9D4 2 KB
3 KB 98ms
47ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1k7va0j6x9as4mbbwnbfhzpg5596vbsjpcbs1bq9k6tvdx4xgbbqd6stxes43vn5pppdb3fr61ndv99raqn29a0vzydy5j2v649ggzbqs1q4w247s4f8frnx79kve4qnn27nw05zw9tfyws1p14rbae6f1fhrr4bm1knga71q5ra6v3t98y1hv5gjb44b59k93vmvwmgp3pzkm33hcr2h004y7wfk4x3yj4r1prtefmanv5h7d1ak6vc09sets4axtg6e7g2sa1hfhxcbwapxbfja2ygyy4y3q006pjypd6e9y3ax6sncxrf6arxaf6804ryptvrd5sehzxz15nqxkm012hc2kbjskvjzh6vf9kfxjw7sn7kkqkwx89mk26bkqwqghpna47924bx38a8y2pd08fh3tdnd7h3yzabqbswcgz9&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8CdtZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgS1AU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kdIU3c5RKV0z97Xyo-l3jAQqJV3_2CgzBQK3TMTussc_ZmrWgRiNhKoqABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1sswXrGzIKKqDbbj1UWvJiBGLHyA%26client%3Dca-pub-8280778023961707%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8280778023961707&output=html&h=90&adk=3275936948&adf=1148928269&pi=t.aa~a.198987588~i.8~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673111830&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1247212538&ad_type=text_image&format=1200x90&url=https%3A%2F%2Fdiscord.org%2F&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673601381792&bpp=1&bdt=1458&idt=1&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2259475650fa262a-2236b10041db0073%3AT%3D1673601381%3ART%3D1673601381%3AS%3DALNI_MYJVy6_GeBvngo7XQo8NIWqwrvnvw&gpic=UID%3D00000ba1fc0f74e4%3AT%3D1673601381%3ART%3D1673601381%3AS%3DALNI_MaTMvoTRBGB5HFfAwpUpwdpaIvoIg&prev_fmts=1200x280%2C0x0&nras=2&correlator=6218421071876&frm=20&pv=1&ga_vid=2080548781.1673601381&ga_sid=1673601381&ga_hid=1164508892&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3925006714193045&tmod=1727053975&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sW5YBWksfB&p=https%3A//discord.org&dtd=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30d57bd9442e346d06dfe5a2de9d1cfa94c6409bcc421d9cbfa1425447e7269c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 788d085eacbc8ffe-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 09:16:22 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame B21B 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51316
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:01:06 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 152E 1 KB
643 B 34ms
33ms Document
text/html 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6499
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 07:28:03 GMT
etag: 48472445140208031
expires: Sat, 14 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame B21B 18 KB
7 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51316
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:01:06 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B21B 0
0 28ms
28ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTxOBmEMxI4jzO2_VskwKshDz0qIRiK9WlAX7kC3d2c8x5G37R9UXSctO-ve1YUz3LdK4IVGh8kvvDazAd2kAk9mgYBww
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8280778023961707&output=html&h=90&adk=3275936948&adf=1148928269&pi=t.aa~a.198987588~i.8~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673111830&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1247212538&ad_type=text_image&format=1200x90&url=https%3A%2F%2Fdiscord.org%2F&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673601381792&bpp=1&bdt=1458&idt=1&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2259475650fa262a-2236b10041db0073%3AT%3D1673601381%3ART%3D1673601381%3AS%3DALNI_MYJVy6_GeBvngo7XQo8NIWqwrvnvw&gpic=UID%3D00000ba1fc0f74e4%3AT%3D1673601381%3ART%3D1673601381%3AS%3DALNI_MaTMvoTRBGB5HFfAwpUpwdpaIvoIg&prev_fmts=1200x280%2C0x0&nras=2&correlator=6218421071876&frm=20&pv=1&ga_vid=2080548781.1673601381&ga_sid=1673601381&ga_hid=1164508892&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3925006714193045&tmod=1727053975&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sW5YBWksfB&p=https%3A//discord.org&dtd=5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B21B 157 KB
48 KB 131ms
130ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Jan 2023 09:16:22 GMT

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame CD5A 36 KB
16 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 10:08:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 10:08:56 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9EDC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

74ms
73ms

Document
text/html

2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 09:16:22 GMT
expires: Fri, 13 Jan 2023 09:16:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 09:16:22 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B21B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bf0a68607af5fc871578125e311f5ce0a0f527cf8f8297fe4ad1f5558009a01

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 152E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMdeJ8iUo5IFLLcN-iDMBpU&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMdeJ8iUo5IFLLcN-iDMBpU&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZXFjUWJZNWYxUGdnYUc1&google_gid=CAESEMdeJ8iUo5IFLLcN-iDMBpU&google_cver=1&google_push=AavPq0MvXpX2sshsy48vxPdNZAsadbq-WfgbntLN_GPY6Ma...

170 B
232 B

31ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZXFjUWJZNWYxUGdnYUc1&google_gid=CAESEMdeJ8iUo5IFLLcN-iDMBpU&google_cver=1&google_push=AavPq0MvXpX2sshsy48vxPdNZAsadbq-WfgbntLN_GPY6MabwqZbM-H6Z8FUemA92ZWfnEZLRUNBJEFjkbFl1Qu3OT_kNR6RePp1Byc

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 09:16:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 13 Jan 2023 09:16:21 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-075e74b4adcf14728@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZXFjUWJZNWYxUGdnYUc1&google_gid=CAESEMdeJ8iUo5IFLLcN-iDMBpU&google_cver=1&google_push=AavPq0MvXpX2sshsy48vxPdNZAsadbq-WfgbntLN_GPY6MabwqZbM-H6Z8FUemA92ZWfnEZLRUNBJEFjkbFl1Qu3OT_kNR6RePp1Byc
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 152E 0
172 B 72ms
26ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEB4i0L4L4e1SUdWcxprdnEE&google_cver=1&google_push=AavPq0O6dPl4tlvVotBERkteqFJgYeZU9oc8HAdZieWl54NlTPmpw3aVSldaF_nTDTgtWLmCANj4OMFvMDMGpi6jmsej6LnIgGShXbf2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8280778023961707&output=html&h=90&adk=3275936948&adf=1148928269&pi=t.aa~a.198987588~i.8~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673111830&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1247212538&ad_type=text_image&format=1200x90&url=https%3A%2F%2Fdiscord.org%2F&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673601381792&bpp=1&bdt=1458&idt=1&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2259475650fa262a-2236b10041db0073%3AT%3D1673601381%3ART%3D1673601381%3AS%3DALNI_MYJVy6_GeBvngo7XQo8NIWqwrvnvw&gpic=UID%3D00000ba1fc0f74e4%3AT%3D1673601381%3ART%3D1673601381%3AS%3DALNI_MaTMvoTRBGB5HFfAwpUpwdpaIvoIg&prev_fmts=1200x280%2C0x0&nras=2&correlator=6218421071876&frm=20&pv=1&ga_vid=2080548781.1673601381&ga_sid=1673601381&ga_hid=1164508892&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3925006714193045&tmod=1727053975&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sW5YBWksfB&p=https%3A//discord.org&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 152E
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tfvz5nlxR5m3o780OunTGg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

31ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tfvz5nlxR5m3o780OunTGg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0Pfksv0ISjoIBgWyQVWxVsZOBIGp9qk-jN4E4aL-YQvD5_QNHqTJ0s9aeSf_EZagDPKG4mf4ZRZuGn8YaucnO0sAkpLkzq7r4G1

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 09:16:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tfvz5nlxR5m3o780OunTGg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0Pfksv0ISjoIBgWyQVWxVsZOBIGp9qk-jN4E4aL-YQvD5_QNHqTJ0s9aeSf_EZagDPKG4mf4ZRZuGn8YaucnO0sAkpLkzq7r4G1
date: Fri, 13 Jan 2023 09:16:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 152E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEMHlbyoBzMQvw5iCOvYOac&google_cver=1&google_push=AavPq0P-SPfjDqSuUlozwNQFx2ad_buk-cBHpL2XbD0oMLLMmhLvq1OzCwRbAj6zpnxccn6Zpvh...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENVQjFWOVEtMUMtN09MNg==&google_push=AavPq0P-SPfjDqSuUlozwNQFx2ad_buk-cBHpL2XbD0oMLLMmhLvq1OzCwRbAj6zpnxccn6ZpvhBFGR_MAgAOg7Dfvq1BkuXVaDXJB1o

