urlscan.io logo urlscan.io
SecurityTrails logo

kravmagapp.com Open in urlscan Pro
100.42.50.200  Public Scan

Go To Rescan Add Verdict Report
URL: https://kravmagapp.com/
Submission: On September 28 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 7 countries across 24 domains to perform 134 HTTP transactions. The main IP is 100.42.50.200, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is kravmagapp.com.
TLS certificate: Issued by R3 on September 28th 2021. Valid for: 3 months.
This is the only time kravmagapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
33 100.42.50.200 46606 (UNIFIEDLA...)
1 142.250.184.232 15169 (GOOGLE)
1 142.250.185.170 15169 (GOOGLE)
1 104.16.88.20 13335 (CLOUDFLAR...)
4 151.139.128.11 20446 (HIGHWINDS3)
2 142.250.185.78 15169 (GOOGLE)
1 172.217.23.99 15169 (GOOGLE)
1 8.29.155.145 ()
10 52.173.199.57 8075 (MICROSOFT...)
6 142.250.185.194 15169 (GOOGLE)
4 72.251.249.13 29791 (VOXEL-DOT...)
11 142.250.185.162 15169 (GOOGLE)
4 172.217.18.98 15169 (GOOGLE)
4 142.250.186.65 15169 (GOOGLE)
17 142.250.185.130 15169 (GOOGLE)
10 142.250.184.193 15169 (GOOGLE)
3 142.250.185.132 15169 (GOOGLE)
3 142.250.74.194 15169 (GOOGLE)
3 10 142.250.186.34 15169 (GOOGLE)
2 4 2.18.234.21 16625 (AKAMAI-AS)
2 3 37.252.172.249 29990 (ASN-APPNEX)
2 142.250.185.66 15169 (GOOGLE)
1 142.250.181.230 15169 (GOOGLE)
1 2 209.54.178.82 16509 (AMAZON-02)
1 13.248.242.197 16509 (AMAZON-02)
2 2 66.155.71.25 13768 (COGECO-PEER1)
1 1 69.173.144.138 26667 (RUBICONPR...)
1 1 2.18.235.93 16625 (AKAMAI-AS)
1 1 124.146.215.51 2514 (INFOSPHER...)
2 2 217.66.147.167 29209 (SPBMTS-AS...)
1 1 213.87.44.187 13174 (MTSNET Mo...)
134 26
33    100.42.50.200 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 100.42.50.200-static.reverse.mysitehosted.com
kravmagapp.com
1    142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net
www.googletagmanager.com
1    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
fonts.googleapis.com
1    104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
cdn.bidfluence.com
2    142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net
www.google-analytics.com
1    172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f3.1e100.net
fonts.gstatic.com
1    8.29.155.145 (None, )

ASN- ()
stwfit.com
10    52.173.199.57 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
call.bidfluence.com
server.bidfluence.com
report.bidfluence.com
served.bidfluence.com
viewed.bidfluence.com
6    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googletagservices.com
4    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
11    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
4    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
adservice.google.com
4    142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net
8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
17    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
pagead2.googlesyndication.com
10    142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net
tpc.googlesyndication.com
3    142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
www.google.com
3    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
googleads.g.doubleclick.net
10    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
4    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
3    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads4.g.doubleclick.net
1    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
s0.2mdn.net
2    209.54.178.82 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
2    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
cs.media.net
1    124.146.215.51 (Toshima, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    217.66.147.167 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-167-147-66-217.spbmts.ru
sm.rtb.mts.ru
1    213.87.44.187 (Moscow, Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru
tech.rtb.mts.ru
Domain Requested by
33 kravmagapp.com kravmagapp.com
17 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
cdn.bidfluence.com
pagead2.googlesyndication.com
8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
googleads.g.doubleclick.net
10 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
10 tpc.googlesyndication.com 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
10 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
6 www.googletagservices.com cdn.bidfluence.com
securepubads.g.doubleclick.net
8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
pagead2.googlesyndication.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
4 ap.lijit.com cdn.bidfluence.com
4 server.bidfluence.com cdn.bidfluence.com
4 cdn.bidfluence.com kravmagapp.com
cdn.bidfluence.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
kravmagapp.com
3 www.google.com tpc.googlesyndication.com
8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
2 sm.rtb.mts.ru 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 s.amazon-adsystem.com 1 redirects 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 report.bidfluence.com cdn.bidfluence.com
2 call.bidfluence.com cdn.bidfluence.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 viewed.bidfluence.com cdn.bidfluence.com
1 tech.rtb.mts.ru 1 redirects
1 tg.socdm.com 1 redirects
1 cs.media.net 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 match.adsrvr.org 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
1 s0.2mdn.net 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
1 served.bidfluence.com cdn.bidfluence.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stwfit.com kravmagapp.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.jsdelivr.net kravmagapp.com
1 fonts.googleapis.com kravmagapp.com
1 www.googletagmanager.com kravmagapp.com
134 36

This site contains links to these domains. Also see Links.