170 B
232 B

31ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENVQjFWOVEtMUMtN09MNg==&google_push=AavPq0P-SPfjDqSuUlozwNQFx2ad_buk-cBHpL2XbD0oMLLMmhLvq1OzCwRbAj6zpnxccn6ZpvhBFGR_MAgAOg7Dfvq1BkuXVaDXJB1o

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 09:16:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENVQjFWOVEtMUMtN09MNg==&google_push=AavPq0P-SPfjDqSuUlozwNQFx2ad_buk-cBHpL2XbD0oMLLMmhLvq1OzCwRbAj6zpnxccn6ZpvhBFGR_MAgAOg7Dfvq1BkuXVaDXJB1o
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 152E 43 B
296 B 275ms
37ms Image
image/gif 2a05:d01c:1d8:8100:89cd:9115:4cec:baf2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEAr-ME0WDJ6cyFWtYd_C2u0&google_cver=1&google_push=AavPq0NgNIdMDbA33us3I2ZUtj-NqpMcDMViOs33jrqBnFMJ-3nQq5yiNyiNz9RK2o-uku4vznCFItrisk0e9Zo8In8fVhiRME5_2HA9
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8280778023961707&output=html&h=90&adk=3275936948&adf=1148928269&pi=t.aa~a.198987588~i.8~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1673111830&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1247212538&ad_type=text_image&format=1200x90&url=https%3A%2F%2Fdiscord.org%2F&fwr=0&pra=3&rh=200&rw=1584&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673601381792&bpp=1&bdt=1458&idt=1&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2259475650fa262a-2236b10041db0073%3AT%3D1673601381%3ART%3D1673601381%3AS%3DALNI_MYJVy6_GeBvngo7XQo8NIWqwrvnvw&gpic=UID%3D00000ba1fc0f74e4%3AT%3D1673601381%3ART%3D1673601381%3AS%3DALNI_MaTMvoTRBGB5HFfAwpUpwdpaIvoIg&prev_fmts=1200x280%2C0x0&nras=2&correlator=6218421071876&frm=20&pv=1&ga_vid=2080548781.1673601381&ga_sid=1673601381&ga_hid=1164508892&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3925006714193045&tmod=1727053975&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sW5YBWksfB&p=https%3A//discord.org&dtd=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:89cd:9115:4cec:baf2 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 13 Jan 2023 09:16:22 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 152E
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBnPldYFz8-4-PDP_gBFLn8&google_cver=1&google_push=AavPq0NWoyU-sjwCPsPg7eqSVzbQcuHbHwquxZBFczh32kzM2nxRtFmWzUDtum-XVcwSCj0YOUKsYsqO7-AW...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NWoyU-sjwCPsPg7eqSVzbQcuHbHwquxZBFczh32kzM2nxRtFmWzUDtum-XVcwSCj0YOUKsYsqO7-AWf4T2imJS8zJg8Xk8t8s

170 B
329 B

30ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NWoyU-sjwCPsPg7eqSVzbQcuHbHwquxZBFczh32kzM2nxRtFmWzUDtum-XVcwSCj0YOUKsYsqO7-AWf4T2imJS8zJg8Xk8t8s

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 09:16:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NWoyU-sjwCPsPg7eqSVzbQcuHbHwquxZBFczh32kzM2nxRtFmWzUDtum-XVcwSCj0YOUKsYsqO7-AWf4T2imJS8zJg8Xk8t8s
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET googleredir
googlecm.hit.gemius.pl/ Frame 152E 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 152E 0
223 B 91ms
28ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13La2EvnXuzZEp_Ir-iQSxleRijIviOowBhTiEQGeIzMbftOBTJBS4HtbJy-r791kuLc5khq5A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame A9D4 89 KB
11 KB 29ms
28ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k7va0j6x9as4mbbwnbfhzpg5596vbsjpcbs1bq9k6tvdx4xgbbqd6stxes43vn5pppdb3fr61ndv99raqn29a0vzydy5j2v649ggzbqs1q4w247s4f8frnx79kve4qnn27nw05zw9tfyws1p14rbae6f1fhrr4bm1knga71q5ra6v3t98y1hv5gjb44b59k93vmvwmgp3pzkm33hcr2h004y7wfk4x3yj4r1prtefmanv5h7d1ak6vc09sets4axtg6e7g2sa1hfhxcbwapxbfja2ygyy4y3q006pjypd6e9y3ax6sncxrf6arxaf6804ryptvrd5sehzxz15nqxkm012hc2kbjskvjzh6vf9kfxjw7sn7kkqkwx89mk26bkqwqghpna47924bx38a8y2pd08fh3tdnd7h3yzabqbswcgz9&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8CdtZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgS1AU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kdIU3c5RKV0z97Xyo-l3jAQqJV3_2CgzBQK3TMTussc_ZmrWgRiNhKoqABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1sswXrGzIKKqDbbj1UWvJiBGLHyA%26client%3Dca-pub-8280778023961707%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k7va0j6x9as4mbbwnbfhzpg5596vbsjpcbs1bq9k6tvdx4xgbbqd6stxes43vn5pppdb3fr61ndv99raqn29a0vzydy5j2v649ggzbqs1q4w247s4f8frnx79kve4qnn27nw05zw9tfyws1p14rbae6f1fhrr4bm1knga71q5ra6v3t98y1hv5gjb44b59k93vmvwmgp3pzkm33hcr2h004y7wfk4x3yj4r1prtefmanv5h7d1ak6vc09sets4axtg6e7g2sa1hfhxcbwapxbfja2ygyy4y3q006pjypd6e9y3ax6sncxrf6arxaf6804ryptvrd5sehzxz15nqxkm012hc2kbjskvjzh6vf9kfxjw7sn7kkqkwx89mk26bkqwqghpna47924bx38a8y2pd08fh3tdnd7h3yzabqbswcgz9&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8CdtZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgS1AU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kdIU3c5RKV0z97Xyo-l3jAQqJV3_2CgzBQK3TMTussc_ZmrWgRiNhKoqABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1sswXrGzIKKqDbbj1UWvJiBGLHyA%26client%3Dca-pub-8280778023961707%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 246546
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLyaEbV2UyDS1TYeuJCEvXVSl4HjEwR0i3FixgPJGhayPM%2FEHLyAZsC66pSMU4rj21%2FGtH2srA719fEwlfNcVBiUBsohBhLzMDJBuoOAdj1%2FAc2wCDvqAFpLdsN%2B7KMNr6pcDZCvw7w%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 788d085f2d6a8ffe-FRA
expires: Fri, 13 Jan 2023 10:16:22 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame A9D4 35 KB
12 KB 40ms
28ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k7va0j6x9as4mbbwnbfhzpg5596vbsjpcbs1bq9k6tvdx4xgbbqd6stxes43vn5pppdb3fr61ndv99raqn29a0vzydy5j2v649ggzbqs1q4w247s4f8frnx79kve4qnn27nw05zw9tfyws1p14rbae6f1fhrr4bm1knga71q5ra6v3t98y1hv5gjb44b59k93vmvwmgp3pzkm33hcr2h004y7wfk4x3yj4r1prtefmanv5h7d1ak6vc09sets4axtg6e7g2sa1hfhxcbwapxbfja2ygyy4y3q006pjypd6e9y3ax6sncxrf6arxaf6804ryptvrd5sehzxz15nqxkm012hc2kbjskvjzh6vf9kfxjw7sn7kkqkwx89mk26bkqwqghpna47924bx38a8y2pd08fh3tdnd7h3yzabqbswcgz9&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8CdtZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgS1AU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kdIU3c5RKV0z97Xyo-l3jAQqJV3_2CgzBQK3TMTussc_ZmrWgRiNhKoqABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1sswXrGzIKKqDbbj1UWvJiBGLHyA%26client%3Dca-pub-8280778023961707%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 269184
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5LVeXyRJJo%2BS%2Bb4I6VfDOtEb%2FytWq3u%2BzFQ2K0vfDMgSmoft1pi%2FKAF7oVct3QTci6BuLgHl0Hib17WySSlb9BsFVC1nxhCDI86yQZho8CWdCYDvf%2FeUZIynvMRPC67twJOEWI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 788d085f3d878ffe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 10 Jan 2023 06:18:13 GMT