Domain
www.strongerfasterprettier.com
Subject Issuer Validity Valid
kravmagapp.com
R3		 2021-09-28 -
2021-12-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
cdn.bidfluence.com
R3		 2021-09-13 -
2021-12-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
33e4a65474.nxcli.net
R3		 2021-08-24 -
2021-11-22		 3 months crt.sh
*.bidfluence.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-04-08 -
2022-04-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh

This page contains 14 frames:

Primary Page: https://kravmagapp.com/
Frame ID: 3ECB74C8EE3B70F145300479F0CC2570
Requests: 72 HTTP requests in this frame

Frame: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E834DBEC26035F5CFE737E6188BE4B8C
Requests: 1 HTTP requests in this frame

Frame: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4E26D3B282D6457F90B7592CECE5858A
Requests: 7 HTTP requests in this frame

Frame: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5715B9F6B700EE6962DE80C3DCEFED9E
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1DA3F8984252F2BDE90D206ED6F649CB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C175A8C6E659916C6A656ECFBC8B38B4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: EFBC68C20D42584A90B387CCE82B6AFA
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2508572163480636&output=html&h=250&slotname=8748103476&adk=1527147156&adf=3383700272&pi=t.ma~as.8748103476&w=300&url=https%3A%2F%2Fkravmagapp.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632863579601&bpp=13&bdt=48&idt=74&shv=r20210922&mjsv=m202109220101&ptt=5&saldr=sa&cookie=ID%3D10be6e1ffd477751%3AT%3D1632863578%3AS%3DALNI_MYg6qtjqlgnT0tGyTBCYRiboZM6Sw&correlator=6330543460691&frm=23&ife=1&pv=2&ga_vid=1640099352.1632863578&ga_sid=1632863580&ga_hid=998993178&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=840&ady=2717&biw=1600&bih=1200&isw=300&ish=250&ifk=3948632032&scr_x=0&scr_y=0&eid=31062935&oid=3&pvsid=1044647733774702&pem=809&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dpodx194nq7o&btvi=1&fsb=1&dtd=87
Frame ID: BEC842B23936CBE529B967102DC03567
Requests: 1 HTTP requests in this frame

Frame: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FE9267A07250B0830AFF594BA23438FA
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEPTNpIoCGJTHm7MBMAE&v=APEucNXgQipkAwFbgWCkqFsOdW6D6-8Am_7232WEhIk--qYD7zBr4F7ZMHZaeug_ioxMZgl5Oj8qCbXXGa1H_UQUhLpmpjiqTg
Frame ID: DF28A536A73181C8A98176AE2635C7A8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6FCD5AFE74DE222DA5393B143BB7D55E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D75A1C7568E2C3102A58B6D44782215C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 83E57CF640C2ADBE6E3E99F24339EB61
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 868A4340209C4E59E38FC99F8E874EF0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