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame 4FA7 36 KB
16 KB 33ms
33ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 10:08:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 10:08:56 GMT

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame C10D 36 KB
16 KB 34ms
34ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Host: discord.org
URL: https://discord.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 10:08:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 10:08:56 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A9D4 3 KB
4 KB 87ms
33ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30505664
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkFBe4pT9CVa6rschBhy2qjAfJSMjX1gFORjsOwQ0lFa2vQaG2cWkKLhSyKX8hvKekp4LQttik%2F3Zjegh3HHf2%2BiW9FPO5fdYkP4QspeMwx5m%2BlZCyB%2FgqaZN%2BevSwv7%2BNJRpXD12b3q08g8WfuCA%2F1z"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 788d085ffa8768ef-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame ABFA 2 KB
1 KB 33ms
32ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 52029
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 788d08600b629b33-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 13 Jan 2023 09:16:22 GMT
expires: Thu, 12 Jan 2023 18:57:16 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cebYfnYM18Mkq5%2BS65geVznV%2BMDYywe5LfQLWqikJTvChwGt4JznCdix68kWFDdG9e1Bhm06DUSHOf6A0YLkN9r7rkAOEp0gQ2RkKi%2FlMtwNNg0dltMD4Js0bMD9%2FAXeFjw1NHk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 149ms
82ms XHR
application/json 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230111&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8fac20a50f89e00152519d91ecaca73297510b4fc02496370bb6a0503e4aeab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discord.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11100
x-xss-protection: 0

POST
H3 200 rs Show response
ad4m.at/ Frame A9D4 1 KB
2 KB 51ms
51ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55e41b56a543cfd9b80465447187f6ef62bb1fd54ed7378f2ad52eb4e8d25cec

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Jan 2023 09:16:22 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73IZ5xeR056SDdrPYGbVQuPjFxPM2su6ugZ%2Fw7R83Iai6Icl8w6ycNSJch%2BsFagsEqikM5rDG97UFckyFGIfUDnGORtbxTRYiMtoePc1Rcmw4L%2FqyPMiBMAqEPaeyez8%2B0oUx9o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 788d0860d9ff92a7-FRA
x-backend-server: aa-reachservice-group-europe-west1-6925
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 67ms
44ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 788d086089bb92a7-FRA
content-length: 24
content-type: text/plain
date: Fri, 13 Jan 2023 09:16:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pa98AAIXrTs6uV%2FNVngjZSFIjg%2BfnQiUDJpGQ%2BUpsUf0Wy7KwIHTxOXRp55I%2FCiYAt2W6Etu0NExnurVEXvimHwR993kp%2FdTsBIRF3GJp1mah39niyIVtMP43oT2gayVpfqcpwU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-6925

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame CEBB 12 KB
4 KB 52ms
51ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=196438%2C183975%2C321034&b=241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwV%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=4QZHEf5fAYZ9CGH9HdtzCjWrtbSpTrgbCXz%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=728&d=90&e=&g=71d18fbff1f6a3a04ab286821f509986%2F14655329639347042942&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1673601382527&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgst4qspnsd5p79kzhzbn72f3jg37pryjr6nptan96x42thtadmcbfxp86246ycv082keqtdehq64qd0383f1hj33ncrq8hah4k8f8cgdv4hsfdyxf4tf1hb6wpqa8gdmdsyz13ydz46hyka29ja3sps2ggqqtzpdx59hfa982sxzhtf756jmctpbwn6m2xneptg7afhrpe494yskkbtdv5d799zp1mc8vt8ybr7wcvn73ahbgx116ke5qe275pfr28zsq688vnggfhrb10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CdtZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgS1AU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kdIU3c5RKV0z97Xyo-l3jAQqJV3_2CgzBQK3TMTussc_ZmrWgRiNhKoqABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1sswXrGzIKKqDbbj1UWvJiBGLHyA%2526client%253Dca-pub-8280778023961707%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30e6b333ad69bc6cbab35ca38dcb6e52f27434517ab509e422114641744689af

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1k7va0j6x9as4mbbwnbfhzpg5596vbsjpcbs1bq9k6tvdx4xgbbqd6stxes43vn5pppdb3fr61ndv99raqn29a0vzydy5j2v649ggzbqs1q4w247s4f8frnx79kve4qnn27nw05zw9tfyws1p14rbae6f1fhrr4bm1knga71q5ra6v3t98y1hv5gjb44b59k93vmvwmgp3pzkm33hcr2h004y7wfk4x3yj4r1prtefmanv5h7d1ak6vc09sets4axtg6e7g2sa1hfhxcbwapxbfja2ygyy4y3q006pjypd6e9y3ax6sncxrf6arxaf6804ryptvrd5sehzxz15nqxkm012hc2kbjskvjzh6vf9kfxjw7sn7kkqkwx89mk26bkqwqghpna47924bx38a8y2pd08fh3tdnd7h3yzabqbswcgz9&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8CdtZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgS1AU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kdIU3c5RKV0z97Xyo-l3jAQqJV3_2CgzBQK3TMTussc_ZmrWgRiNhKoqABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1sswXrGzIKKqDbbj1UWvJiBGLHyA%26client%3Dca-pub-8280778023961707%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 788d08613d5b9b33-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 09:16:22 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discord.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Jan 2023 09:16:22 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame CEBB 89 KB
11 KB 37ms
36ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C321034&b=241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwV%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=4QZHEf5fAYZ9CGH9HdtzCjWrtbSpTrgbCXz%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=728&d=90&e=&g=71d18fbff1f6a3a04ab286821f509986%2F14655329639347042942&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1673601382527&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgst4qspnsd5p79kzhzbn72f3jg37pryjr6nptan96x42thtadmcbfxp86246ycv082keqtdehq64qd0383f1hj33ncrq8hah4k8f8cgdv4hsfdyxf4tf1hb6wpqa8gdmdsyz13ydz46hyka29ja3sps2ggqqtzpdx59hfa982sxzhtf756jmctpbwn6m2xneptg7afhrpe494yskkbtdv5d799zp1mc8vt8ybr7wcvn73ahbgx116ke5qe275pfr28zsq688vnggfhrb10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CdtZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgS1AU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kdIU3c5RKV0z97Xyo-l3jAQqJV3_2CgzBQK3TMTussc_ZmrWgRiNhKoqABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1sswXrGzIKKqDbbj1UWvJiBGLHyA%2526client%253Dca-pub-8280778023961707%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C321034&b=241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwV%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=4QZHEf5fAYZ9CGH9HdtzCjWrtbSpTrgbCXz%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=728&d=90&e=&g=71d18fbff1f6a3a04ab286821f509986%2F14655329639347042942&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1673601382527&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgst4qspnsd5p79kzhzbn72f3jg37pryjr6nptan96x42thtadmcbfxp86246ycv082keqtdehq64qd0383f1hj33ncrq8hah4k8f8cgdv4hsfdyxf4tf1hb6wpqa8gdmdsyz13ydz46hyka29ja3sps2ggqqtzpdx59hfa982sxzhtf756jmctpbwn6m2xneptg7afhrpe494yskkbtdv5d799zp1mc8vt8ybr7wcvn73ahbgx116ke5qe275pfr28zsq688vnggfhrb10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CdtZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgS1AU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kdIU3c5RKV0z97Xyo-l3jAQqJV3_2CgzBQK3TMTussc_ZmrWgRiNhKoqABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1sswXrGzIKKqDbbj1UWvJiBGLHyA%2526client%253Dca-pub-8280778023961707%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 246546
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pN6G4%2FlHXarZxL4Hc2bHcPCdKMYnAAsS%2BL5zhF74Xsia0I6VMHaj6dwzb6c500dW8TdE6EBXwOuKeyEZ%2BeZxOR62aR12D7OUgYd8lu1fyLO2jZNzckJJUgMYk39jwF1%2BGmz8QXcUt8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 788d0861ae429b33-FRA
expires: Fri, 13 Jan 2023 10:16:22 GMT