kravmagapp

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

134
Requests

98 %
HTTPS

0 %
IPv6

24
Domains

36
Subdomains

26
IPs

7
Countries

1773 kB
Transfer

4076 kB
Size

26
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 102
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELy2Rtunh32XqwTBowrQaeQ&google_cver=1
Request Chain 103
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YVOFW8V069ehivaOrj1fEQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELy2Rtunh32XqwTBowrQaeQ&google_cver=1
Request Chain 104
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAw0UkNVBnkj1LyRYwxGzDo&google_cver=1
Request Chain 105
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY1NzQxNTg4MDgxMjA4ODQ1Nw%3D%3D
Request Chain 111
  • https://s.amazon-adsystem.com/iu3?d=forester-did&ex-fch=4167913&ex-fargs=1JDhLkbwBT0wZjkbLf-NDvLgGuA64DZPlbkNv6X2tI2QXnErZkRWLIZERJI51HH74a94nMNO1jg3JbsAF0TQDc2jg8djKys6WXSrY&cb= HTTP 302
  • https://s.amazon-adsystem.com/iu3?d=forester-did&ex-fch=4167913&ex-fargs=1JDhLkbwBT0wZjkbLf-NDvLgGuA64DZPlbkNv6X2tI2QXnErZkRWLIZERJI51HH74a94nMNO1jg3JbsAF0TQDc2jg8djKys6WXSrY&cb=&dcc=t
Request Chain 116
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEApFcExKkvV5nL1y0GptLXA&google_cver=1&google_push=AYg5qPJvBLxb2v7ixSlUguNAiPbaYxqgXYQ7MapnuVTlav1MFbUIxVcEo6cMBVzkj6xW9za2xUXdQGtdEpXDC8G4ul7ryuiJvmI HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEApFcExKkvV5nL1y0GptLXA&google_cver=1&google_push=AYg5qPJvBLxb2v7ixSlUguNAiPbaYxqgXYQ7MapnuVTlav1MFbUIxVcEo6cMBVzkj6xW9za2xUXdQGtdEpXDC8G4ul7ryuiJvmI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=JS6jMULGT4KP5sWx_ed_P2FThVs
Request Chain 117
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMN2UWm8SXSFFbD93dQyZEw&google_cver=1&google_push=AYg5qPJDPc-wmXi0eq7dJ0dBLscjz60Ei_Hbwc0WIVjfLeAPpER6hIxCU2EbN5-5rJasJaEkIW5KF-kr3ytNzvU8ikgKMyp0dko HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1U0S1REU0MtNS0xUFlW&google_push=AYg5qPJDPc-wmXi0eq7dJ0dBLscjz60Ei_Hbwc0WIVjfLeAPpER6hIxCU2EbN5-5rJasJaEkIW5KF-kr3ytNzvU8ikgKMyp0dko
Request Chain 118
  • https://match.360yield.com/match/ebda?google_gid=CAESEEazeaRKCKcxALtQX35ChzM&google_cver=1&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1bC1ei6gPXog HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEazeaRKCKcxALtQX35ChzM&google_cver=1&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1bC1ei6gPXog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1bC1ei6gPXog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1bC1ei6gPXog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1bC1ei6gPXog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1bC1ei6gPXog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1bC1ei6gPXog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1bC1ei6gPXog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1bC1ei6gPXog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1bC1ei6gPXog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1bC1ei6gPXog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1bC1ei6gPXog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1bC1ei6gPXog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1bC1ei6gPXog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1bC1ei6gPXog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1bC1ei6gPXog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1bC1ei6gPXog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1bC1ei6gPXog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1bC1ei6gPXog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1bC1ei6gPXog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1bC1ei6gPXog
Request Chain 119
  • https://cs.media.net/cksync?type=g&google_gid=CAESEGYdeLKEMw_9Hm31TZch_XY&google_cver=1&google_push=AYg5qPIorYlWywaIC-mE8QrWuUtaCIG_CyfsLTQzysZuW7kpLjv6dy0SarmNfL9DDNio8B42mxqzK5LZHho4wxqD3_isbAckIYpd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc1ODY1MTc5OTMyNTU0NDAwMFYxMA%3d%3d&mn_hm=Mjc1ODY1MTc5OTMyNTU0NDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIorYlWywaIC-mE8QrWuUtaCIG_CyfsLTQzysZuW7kpLjv6dy0SarmNfL9DDNio8B42mxqzK5LZHho4wxqD3_isbAckIYpd&gdpr=&gdpr_consent=
Request Chain 120
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEPM29Nr9LzaVTptwjnj_VwU&google_cver=1&google_push=AYg5qPLtNqD176TzP5a0qsEYGIWNTuS27rJts0qFY9nkKLJXtW4gqPV2eQIhEhLRIKUBVddooF5yMarB4G0SsWJYm5VYrZ162nQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPLtNqD176TzP5a0qsEYGIWNTuS27rJts0qFY9nkKLJXtW4gqPV2eQIhEhLRIKUBVddooF5yMarB4G0SsWJYm5VYrZ162nQ&google_hm=WVZPRlhNQ284WDRBQUpSRk40OEFBQUFB
Request Chain 121
  • https://sm.rtb.mts.ru/p?ssp=googleban&pm=1&google_gid=CAESEN_paC59XPCN97UYbI_j2XU&google_cver=1&google_push=AYg5qPLjmHO-ip-rmbIQuMSurBi6zv3PtuNeSiIC7z6LVQcxWcACAn4--2LUT-lmhqYfX_uMydyynEt09chRG0BPNIkPRh6Zh-On HTTP 301
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3D1458dc2f-1f82-465b-97cd-f2b19c922c3c%26google_push%3DAYg5qPLjmHO-ip-rmbIQuMSurBi6zv3PtuNeSiIC7z6LVQcxWcACAn4--2LUT-lmhqYfX_uMydyynEt09chRG0BPNIkPRh6Zh-On&ssp=googleban&exu=CAESEN_paC59XPCN97UYbI_j2XU HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=1458dc2f-1f82-465b-97cd-f2b19c922c3c&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3D1458dc2f-1f82-465b-97cd-f2b19c922c3c%26google_push%3DAYg5qPLjmHO-ip-rmbIQuMSurBi6zv3PtuNeSiIC7z6LVQcxWcACAn4--2LUT-lmhqYfX_uMydyynEt09chRG0BPNIkPRh6Zh-On HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=1458dc2f-1f82-465b-97cd-f2b19c922c3c&google_push=AYg5qPLjmHO-ip-rmbIQuMSurBi6zv3PtuNeSiIC7z6LVQcxWcACAn4--2LUT-lmhqYfX_uMydyynEt09chRG0BPNIkPRh6Zh-On

134 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kravmagapp.com/ 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6b3d87346e5844331fccb97479b3ddc28a0b10642e53a538ba4db96c9ce90f4a

Request headers

:method
GET
:authority
kravmagapp.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-aspnetmvc-version
5.2
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-length
3631
js
www.googletagmanager.com/gtag/ 		96 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-157159242-1
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
eca6e6ff5dfd177a0cced70a8d011bcd754833c103ddfe3b31a6e14ff61be710
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:12:57 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38970
x-xss-protection
0
expires
Tue, 28 Sep 2021 21:12:57 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Amatic+SC:400,700|Work+Sans:300,400,700
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
bbea63dcf699405225d801cbf8554601327dde44d76e8e26710844e21c62fd88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 21:12:57 GMT
server
ESF
date
Tue, 28 Sep 2021 21:12:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Sep 2021 21:12:57 GMT
style.css
kravmagapp.com/fonts/icomoon/ 		78 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/fonts/icomoon/style.css
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b696dfc59a40f98665773871c86c7efa7b0a8323e589d6a5ef4ddc1fb5d6e8e8

Request headers

:path
/fonts/icomoon/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:23 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"80a52e59b73d71:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
13695
bootstrap.min.css
kravmagapp.com/css/ 		156 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/css/bootstrap.min.css
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c12787c0349b163de911d9605e4299a4ac5b578d23d2094b7b1c6abf850700e8

Request headers

:path
/css/bootstrap.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:14 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"05ba5df9b73d71:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
21805
magnific-popup.css
kravmagapp.com/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/css/magnific-popup.css
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0e32fa3e8193aca4d1295fb08c5c4e1582afde28a1ae382f643df7b88b1d1cf2

Request headers

:path
/css/magnific-popup.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:14 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"05ba5df9b73d71:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1821
jquery-ui.css
kravmagapp.com/css/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/css/jquery-ui.css
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
da8167104dc010ab07b884fd8941e92aad258f4ad0d86b92e35aada15b45a294

Request headers

:path
/css/jquery-ui.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:14 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"05ba5df9b73d71:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
4130
owl.carousel.min.css
kravmagapp.com/css/ 		3 KB
991 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/css/owl.carousel.min.css
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d

Request headers

:path
/css/owl.carousel.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:15 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"80f13de09b73d71:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
909
owl.theme.default.min.css
kravmagapp.com/css/ 		965 B
506 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/css/owl.theme.default.min.css
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f3ce311a88c449a4103d3d88e1d4e6a55a5a8418fb2b9b5fa6b0895e7ac6e967

Request headers

:path
/css/owl.theme.default.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:15 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"f39d77e09b73d71:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
447
bootstrap-datepicker.css
kravmagapp.com/css/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/css/bootstrap-datepicker.css
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f2a6c653ee82cb36677404eab7c258ce985aef5a6d36a064a5a805548fadea82

Request headers

:path
/css/bootstrap-datepicker.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:14 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"05ba5df9b73d71:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2135
animate.css
kravmagapp.com/css/ 		76 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/css/animate.css
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
aaa6ea2c7d4aaf01461c078c089b35e0800d0010b5602262b323e144c15ed1fe

Request headers

:path
/css/animate.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:12 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"02e74de9b73d71:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
4667
mediaelementplayer.min.css
cdn.jsdelivr.net/npm/mediaelement@4.2.7/build/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/mediaelement@4.2.7/build/mediaelementplayer.min.css
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e2d5b7c96931a7cac72873b2f3715f72349cb9bc6289d1facedca268d686864
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:12:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1661120
x-jsd-version
4.2.7
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19171-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"2c8f-QykGc0G8eqAhcFkBtDziR7793Rc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
695ff90dea9469a3-FRA
flaticon.css
kravmagapp.com/fonts/flaticon/font/ 		1 KB
562 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/fonts/flaticon/font/flaticon.css
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6e25eb10367ca289c8bb70fe93136e734b7ffa12b830d5721c12c73eae798a39

Request headers

:path
/fonts/flaticon/font/flaticon.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:16 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"cc4642e19b73d71:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
480
aos.css
kravmagapp.com/css/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/css/aos.css
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1b6f88717e97441718b9fbd436b0aa65d4753c36c9901535eb81b7ce4b760bc4

Request headers

:path
/css/aos.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:12 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"02e74de9b73d71:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2247
style.css
kravmagapp.com/css/ 		45 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/css/style.css
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9f36332c33872d7bf19c3479450f6dc08b67537876ed408df283bafddb1a15ef

Request headers

:path
/css/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:15 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"80f13de09b73d71:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
7139
bench.gif
kravmagapp.com/images/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kravmagapp.com/images/bench.gif
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
02a072ba2ec0294703895d51b11d544fea9763807740545df2f25661cc47c911

Request headers

:path
/images/bench.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
last-modified
Thu, 08 Jul 2021 01:52:24 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"9978dee59b73d71:0"
content-type
image/gif
accept-ranges
bytes
content-length
60746
img_1.jpg
kravmagapp.com/images/ 		208 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kravmagapp.com/images/img_1.jpg
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
03af5404b4ec8f46c5514f311124cc0f92c1c2379645aaefc3af8276981241af

Request headers

:path
/images/img_1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
last-modified
Thu, 08 Jul 2021 01:52:26 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"b095dde69b73d71:0"
content-type
image/jpeg
accept-ranges
bytes
content-length
212521
forge.js
cdn.bidfluence.com/ 		112 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bidfluence.com/forge.js
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e5f904c052561f2de7cb1e1e91467d3da611e871c46e1195ef4d3e2b5c375294

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:12:57 GMT
content-encoding
gzip
last-modified
Sun, 09 May 2021 01:26:50 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0697c627244d71:0"
vary
Accept-Encoding
x-hw
1632863577.cds016.fr8.hn,1632863577.cds287.fr8.sc,1632863577.cds287.fr8.pr
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
26094
jquery-3.3.1.min.js
kravmagapp.com/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/js/jquery-3.3.1.min.js
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