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame CEBB 8 KB
9 KB 52ms
38ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C321034&b=241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwV%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=4QZHEf5fAYZ9CGH9HdtzCjWrtbSpTrgbCXz%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=728&d=90&e=&g=71d18fbff1f6a3a04ab286821f509986%2F14655329639347042942&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1673601382527&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgst4qspnsd5p79kzhzbn72f3jg37pryjr6nptan96x42thtadmcbfxp86246ycv082keqtdehq64qd0383f1hj33ncrq8hah4k8f8cgdv4hsfdyxf4tf1hb6wpqa8gdmdsyz13ydz46hyka29ja3sps2ggqqtzpdx59hfa982sxzhtf756jmctpbwn6m2xneptg7afhrpe494yskkbtdv5d799zp1mc8vt8ybr7wcvn73ahbgx116ke5qe275pfr28zsq688vnggfhrb10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CdtZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgS1AU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kdIU3c5RKV0z97Xyo-l3jAQqJV3_2CgzBQK3TMTussc_ZmrWgRiNhKoqABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1sswXrGzIKKqDbbj1UWvJiBGLHyA%2526client%253Dca-pub-8280778023961707%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 486626
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PE0ekGU2TdbHgUnUDjrE1fbm7Smr56MEkfI6t5YfZ%2F8bHQzLw8H9yYdE0FyBwXoJD8LQnub79F589BhX8Ly5YyC9Lv46L9NnX5SkEalGGbkDid88pl%2FWDx%2FYDZhOpNDm%2BH79LdEZfHGJpA%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 788d0861b9378ffe-FRA
expires: Sat, 14 Jan 2023 09:16:22 GMT

GET
H2 200 18B94174251C2CF76EA99FD460FAC2CAEA3A9035BC0DAFA1AFA37FFB175B78880F10C9B121A8ACC31AC23630DA7466A11649951F161682DA76B2C6E951030B12
assets.ad4m.at/product_image/ Frame CEBB 317 KB
318 KB 39ms
29ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/18B94174251C2CF76EA99FD460FAC2CAEA3A9035BC0DAFA1AFA37FFB175B78880F10C9B121A8ACC31AC23630DA7466A11649951F161682DA76B2C6E951030B12
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C321034&b=241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwV%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=4QZHEf5fAYZ9CGH9HdtzCjWrtbSpTrgbCXz%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=728&d=90&e=&g=71d18fbff1f6a3a04ab286821f509986%2F14655329639347042942&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1673601382527&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgst4qspnsd5p79kzhzbn72f3jg37pryjr6nptan96x42thtadmcbfxp86246ycv082keqtdehq64qd0383f1hj33ncrq8hah4k8f8cgdv4hsfdyxf4tf1hb6wpqa8gdmdsyz13ydz46hyka29ja3sps2ggqqtzpdx59hfa982sxzhtf756jmctpbwn6m2xneptg7afhrpe494yskkbtdv5d799zp1mc8vt8ybr7wcvn73ahbgx116ke5qe275pfr28zsq688vnggfhrb10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CdtZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgS1AU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kdIU3c5RKV0z97Xyo-l3jAQqJV3_2CgzBQK3TMTussc_ZmrWgRiNhKoqABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1sswXrGzIKKqDbbj1UWvJiBGLHyA%2526client%253Dca-pub-8280778023961707%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aacd45612b2e9d649337425ae38aefe3792922c4625e1f72877c2baed3c2ca0d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 452182
cf-polished: origFmt=png, origSize=451997
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 324910
cf-bgj: imgq:85,h2pri
last-modified: Tue, 14 Jun 2022 08:21:28 GMT
server: cloudflare
etag: "7dada3f3f6321a7ee4badc53b11da1f3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZf1CXR9YFkBuSKMQR4IR%2Bx8azHThciKvUDsRLI7ZgEj0blDG%2BEfPqqqnQaoi7cCkyctVaprFJAy2BMPE7Pm55xMmbIhskZKnyVoGgUdyiDMBK%2BJvyZcKBEj1%2FbXaAoRIK20sGCQLh5qKQwT"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 788d0861b9388ffe-FRA
expires: Sat, 14 Jan 2023 09:16:22 GMT

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame CEBB
Redirect Chain

https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneid241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwVoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1673601382_f2b62d70-9322-11ed-ad94-2233c4476c8a

0
517 B

89ms
13ms

Image
text/plain

87.118.116.9
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1673601382_f2b62d70-9322-11ed-ad94-2233c4476c8a
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C321034&b=241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwV%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=4QZHEf5fAYZ9CGH9HdtzCjWrtbSpTrgbCXz%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=728&d=90&e=&g=71d18fbff1f6a3a04ab286821f509986%2F14655329639347042942&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1673601382527&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgst4qspnsd5p79kzhzbn72f3jg37pryjr6nptan96x42thtadmcbfxp86246ycv082keqtdehq64qd0383f1hj33ncrq8hah4k8f8cgdv4hsfdyxf4tf1hb6wpqa8gdmdsyz13ydz46hyka29ja3sps2ggqqtzpdx59hfa982sxzhtf756jmctpbwn6m2xneptg7afhrpe494yskkbtdv5d799zp1mc8vt8ybr7wcvn73ahbgx116ke5qe275pfr28zsq688vnggfhrb10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CdtZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgS1AU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kdIU3c5RKV0z97Xyo-l3jAQqJV3_2CgzBQK3TMTussc_ZmrWgRiNhKoqABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1sswXrGzIKKqDbbj1UWvJiBGLHyA%2526client%253Dca-pub-8280778023961707%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: km36617.keymachine.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Jan 2023 09:16:22 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Fri, 13 Jan 2023 09:16:22 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1673601382_f2b62d70-9322-11ed-ad94-2233c4476c8a
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame CEBB 127 KB
128 KB 48ms
38ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C321034&b=241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwV%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=4QZHEf5fAYZ9CGH9HdtzCjWrtbSpTrgbCXz%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=728&d=90&e=&g=71d18fbff1f6a3a04ab286821f509986%2F14655329639347042942&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1673601382527&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgst4qspnsd5p79kzhzbn72f3jg37pryjr6nptan96x42thtadmcbfxp86246ycv082keqtdehq64qd0383f1hj33ncrq8hah4k8f8cgdv4hsfdyxf4tf1hb6wpqa8gdmdsyz13ydz46hyka29ja3sps2ggqqtzpdx59hfa982sxzhtf756jmctpbwn6m2xneptg7afhrpe494yskkbtdv5d799zp1mc8vt8ybr7wcvn73ahbgx116ke5qe275pfr28zsq688vnggfhrb10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CdtZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgS1AU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kdIU3c5RKV0z97Xyo-l3jAQqJV3_2CgzBQK3TMTussc_ZmrWgRiNhKoqABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1sswXrGzIKKqDbbj1UWvJiBGLHyA%2526client%253Dca-pub-8280778023961707%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 976760
cf-polished: origFmt=png, origSize=233620
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130164
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:10:51 GMT
server: cloudflare
etag: "d1d171dd651522f41a2fc0dba256a546"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VinMkRpyz3uxJKP0ym513bBOOhNWCuF7dtNLMP%2FDX3lXBsSuOcnJMjVD2mP2Ee3l503PuHvZ8tfJf2j83Wlv8ACxlk1bw9eW1r9jQeApzu4rrfr5wkkQyKk4o0Xy02IF5WdCm0nLhYjxZY3Q"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 788d0861b93a8ffe-FRA
expires: Sat, 14 Jan 2023 09:16:22 GMT

GET
H2 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame CEBB 461 KB
462 KB 47ms
38ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C321034&b=241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwV%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=4QZHEf5fAYZ9CGH9HdtzCjWrtbSpTrgbCXz%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=728&d=90&e=&g=71d18fbff1f6a3a04ab286821f509986%2F14655329639347042942&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1673601382527&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgst4qspnsd5p79kzhzbn72f3jg37pryjr6nptan96x42thtadmcbfxp86246ycv082keqtdehq64qd0383f1hj33ncrq8hah4k8f8cgdv4hsfdyxf4tf1hb6wpqa8gdmdsyz13ydz46hyka29ja3sps2ggqqtzpdx59hfa982sxzhtf756jmctpbwn6m2xneptg7afhrpe494yskkbtdv5d799zp1mc8vt8ybr7wcvn73ahbgx116ke5qe275pfr28zsq688vnggfhrb10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CdtZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgS1AU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kdIU3c5RKV0z97Xyo-l3jAQqJV3_2CgzBQK3TMTussc_ZmrWgRiNhKoqABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1sswXrGzIKKqDbbj1UWvJiBGLHyA%2526client%253Dca-pub-8280778023961707%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 964499
cf-polished: origFmt=png, origSize=731561
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 471752
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qM6Q1aoHgveLy92%2BwKeJouc53uaxz0DEj2uIIQfheuEqeFvu9FkKxEU5VBuRvdtORZ33tQsyR0CHmBa1wbcwaBBPYjCrrd6pFgGuRuljDLYCuvmFIZgC43NjOVhPeqxajhW183xcK4RoX5g"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 788d0861b93c8ffe-FRA
expires: Sat, 14 Jan 2023 09:16:22 GMT

GET
H2 200 F2696AE884D1EB814BAC836D7ECEB3E3842C890A7F3525161F7565B21132CACC0AD310A864434D76C9D56FE1B71A52BBF7870DA7440A2E17DF2B23750AE47772
assets.ad4m.at/logo/ Frame CEBB 3 KB
4 KB 47ms
38ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F2696AE884D1EB814BAC836D7ECEB3E3842C890A7F3525161F7565B21132CACC0AD310A864434D76C9D56FE1B71A52BBF7870DA7440A2E17DF2B23750AE47772
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C321034&b=241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwV%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=4QZHEf5fAYZ9CGH9HdtzCjWrtbSpTrgbCXz%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=728&d=90&e=&g=71d18fbff1f6a3a04ab286821f509986%2F14655329639347042942&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1673601382527&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgst4qspnsd5p79kzhzbn72f3jg37pryjr6nptan96x42thtadmcbfxp86246ycv082keqtdehq64qd0383f1hj33ncrq8hah4k8f8cgdv4hsfdyxf4tf1hb6wpqa8gdmdsyz13ydz46hyka29ja3sps2ggqqtzpdx59hfa982sxzhtf756jmctpbwn6m2xneptg7afhrpe494yskkbtdv5d799zp1mc8vt8ybr7wcvn73ahbgx116ke5qe275pfr28zsq688vnggfhrb10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CdtZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgS1AU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kdIU3c5RKV0z97Xyo-l3jAQqJV3_2CgzBQK3TMTussc_ZmrWgRiNhKoqABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1sswXrGzIKKqDbbj1UWvJiBGLHyA%2526client%253Dca-pub-8280778023961707%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6151c6cb78b2f0ced663b5e32e13658236477225b4416c52e57142f3d610f058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 225062
cf-polished: origFmt=png, origSize=11554
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3224
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Nov 2022 07:30:35 GMT
server: cloudflare
etag: "1ca6a79380ae53c080c2e12b38bdb5eb"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4q8FBufvofFq%2ByKw%2FH%2FClukNKyxRl%2Bzk78fg3gXPScgPM6pp%2FXL59RuKs065%2BzDuqc87Zb4jGvVPWrZuq5Dl%2FQJ8ug%2BbHZjVx9WM609ghbx3jwfBrl48DBoHFxZI%2FANO7p1lP%2Fe%2FOXlyVe0F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 788d0861b93e8ffe-FRA
expires: Sat, 14 Jan 2023 09:16:22 GMT

GET
H2 200 43EB8D27EDF06982A1CDF7B120851C41F9AE11B7D734EE12251DEFFB51C17BC6EAEB7A2F2E7C750E0DD6FDA73367D0F20B75F513B858755E76942F713443F3B9
assets.ad4m.at/product_image/ Frame CEBB 296 KB
296 KB 48ms
38ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/43EB8D27EDF06982A1CDF7B120851C41F9AE11B7D734EE12251DEFFB51C17BC6EAEB7A2F2E7C750E0DD6FDA73367D0F20B75F513B858755E76942F713443F3B9
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C321034&b=241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwV%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=4QZHEf5fAYZ9CGH9HdtzCjWrtbSpTrgbCXz%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=728&d=90&e=&g=71d18fbff1f6a3a04ab286821f509986%2F14655329639347042942&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1673601382527&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgst4qspnsd5p79kzhzbn72f3jg37pryjr6nptan96x42thtadmcbfxp86246ycv082keqtdehq64qd0383f1hj33ncrq8hah4k8f8cgdv4hsfdyxf4tf1hb6wpqa8gdmdsyz13ydz46hyka29ja3sps2ggqqtzpdx59hfa982sxzhtf756jmctpbwn6m2xneptg7afhrpe494yskkbtdv5d799zp1mc8vt8ybr7wcvn73ahbgx116ke5qe275pfr28zsq688vnggfhrb10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CdtZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgS1AU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kdIU3c5RKV0z97Xyo-l3jAQqJV3_2CgzBQK3TMTussc_ZmrWgRiNhKoqABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1sswXrGzIKKqDbbj1UWvJiBGLHyA%2526client%253Dca-pub-8280778023961707%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 262be405d24e2c19dc4e3ecce75466f864fd5959649e39b8b97fd1c83c54087f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 225062
cf-polished: origFmt=png, origSize=466926
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 302728
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Nov 2022 12:39:43 GMT
server: cloudflare
etag: "45f5fed59fc1f13fbebb41146459eb81"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GEfOLDSSxR%2FsIT%2Bxw67SWOnuhdFtCJL%2Bc5K0R%2FutFT%2Fw%2BDgMhxFYbOkx7HNPBQQAxQTEOEnH1IWhbkdmVqXgK7UnCZINQF0HzIHPbXmxOEveG1XFVznlgc%2FH34ENx5GNBUgb2qLtMMgu0MpA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 788d0861b9418ffe-FRA
expires: Sat, 14 Jan 2023 09:16:22 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 80E8 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discord.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 39406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 22:19:36 GMT
expires: Fri, 12 Jan 2024 22:19:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2BEB 783 B
537 B 32ms
32ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

754108f11c953e31123195389fc7261b85636b3a8d3647b18cd49569ea39cd79

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DB34ID8vkJx30Usg0zIx4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://discord.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-DB34ID8vkJx30Usg0zIx4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 09:16:22 GMT
expires: Fri, 13 Jan 2023 09:16:22 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js Show response
pagead2.googlesyndication.com/bg/ Frame 80E8 36 KB
16 KB 34ms
34ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 10:08:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16095
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 10:08:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2BEB 0
0 148ms
147ms Image
text/html 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230111&jk=3925006714193045&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 link.html Show response
track.webgains.com/ Frame CEBB 1 KB
2 KB 183ms
77ms Script
text/html 13.41.252.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hna81jhhtn0d0qpdj1vbdhra7rm5zybsqksz3prgc7s2znpy493s7yyghngvhpshq249z61wc06t7tk9z0v9z8spzjvpyvg1ca0f6x1k10tzypzz3scwpr0360bkdmkzj7dx6webytcn2njsbe71j1bjdjghgcqhe5r0q3m0m4e5avpjzb1cnx4m406cypp1jp9nb03ba6f6veya2jecfajh36tag6v135g6g8w3sa9289xb6v1hr128vgwfmbz87pme%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hgst4qspnsd5p79kzhzbn72f3jg37pryjr6nptan96x42thtadmcbfxp86246ycv082keqtdehq64qd0383f1hj33ncrq8hah4k8f8cgdv4hsfdyxf4tf1hb6wpqa8gdmdsyz13ydz46hyka29ja3sps2ggqqtzpdx59hfa982sxzhtf756jmctpbwn6m2xneptg7afhrpe494yskkbtdv5d799zp1mc8vt8ybr7wcvn73ahbgx116ke5qe275pfr28zsq688vnggfhrb10%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8CdtZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgS1AU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kdIU3c5RKV0z97Xyo-l3jAQqJV3_2CgzBQK3TMTussc_ZmrWgRiNhKoqABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1sswXrGzIKKqDbbj1UWvJiBGLHyA%252526client%25253Dca-pub-8280778023961707%252526adurl%25253D&clickref=oneidGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47oneid__suite_Netmix_Reach14_AKTION&viewref=oneidJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1oneid__suite_Netmix_Reach14_AKTION
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C321034&b=241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwV%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=4QZHEf5fAYZ9CGH9HdtzCjWrtbSpTrgbCXz%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=728&d=90&e=&g=71d18fbff1f6a3a04ab286821f509986%2F14655329639347042942&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1673601382527&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgst4qspnsd5p79kzhzbn72f3jg37pryjr6nptan96x42thtadmcbfxp86246ycv082keqtdehq64qd0383f1hj33ncrq8hah4k8f8cgdv4hsfdyxf4tf1hb6wpqa8gdmdsyz13ydz46hyka29ja3sps2ggqqtzpdx59hfa982sxzhtf756jmctpbwn6m2xneptg7afhrpe494yskkbtdv5d799zp1mc8vt8ybr7wcvn73ahbgx116ke5qe275pfr28zsq688vnggfhrb10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CdtZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgS1AU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kdIU3c5RKV0z97Xyo-l3jAQqJV3_2CgzBQK3TMTussc_ZmrWgRiNhKoqABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1sswXrGzIKKqDbbj1UWvJiBGLHyA%2526client%253Dca-pub-8280778023961707%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.252.217 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-252-217.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 0bf66d354e6dc7545f4e95c39562ccf583cdc17f650615039f1aad14f9022620