:path
/js/jquery-3.3.1.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0c32ee99b73d71:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
30374
jquery-migrate-3.0.1.min.js
kravmagapp.com/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/js/jquery-migrate-3.0.1.min.js
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1743b54e611ae08f0ddb89d8d1bc9ae7d78feacbd672c86a5f5bb3c1a582e05e

Request headers

:path
/js/jquery-migrate-3.0.1.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0c32ee99b73d71:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3482
jquery-ui.js
kravmagapp.com/js/ 		45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/js/jquery-ui.js
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
88e1cc5467bfcd1bd6b269fcf9db684676ae7d732c2a036d10dacdb66f6bbcaa

Request headers

:path
/js/jquery-ui.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0c32ee99b73d71:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
11982
popper.min.js
kravmagapp.com/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/js/popper.min.js
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d2b9f29ea1f42a60a8beb1c04f76868287f2a48d6ec50fb39d6b888584a03c49

Request headers

:path
/js/popper.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:32 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0f05fea9b73d71:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
7253
bootstrap.min.js
kravmagapp.com/js/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/js/bootstrap.min.js
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

:path
/js/bootstrap.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:29 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"802c96e89b73d71:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
14086
owl.carousel.min.js
kravmagapp.com/js/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/js/owl.carousel.min.js
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Request headers

:path
/js/owl.carousel.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:32 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0f05fea9b73d71:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
10895
jquery.stellar.min.js
kravmagapp.com/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/js/jquery.stellar.min.js
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1dd583c8ff8eaeeb2f5622845527acbf0e4a875e335b4b706b305590d5a7b456

Request headers

:path
/js/jquery.stellar.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:31 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8059c7e99b73d71:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3398
jquery.countdown.min.js
kravmagapp.com/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/js/jquery.countdown.min.js
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f

Request headers

:path
/js/jquery.countdown.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0c32ee99b73d71:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2373
jquery.magnific-popup.min.js
kravmagapp.com/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/js/jquery.magnific-popup.min.js
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

:path
/js/jquery.magnific-popup.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0c32ee99b73d71:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
7358
bootstrap-datepicker.min.js
kravmagapp.com/js/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/js/bootstrap-datepicker.min.js
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bab0b131a4edcae13c50ae5779562e41b9bf3219d77e5a99fc1f403a4c9382ea

Request headers

:path
/js/bootstrap-datepicker.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:28 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"096fde79b73d71:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
10009
aos.js
kravmagapp.com/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/js/aos.js
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8acb04628394993656dad11f23029fc6ad13cf90cfaa1f5df89150b2727684a9

Request headers

:path
/js/aos.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:28 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"096fde79b73d71:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4584
main.js
kravmagapp.com/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/js/main.js
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0570e86090cc32276c5ec9d9c808ea832a6f045adf1c6eb76e05df0c61e1f3a7

Request headers

:path
/js/main.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:31 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8059c7e99b73d71:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2088
JsBarcode.all.min.js
kravmagapp.com/js/ 		48 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/js/JsBarcode.all.min.js
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b9c69658dc953f6a4c66d4199f059ff9fffe88aee1b745b465e4a835ff36cc0e

Request headers

:path
/js/JsBarcode.all.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:31 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8059c7e99b73d71:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
8779
Index.min.js
kravmagapp.com/js/ 		2 KB
789 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/js/Index.min.js?ver=004
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5e40b725929ed342dbb9f130645e2e6a1951ec2868f1faec652f1edb85d43a74

Request headers

:path
/js/Index.min.js?ver=004
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:56 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:29 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"514310e99b73d71:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
730
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-157159242-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1560
date
Tue, 28 Sep 2021 20:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 28 Sep 2021 22:46:57 GMT
prebid4.37.js
cdn.bidfluence.com/modules/ 		226 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bidfluence.com/modules/prebid4.37.js
Requested by
Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8ef21389bce7cd844ef9e9fda3d5650f6035c54f801d1384076a70db9183554f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:12:57 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 23:01:21 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8036c5bacb42d71:0"
vary
Accept-Encoding
x-hw
1632863577.cds016.fr8.hn,1632863577.cds257.fr8.sc,1632863577.cds257.fr8.pr
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
71379
ads.js
cdn.bidfluence.com/ 		131 B
434 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bidfluence.com/ads.js
Requested by
Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f9385ecf19d3c9a47b063498b5444d251cbe7528ee7af46698c9e25627fb8acc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:12:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Sat, 16 Feb 2019 22:17:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"44f1b06b45c6d41:0"
x-worker-versions
91.0.7.93 (master-5971e207515)|1.0.12.292|1.0.1405.2
x-hw
1632863577.cds016.fr8.hn,1632863577.cds216.fr8.sc,1632863578.cds216.fr8.pr
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
224
bg.jpg
kravmagapp.com/images/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kravmagapp.com/images/bg.jpg
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
740d5a2786ed742a7e5f4b70655da06d451b787ecb741e91c284ff5574f3094f