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:22 GMT
last-modified: Fri, 13 Jan 2023 09:16:22 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 13 Jan 2023 09:17:22 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame CEBB 2 KB
2 KB 195ms
96ms Script
text/html 13.41.252.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=4366768&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gq5sc3vprzpzsv9k98wjzhdq14y9ca06zxbr4z8jd6ebcabf19mqjqvaw55py01qqsdxq889w4ngneaz1322qqet67rtp2w140zj2ppetws93kpg2n96cwws4jfhgqs4hny0gcjrny6v1dh17xkxte7d85xb74fbgycq5aevyn4p3kcbtx64y9ay64mdfnshyqxfy7f1batqstfbeee4negcrzsgc4wd3bv5fm9d7ned521mxnjrgmbha8pzbbyf4z7fsg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hgst4qspnsd5p79kzhzbn72f3jg37pryjr6nptan96x42thtadmcbfxp86246ycv082keqtdehq64qd0383f1hj33ncrq8hah4k8f8cgdv4hsfdyxf4tf1hb6wpqa8gdmdsyz13ydz46hyka29ja3sps2ggqqtzpdx59hfa982sxzhtf756jmctpbwn6m2xneptg7afhrpe494yskkbtdv5d799zp1mc8vt8ybr7wcvn73ahbgx116ke5qe275pfr28zsq688vnggfhrb10%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8CdtZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgS1AU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kdIU3c5RKV0z97Xyo-l3jAQqJV3_2CgzBQK3TMTussc_ZmrWgRiNhKoqABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1sswXrGzIKKqDbbj1UWvJiBGLHyA%252526client%25253Dca-pub-8280778023961707%252526adurl%25253D&clickref=oneidRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYAoneid__suite_Netmix_Reach14_AKTION&viewref=oneidq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEzoneid__suite_Netmix_Reach14_AKTION
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C321034&b=241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwV%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=4QZHEf5fAYZ9CGH9HdtzCjWrtbSpTrgbCXz%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=728&d=90&e=&g=71d18fbff1f6a3a04ab286821f509986%2F14655329639347042942&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1673601382527&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgst4qspnsd5p79kzhzbn72f3jg37pryjr6nptan96x42thtadmcbfxp86246ycv082keqtdehq64qd0383f1hj33ncrq8hah4k8f8cgdv4hsfdyxf4tf1hb6wpqa8gdmdsyz13ydz46hyka29ja3sps2ggqqtzpdx59hfa982sxzhtf756jmctpbwn6m2xneptg7afhrpe494yskkbtdv5d799zp1mc8vt8ybr7wcvn73ahbgx116ke5qe275pfr28zsq688vnggfhrb10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CdtZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgS1AU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kdIU3c5RKV0z97Xyo-l3jAQqJV3_2CgzBQK3TMTussc_ZmrWgRiNhKoqABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1sswXrGzIKKqDbbj1UWvJiBGLHyA%2526client%253Dca-pub-8280778023961707%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.252.217 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-252-217.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 392b4f7a9416209bbff90fb84bdb7bbf8ab2ac63b43a34fd3e50e83d1d1efa01

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:22 GMT
last-modified: Fri, 13 Jan 2023 09:16:22 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 13 Jan 2023 09:17:22 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame CEBB 85 KB
31 KB 97ms
24ms Script
application/javascript 65.9.66.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hna81jhhtn0d0qpdj1vbdhra7rm5zybsqksz3prgc7s2znpy493s7yyghngvhpshq249z61wc06t7tk9z0v9z8spzjvpyvg1ca0f6x1k10tzypzz3scwpr0360bkdmkzj7dx6webytcn2njsbe71j1bjdjghgcqhe5r0q3m0m4e5avpjzb1cnx4m406cypp1jp9nb03ba6f6veya2jecfajh36tag6v135g6g8w3sa9289xb6v1hr128vgwfmbz87pme%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hgst4qspnsd5p79kzhzbn72f3jg37pryjr6nptan96x42thtadmcbfxp86246ycv082keqtdehq64qd0383f1hj33ncrq8hah4k8f8cgdv4hsfdyxf4tf1hb6wpqa8gdmdsyz13ydz46hyka29ja3sps2ggqqtzpdx59hfa982sxzhtf756jmctpbwn6m2xneptg7afhrpe494yskkbtdv5d799zp1mc8vt8ybr7wcvn73ahbgx116ke5qe275pfr28zsq688vnggfhrb10%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8CdtZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgS1AU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kdIU3c5RKV0z97Xyo-l3jAQqJV3_2CgzBQK3TMTussc_ZmrWgRiNhKoqABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1sswXrGzIKKqDbbj1UWvJiBGLHyA%252526client%25253Dca-pub-8280778023961707%252526adurl%25253D&clickref=oneidGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47oneid__suite_Netmix_Reach14_AKTION&viewref=oneidJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1oneid__suite_Netmix_Reach14_AKTION
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-110.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 01:31:18 GMT
content-encoding: gzip
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 27905
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 6O806nqUZduMtNuKW-G8-gPhvGbggYhNBmEdWLIF4kLU6ul5_rviow==

GET
H2 200 link.html
track.webgains.com/ Frame CEBB 48 KB
49 KB 117ms
117ms Image
image/gif 13.41.252.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1oneid__suite_Netmix_Reach14_AKTION&wglinkid=2194035
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C321034&b=241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwV%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=4QZHEf5fAYZ9CGH9HdtzCjWrtbSpTrgbCXz%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=728&d=90&e=&g=71d18fbff1f6a3a04ab286821f509986%2F14655329639347042942&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1673601382527&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgst4qspnsd5p79kzhzbn72f3jg37pryjr6nptan96x42thtadmcbfxp86246ycv082keqtdehq64qd0383f1hj33ncrq8hah4k8f8cgdv4hsfdyxf4tf1hb6wpqa8gdmdsyz13ydz46hyka29ja3sps2ggqqtzpdx59hfa982sxzhtf756jmctpbwn6m2xneptg7afhrpe494yskkbtdv5d799zp1mc8vt8ybr7wcvn73ahbgx116ke5qe275pfr28zsq688vnggfhrb10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CdtZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgS1AU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kdIU3c5RKV0z97Xyo-l3jAQqJV3_2CgzBQK3TMTussc_ZmrWgRiNhKoqABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1sswXrGzIKKqDbbj1UWvJiBGLHyA%2526client%253Dca-pub-8280778023961707%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.252.217 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-252-217.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:16:22 GMT
last-modified: Fri, 13 Jan 2023 09:16:22 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 13 Jan 2023 09:17:22 GMT