Request headers

:path
/images/bg.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:57 GMT
last-modified
Thu, 08 Jul 2021 01:52:24 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8fc5be69b73d71:0"
content-type
image/jpeg
accept-ranges
bytes
content-length
104095
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v11/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v11/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Amatic+SC:400,700|Work+Sans:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
4c95d706475a153fe4bc12a4aae383e5bf845cba076d95d76f413f51424802ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kravmagapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 05:07:56 GMT
x-content-type-options
nosniff
age
403501
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47452
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 17:39:43 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Sep 2022 05:07:56 GMT
icomoon.ttf
kravmagapp.com/fonts/icomoon/fonts/ 		300 KB
156 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/fonts/icomoon/fonts/icomoon.ttf?10si43
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/fonts/icomoon/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ba9f66e8a9ba6c03f4bd2acb263d493000ba0760eade817ada4c6ba160bbe2dd

Request headers

:path
/fonts/icomoon/fonts/icomoon.ttf?10si43
pragma
no-cache
origin
https://kravmagapp.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
kravmagapp.com
referer
https://kravmagapp.com/fonts/icomoon/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kravmagapp.com/fonts/icomoon/style.css
Origin
https://kravmagapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:57 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 01:52:21 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"6dd759e49b73d71:0"
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
Flaticon.woff
kravmagapp.com/fonts/flaticon/font/ 		2 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kravmagapp.com/fonts/flaticon/font/Flaticon.woff
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/fonts/flaticon/font/flaticon.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ac7bd3107f547865a470b1f23ad19a3a00f920b2c786372e989949f3f0ebbec2

Request headers

:path
/fonts/flaticon/font/Flaticon.woff
pragma
no-cache
origin
https://kravmagapp.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
kravmagapp.com
referer
https://kravmagapp.com/fonts/flaticon/font/flaticon.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kravmagapp.com/fonts/flaticon/font/flaticon.css
Origin
https://kravmagapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:57 GMT
last-modified
Thu, 08 Jul 2021 01:52:17 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"46dfbbe19b73d71:0"
content-type
font/x-woff
accept-ranges
bytes
content-length
2524
hero_b1_1.jpg
kravmagapp.com/images/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kravmagapp.com/images/hero_b1_1.jpg
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1bc5aa58a785fda75967b7005e1f470cec165041f765b205bd0b8109675592e8

Request headers

:path
/images/hero_b1_1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:57 GMT
last-modified
Thu, 08 Jul 2021 01:52:25 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"c9ae55e69b73d71:0"
content-type
image/jpeg
accept-ranges
bytes
content-length
51202
hero_bg_2.jpg
kravmagapp.com/images/ 		128 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kravmagapp.com/images/hero_bg_2.jpg
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
100.42.50.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
100.42.50.200-static.reverse.mysitehosted.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0f49f0ab868a28344372bf122ef6f152cdf6c2457fe24a08102581a2bd16165a

Request headers

:path
/images/hero_bg_2.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kravmagapp.com
referer
https://kravmagapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 28 Sep 2021 21:12:57 GMT
last-modified
Thu, 08 Jul 2021 01:52:25 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"522383e69b73d71:0"
content-type
image/jpeg
accept-ranges
bytes
content-length
131123
18768
stwfit.com/wp-json/acf/v3/pages/ 		63 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stwfit.com/wp-json/acf/v3/pages/18768
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/js/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.29.155.145 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4bea325722b794d2d66da77b37b6990c75eb49bdc327c581ee372eabfed40f0d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://kravmagapp.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:13:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
nginx
link
<https://stwfit.com/wp-json/>; rel="https://api.w.org/"
allow
GET
access-control-allow-methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://kravmagapp.com
vary
Accept-Encoding, Origin
access-control-allow-credentials
true
x-nocache
1
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
collect
www.google-analytics.com/j/ 		1 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=900113718&t=pageview&_s=1&dl=https%3A%2F%2Fkravmagapp.com%2F&ul=en-us&de=UTF-8&dt=kravmagapp&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1643136553&gjid=527376278&cid=1640099352.1632863578&tid=UA-157159242-1&_gid=1331410206.1632863578&_r=1&gtm=2ou9r0&z=1718513805
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kravmagapp.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:12:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://kravmagapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
Check
call.bidfluence.com/ 		835 B
887 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://call.bidfluence.com/Check
Requested by
Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.173.199.57 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
89e8eee33ec5ce23049d271aaf4cf8722c76d651e1a63519f24cf23a8ee8df25

Request headers

Referer
https://kravmagapp.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 21:12:58 GMT
Content-Encoding
br
Server
Kestrel
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://kravmagapp.com
Cache-Control
no-store,no-cache
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Check
call.bidfluence.com/ 		836 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://call.bidfluence.com/Check
Requested by
Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.173.199.57 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
1c60fa4fac4fdab67cf5ad10ec8184d7204e650a145dc992bacb286ddcf62f03