GET
H2 200 1659354586_efWwgs1Qb28CJ2gn5syWw4lgeBNhVHiH.gif
cdn.track.production.webgains.team/295140/ Frame CEBB 19 KB
19 KB 106ms
23ms Image
image/gif 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/295140/1659354586_efWwgs1Qb28CJ2gn5syWw4lgeBNhVHiH.gif?Expires=1673601682&Signature=Y5RBqlSd6CM87dzccyjdeQqsVMU3SGz9GuOay-Nc3UYFvjh9jdEWArkt-21vdjzx7q3fFrioPxKTy-vwMY9nLOtBANVixJIa2nYfdwyVnU0pOUkhS5pSUdFSYQnNidhbVjMr2C3MzQ6DenfkyEv~5e8jr60~VYAqxUx4LQBFGRthMYqxNQ6cyEiHq9y14nL-0f6b2U48-yRwuOp9OeNAJjpp8DAwXfGqx2hw0HLyiaEO0fHQTYFNfnjPn6KDtKV2jtD~CoktuiDN-NdSI41pQXd34n0~HiHvkibhjL8i3ytRIr6OmPcfk3EnupJCvVYudc0TPA4qImAJ0pQmWWIyiw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C183975%2C321034&b=241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwV%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cq59TmfWfZ15DfZHgHDtJtK4dGueSgTAYQsEz&f=4QZHEf5fAYZ9CGH9HdtzCjWrtbSpTrgbCXz%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CRA9UgfQf8A1DCkHwH3tzCZw8zU9SzTmReUYA&c=728&d=90&e=&g=71d18fbff1f6a3a04ab286821f509986%2F14655329639347042942&i=25174%2C20597%2C111584&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1673601382527&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgst4qspnsd5p79kzhzbn72f3jg37pryjr6nptan96x42thtadmcbfxp86246ycv082keqtdehq64qd0383f1hj33ncrq8hah4k8f8cgdv4hsfdyxf4tf1hb6wpqa8gdmdsyz13ydz46hyka29ja3sps2ggqqtzpdx59hfa982sxzhtf756jmctpbwn6m2xneptg7afhrpe494yskkbtdv5d799zp1mc8vt8ybr7wcvn73ahbgx116ke5qe275pfr28zsq688vnggfhrb10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CdtZSHBY-WENN6-ygXcprfwCZDhgYRctqjCivACwI23ARABIABglYKAgJQHggEXY2EtcHViLTgyODA3NzgwMjM5NjE3MDfIAQmpAp-bbFKUM7I-qAMBqgS1AU_QMbaLVrE3DvsLC_jh-TGdvEgS3Htk3jfTNsDfJPf9hgRzDDc-obK9YmDSLr9UWgp0id1keD6IyufObxvujnYBcL9_IZCDpltgxv1z_9WmRu7EF1Bseli-28UC3pWIBMBzN67VXXyip1vyvlrwgY2mqyUNlKHOXGyDCqxQKuqlHf3JW__IAqOPYN3kdIU3c5RKV0z97Xyo-l3jAQqJV3_2CgzBQK3TMTussc_ZmrWgRiNhKoqABsrKjqn9lYaweaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1sswXrGzIKKqDbbj1UWvJiBGLHyA%2526client%253Dca-pub-8280778023961707%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86e52a6ab6d9a83f40ddc2a09084df0a0d291ca4194b5ce17de122001adf46fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 13 Jan 2023 01:46:12 GMT
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified: Mon, 01 Aug 2022 11:49:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 27012
etag: "c8717f93a87217b1c114134b189e2ca0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 19052
x-amz-cf-id: RI_TkotcTHsKKmIBNXNUuPleIs1jfBx14wnslG_ODDK3oXJtxu7evg==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2A25 42 B
64 B 154ms
153ms Fetch
image/gif 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoI8jvlp9lvr5nFymzsAuF875tk81DQM0Ob3mf6b36uT6wAi_6PCBY5NAqeKz4-u8as03nCb5MOh_dJhLy8pqlpXtYZXNB8wmGA5pDWYjMObWi9QVw3eFByB2JBkqRQEIs-vkSeQ&sai=AMfl-YT-IXpvvwDdvfFyu2M4H5Q3D1Awh14ivzoV6JuF9pd5_FWD6qPb44NOycMy_Q7dK99yUXnpAcO2SNmWJb8&sig=Cg0ArKJSzI_qaGL6ZBftEAE&cid=CAQSGwDq26N9epZXaik28FOlf4RpSd1PO-shiicZEBgBIBM&id=lidar2&mcvt=1001&p=0,0,280,1200&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4078063067&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673601381133&rpt=1013&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 09:16:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 71FE 42 B
64 B 153ms
153ms Fetch
image/gif 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsusdeUCoJqnzoKzwm8LMcgYb0ZlZZih4bVkSSeCUVrX9aNynqyYL8GpVd6FR4K7dZXJdjdLnFY3x07tXrSGSCfeRTG_ZQmSBMqsbO4Qpo2KH7NU5CR36zIWAXi8HDytqs8NfswccQ&sai=AMfl-YSBXFOgIILjantBdhg7vVIlB_TtocoT6_DF4yx0FzTA1kqZipjGVmM7AWWGST6IBXxvu8-bIFN06hwGBDU&sig=Cg0ArKJSzF4kpEsiDz0AEAE&cid=CAQSGwDq26N9TQ97-RhWxD4zhhZh0cPmnHeMAtcH0RgBIBM&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=86,770,1000,1091,1141&tos=86,684,230,91,50&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673601381958&rpt=236&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 09:16:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 155ms
155ms Image
text/html 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230111&jk=3925006714193045&bg=!_v2l_bnNAAYDMoyoIzI7ACkAdvg8WnBpkp8Stza03ItzW6OWOFaPKs2hTOWEaOQ5vwu8N5VXqQepEwIAAABRUgAAAANoAQcKACvyAtzKKtcQUPPGR0wjryp3jJQfx9lvHRytfrxDDw5e1jGRUbr5uA0uuzuVmQKp4sc-gHeSfDztkQquQ4fKJhvCTn7QRTSJjhXIxFU9QRjXCUcYv2E0k7BAAKgz9icCR7TiJmqXB98dPkSS5NwOP3STqYP9dX7pgsjj8cyOiwU5H4Ox7kbSH3NYAADy-IyBzHVIsCGUToc59dddyN1pbWUKFHWbl5moQaDXFuB3NDxdpEd7yWoMk5w-JICJ8EQSmKmP0q6yRCWBgRnMzB4SVqfJ8iNct0n2qDLumakQjuve1fpUs6iV5ebmxq_TLl6Vn8njf01cuFlLhM5izuqAfb8k1ucsSwa13lQ_Nn0FpD6Q5de5UCd5wc1_xHgFBv5viG2tUSTostY0pwqe6UmtnrMUha2RMWWo3nl_Sk4Krj4U8fJiVlsVENdy6tB1WbujNH394wPelZ7DW-CvhhJT7e8upsdYIDSwfPvqUDe6i_PcH3KWFQAZxt2CH0oGxO2F3k0LCi9hYqTC7cgoKiSJOb3XoJjQcEnZSUL5ohcktYDfSsGuiQCm1vNIP0N_YwBv7QAxa1KmvBkvmMO3ua89CpyMr68JNkGwffRkSWQAjjdkruJ4ZmaPl6hvhYKnWYUHWXMSLJHC4KxT5wNqUv9mkLfjsuFNxWy969rPy09OeDWvNukbVrJdakF6zyVwYafZME6RY7weOPG_Yuj2dnpsTQRkPOkjE9_WS5jdJ1v7Ff_MV104-NYVPv6xdcqpFEVGni1Ye4g1HOvvsQk_SMgSIRWLEHPTDs5o2g_p74Om6AqJ3gnkt9vIubJz2CFgAZ04AD5S5uTqbIqd2sJg1AVhnbNxZR91587H9aC2ciWGmLhk5sN65cHiAjCexqdCHFAUfs4Vha5XBpugxSm1XEOFs0C6LCLMl042GBx5DT15UmfGTA-jWUENWuYMfZXEwWig_ShBwUx_G03u
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discord.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame CEBB 16 B
232 B 70ms
69ms Fetch
application/json 3.11.171.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-171-0.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Jan 2023 09:16:24 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 147ms
35ms Preflight 3.11.171.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 13 Jan 2023 09:16:24 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame CEBB 16 B
232 B 97ms
97ms Fetch
application/json 3.11.171.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-171-0.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Jan 2023 09:16:24 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 141ms
34ms Preflight 3.11.171.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.171.0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-171-0.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 13 Jan 2023 09:16:24 GMT
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHdhTgZGqtzTPjoh2e4MLGk&google_cver=1&google_push=AavPq0NaAXvtRTqRw4R1J5l6pgatTGEp8-zMDfzT4oqZtizEXECxUPZohXE04qSUMaczOV9O3oYKNWb9pB9Hut3TEAbiNxtAxrbYhSL2HA