Request headers

Referer
https://kravmagapp.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 21:12:58 GMT
Content-Encoding
br
Server
Kestrel
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://kravmagapp.com
Cache-Control
no-store,no-cache
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
gpt.js
www.googletagservices.com/tag/js/ 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
0035297f685fe99c19aaf6afbe028b94190d3bde29a5ecfd5a9c639e2363afe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:12:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1000 / 424 of 1000 / last-modified: 1632854039"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25137
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Sep 2021 21:12:58 GMT
Demand
server.bidfluence.com/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://server.bidfluence.com/Demand
Requested by
Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.173.199.57 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kravmagapp.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://kravmagapp.com
Pragma
no-cache
Date
Tue, 28 Sep 2021 21:12:58 GMT
Cache-Control
no-store,no-cache
Access-Control-Allow-Credentials
true
Server
Kestrel
bid
ap.lijit.com/rtb/ 		93 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.37.0
Requested by
Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/modules/prebid4.37.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
2d203d27410f0097ef8edd788a82e73aeef09cc6ed5134aa04e1428aaddb8e62

Request headers

Referer
https://kravmagapp.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 28 Sep 2021 21:12:58 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://kravmagapp.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
mp.png
cdn.bidfluence.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bidfluence.com/mp.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b3f8fd60851ea25465da509b7406bcff926f3eeddffa7769fbea9b485ef84ad8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:12:58 GMT
etag
"fd2ae463cb14d41:0"
last-modified
Fri, 06 Jul 2018 01:48:08 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
x-worker-versions
91.0.7.93 (master-5971e207515)|1.0.12.292|1.0.1405.2
x-hw
1632863578.cds016.fr8.hn,1632863578.cds005.fr8.sc,1632863578.cds005.fr8.pr
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
1713
Demand
server.bidfluence.com/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://server.bidfluence.com/Demand
Requested by
Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.173.199.57 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kravmagapp.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://kravmagapp.com
Pragma
no-cache
Date
Tue, 28 Sep 2021 21:12:58 GMT
Cache-Control
no-store,no-cache
Access-Control-Allow-Credentials
true
Server
Kestrel
bid
ap.lijit.com/rtb/ 		93 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.37.0
Requested by
Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/modules/prebid4.37.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
28c24329928c6c9d4e0a6f84b33d47027ab3bd213cbc186523bfa1f611836117

Request headers

Referer
https://kravmagapp.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 28 Sep 2021 21:12:58 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://kravmagapp.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
pubads_impl_2021092703.js
securepubads.g.doubleclick.net/gpt/ 		334 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092703.js?31062966
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
25a54ff1cb79229cc4d3eea2fee74b29d539a0432795a1057d98f7b04f1606c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:12:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119198
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 20:03:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Sep 2021 21:12:58 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		33 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=kravmagapp.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
781c6f5a4d6c00d28b2374244ec58b26c796547371becd613d5aba08968aa8e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 21:12:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49
x-xss-protection
0
expires
Tue, 28 Sep 2021 21:12:58 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kravmagapp.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092703.js?31062966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 21:12:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=619861094823175&correlator=4028626003326839&output=ldjh&impl=fif&eid=31062966&vrg=2021092703&ptt=17&sc=1&sfv=1-0-38&ecs=20210928&iu_parts=368406191%2CRON&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=bdf%3D0.12%26bfadvid%3D10d3bb6b-5c7d-4ace-ba8b-24a3e58a90cd%26excl_cat%3DBF-Exclude&cookie_enabled=1&bc=31&abxe=1&lmt=1632863578&dt=1632863578950&dlt=1632863577223&idt=1646&frm=20&biw=1600&bih=1200&oid=3&adxs=989&adys=2716&adks=2662621310&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fkravmagapp.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=1x-1&ga_vid=1640099352.1632863578&ga_sid=1632863579&ga_hid=900113718&ga_fc=false&fws=4&ohw=1&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092703.js?31062966
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
0f021d59c3a847ae91997a40765d2e93293ea21d88f0b632c031a47788a028ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:12:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8149
x-xss-protection
0
google-lineitem-id
4501971261
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
88992307591
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kravmagapp.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E834 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092703.js?31062966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kravmagapp.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 28 Sep 2021 21:12:59 GMT
expires
Wed, 28 Sep 2022 21:12:59 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=619861094823175&correlator=4028626003326839&output=ldjh&impl=fif&eid=31062966&vrg=2021092703&ptt=17&sc=1&sfv=1-0-38&ecs=20210928&iu_parts=368406191%2CRON&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=bdf%3D0.12%26bfadvid%3D420bcf87-cd53-4fec-96d9-f61ca98fdf92%26excl_cat%3DBF-Exclude&cookie_enabled=1&bc=31&abxe=1&lmt=1632863578&dt=1632863578957&dlt=1632863577223&idt=1646&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=1110&adks=1212291067&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fkravmagapp.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=1x-1&ga_vid=1640099352.1632863578&ga_sid=1632863579&ga_hid=900113718&ga_fc=false&fws=516&ohw=1&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092703.js?31062966
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
dcf8ba61161c2fedfe80ed191526f3d6907b994bbdaf7a85a2d9a2fd2df5b07f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:12:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7834
x-xss-protection
0
google-lineitem-id
4501971261
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
88992308071
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kravmagapp.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4E26 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092703.js?31062966
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kravmagapp.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 28 Sep 2021 21:12:59 GMT
expires
Wed, 28 Sep 2022 21:12:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Demand
server.bidfluence.com/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://server.bidfluence.com/Demand
Requested by
Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.173.199.57 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kravmagapp.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://kravmagapp.com
Pragma
no-cache
Date
Tue, 28 Sep 2021 21:12:59 GMT
Cache-Control
no-store,no-cache
Access-Control-Allow-Credentials
true
Server
Kestrel
bid
ap.lijit.com/rtb/ 		93 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.37.0
Requested by
Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/modules/prebid4.37.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
02ab95cb08b050f9343cef378e404ebacac7f638a5a75ef8eeb3c15b854e6555