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.discord.org/	1970-01-20 18:14:57	Name: __gads Value: ID=2259475650fa262a-2236b10041db0073:T=1673601381:RT=1673601381:S=ALNI_MYJVy6_GeBvngo7XQo8NIWqwrvnvw
.discord.org/	1970-01-20 18:14:57	Name: __gpi Value: UID=00000ba1fc0f74e4:T=1673601381:RT=1673601381:S=ALNI_MaTMvoTRBGB5HFfAwpUpwdpaIvoIg
.doubleclick.net/	1970-01-20 08:53:24	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 18:14:57	Name: IDE Value: AHWqTUncKt-8yfXrQhcnkk7sYAaVR83c7vTpfx6ZjPjYVk13o2TffCAc0Lf_v1D-2yM
.blismedia.com/	1970-01-20 17:39:01	Name: b Value: 63C121661D7409C29B22A61BBLIS
.w55c.net/	1970-01-20 18:23:35	Name: wfivefivec Value: eqcQbY5f1PggaG5
.pubmatic.com/	1970-01-20 08:54:47	Name: KTPCACOOKIE Value: YES
.w55c.net/	1970-01-20 09:36:33	Name: matchgoogle Value: 5
.pubmatic.com/	1970-01-20 17:38:57	Name: KADUSERCOOKIE Value: B5FBF3E6-7971-4799-B7A3-BF343AE9D31A
.innovid.com/	1970-01-20 11:02:57	Name: uuid Value: 301b7b1f-e0e3-4ecc-98e7-1548362c35d0-20230113 04:16:22
.awin1.com/	1970-01-20 09:03:26	Name: awpv11938 Value: 412871\|1673601382\|f2b62d70-9322-11ed-ad94-2233c4476c8a
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.congstar.de/	1970-01-20 09:03:29	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1673601382_f2b62d70-9322-11ed-ad94-2233c4476c8a%22%2C%22sp%22%3A%22awin%22%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHdhTgZGqtzTPjoh2e4MLGk&google_cver=1&google_push=AavPq0NaAXvtRTqRw4R1J5l6pgatTGEp8-zMDfzT4oqZtizEXECxUPZohXE04qSUMaczOV9O3oYKNWb9pB9Hut3TEAbiNxtAxrbYhSL2HA Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad4m.at
adservice.google.com
adservice.google.de
ag.innovid.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
cdn.track.production.webgains.team
cm.g.doubleclick.net
discord.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pm.w55c.net
prod-rtb.ad4mat.net
static-de.ad4mat.net
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
www.awin1.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.worldipv6launch.org
googlecm.hit.gemius.pl
104.87.133.65
13.224.189.35
13.41.252.217
142.250.186.66
198.47.127.19
2600:1901:0:76b9::
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700:3035::ac43:81f7
2a00:1450:4001:806::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:400d:802::2003
2a00:1450:400d:803::2002
2a00:1450:400d:805::2002
2a00:1450:400d:808::2002
2a00:1450:400d:80c::2002
2a02:26f0:10e::6860:5ba2
2a05:d01c:1d8:8100:89cd:9115:4cec:baf2
3.11.171.0
3.126.34.117
34.96.105.8
51.89.9.252
65.9.66.110
69.173.144.138
87.118.116.9
07cfa1b11432962e4d8675b31cafdad6b983e9062cc6e10e5f21753cee454a5e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf66d354e6dc7545f4e95c39562ccf583cdc17f650615039f1aad14f9022620
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d6a9bf47f17d08ebd3be570f94321b0e2a1b7dc6c7957a635662b9bf5beda8c
262be405d24e2c19dc4e3ecce75466f864fd5959649e39b8b97fd1c83c54087f
2ea22509acbb5f3a229673eb230b1ea382435e54a2c7436e7099f1a3783c4846
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30b414e63e540e7ccc4d1c2790f01d96d420452db53606a3de775fbdb7463197
30d57bd9442e346d06dfe5a2de9d1cfa94c6409bcc421d9cbfa1425447e7269c
30e6b333ad69bc6cbab35ca38dcb6e52f27434517ab509e422114641744689af
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d9ddfd5aa343ae6554a44fa1344b430c8968bd19795e67090e177135179c84
35dc1e07839c624b878755af00ec2780c5432275934adc30152795c39d52641d
392b4f7a9416209bbff90fb84bdb7bbf8ab2ac63b43a34fd3e50e83d1d1efa01
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
4488333adcd7deb7572caaa680e1a4d9df638ed0738f20b064408fd67fac9428
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977
4f6c08d122cb5100e5fc413efc7958ff5875cc6a9ec184791635acecf9b52696
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e41b56a543cfd9b80465447187f6ef62bb1fd54ed7378f2ad52eb4e8d25cec
5bf0a68607af5fc871578125e311f5ce0a0f527cf8f8297fe4ad1f5558009a01
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
6151c6cb78b2f0ced663b5e32e13658236477225b4416c52e57142f3d610f058
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69e3696168c1f8450ca1adc4b18437bfec8cc351b02dc20ab1fa8ff2322b8d8b
754108f11c953e31123195389fc7261b85636b3a8d3647b18cd49569ea39cd79
78ba0fba0603bdcee9944bf383b409f6a8d399c8c6de9479c5a0887eddcfba22
86e52a6ab6d9a83f40ddc2a09084df0a0d291ca4194b5ce17de122001adf46fa
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8fac20a50f89e00152519d91ecaca73297510b4fc02496370bb6a0503e4aeab1
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b603ade38ad776f731d6a818da597da1c90c748e572ee9adce19b0b190b3cdc
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aacd45612b2e9d649337425ae38aefe3792922c4625e1f72877c2baed3c2ca0d
adf46f0f237f4bac5044b5001efc5fb5e35c76546194f4e0ea8fef36558d63bf
b81de03dc76c342204854b74474275c57695d85b80f5a5406eaf0af8323f2352
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
caa783c709a6961ab22200c02d0896ee059807fd56458087c18412f8a8606ea8
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4
d7c866697b6d0a1b31a9d6a6b02f900781f931cb4717511d2465aba88118695a
daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b
eeb0a46cf5270666c48fc29ec39ad02c36f219c6b82027e4b0e44baf03b585e6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efaee115f8c9c7c11e2e17bd4d580db1136571500686a8f68cdba7a5117576a6
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f22179ab929ec12233cb5c427e79ffe36688935b7a79a43e6e966d08cb4e6c0f
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f991c9e88058944fd6f26508acdc5c706df1ea9614ab5ae29525d3db460d2af0
fa6a70ffa48cc7ca38bf67860c9ea45f92218c320c00b5a9aed948aca55e6ed1
fc8935eab32560a568ab0c2e4a7dab444dd0b1dc2e0210593ced343e8f350d59

discord.org Open in urlscan Pro 2606:4700:3035::ac43:81f7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

109 Requests

94 %HTTPS

60 %IPv6

24 Domains

32 Subdomains

26 IPs

5 Countries

2263 kBTransfer

3914 kBSize

13 Cookies

18 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

discord.org Open in urlscan Pro
2606:4700:3035::ac43:81f7 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

94 %
HTTPS

60 %
IPv6

24
Domains

32
Subdomains

26
IPs

5
Countries

2263 kB
Transfer

3914 kB
Size

13
Cookies

109 HTTP transactions
3 data transactions