Request headers

Referer
https://kravmagapp.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 28 Sep 2021 21:12:59 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://kravmagapp.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092703.js?31062966
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
e5668ad294690c0def710438c8462f2eb7ece9e8ef4b7ab53cb93a45d1f8cd7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27596
x-xss-protection
0
server
sffe
etag
"1632742284803949"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 28 Sep 2021 21:12:59 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021092703&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092703.js?31062966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
4837c770b412ef92044aabcbe38167362b258f90b1a0a878263be710b7b4349b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 21:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8457
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kravmagapp.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092703.js?31062966
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 21:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		424 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=619861094823175&correlator=4028626003326839&output=ldjh&impl=fif&eid=31062966&vrg=2021092703&ptt=17&sc=1&sfv=1-0-38&ecs=20210928&iu_parts=368406191%2CRON&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=bdf%3D0.001%26bfadvid%3D10d3bb6b-5c7d-4ace-ba8b-24a3e58a90cd%26excl_cat%3DBF-Exclude&cookie=ID%3D10be6e1ffd477751-22b1f14c64c90007%3AT%3D1632863578%3AS%3DALNI_MYvs-fGWQYn5QYPJ-dWsueWHeinxA&bc=31&abxe=1&lmt=1632863579&dt=1632863579267&dlt=1632863577223&idt=1646&frm=20&biw=1600&bih=1200&oid=3&adxs=989&adys=2717&adks=3874942278&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fkravmagapp.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=1x-1&psts=AGkb-H_LaOV3ALqTucYVWbJNftVFOwTHWG9CdISNjzTb-RKCQnss4aRULvatqYY41Hc4c01Kx6XRYbEz1MW_xe1wvPsstmyjNQ&ga_vid=1640099352.1632863578&ga_sid=1632863579&ga_hid=900113718&ga_fc=false&fws=4&ohw=1&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092703.js?31062966
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
2baf44d75c3e355643e73c925f6f587b39e593b51ac18754693d55691157e382
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:12:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
220
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kravmagapp.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4E26 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
URL: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 17:18:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100458
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 27 Sep 2022 17:18:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4E26 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
URL: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37837
x-xss-protection
0
server
sffe
etag
"1632742272549041"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 28 Sep 2021 21:12:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4E26 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvLNyxmHqRiyev0p5atq7DsGXf3ylzOySlYIA3qGCNdNcjCgpm4DN9M6WZSvUs2hi5dh8SK-2OXF98oJ9jAVNDexnX0-7ixKZCKcwyY8mNxf4oxzFzGUtVGlxRiNatiOCXy3TLNJInNB8Ge8wVm1qLbQCFvQun40chF-DhBxRLyAqkPaOJDtNr9eHLamFuUajkNRDgcUGHCaHWcXcgruPlBsEks_74FBziyO1_DUOOhd2PGLyyYRu6DHAcgfb23iiAIhCNDHJzi4HnygkCfY-SlcPO__5TgU7QW-uHw6eZrQ&sai=AMfl-YSVrvN9yQsii1V98dgtCv3XYqBeUaVnA4gFGEroPtFWH5ZnqSJRkUupQ4lKent_EinA7A5-0tMnDciZO7m8y4z2VvJe9ej7Ro5Dab3SCTFhyX6jGuI_f4OQoOuxkmo&sig=Cg0ArKJSzBWQB67BBqXXEAE&urlfix=1&adurl=
Requested by
Host: 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
URL: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 21:12:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 28 Sep 2021 21:12:59 GMT
truncated
/ Frame 4E26 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d627327018514004ab6c7fa5c920302e5d80343176293dd71cc2670b07a69838

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 4E26 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssULtc89Xln84c43jqyoH5ValceMzXaTu5Kj8XjdVWDVfQIPo59jyWGAQSrJ3QNLfLaUXKnda3p3m9d_46SfWClAMI0AMVUIxpoF6Wld0hzqLzMFkBRJuRdvW4b8jQukONTfRCXMwQ_v2CjncZeMgj4IUvCxRNOX5j5pgjaJBth9GdKRLQGOc-pP9mZga1kYz8sk8QdEmQxCJjYLTu0manJvLix4rMsBkoI33SecViNqGQzvc3w2S6aSDG0YjiSXS3vxDrxYDQSEaCOtvB7OJgGYCucfewqvP9q9MRW14EI8tWC&sai=AMfl-YT983_b9GMOQoK5intauWXzPSFT9LJwvOMi7JZU7AkD2Y-YB1r3FuqCVQQ0bmz5Y7AwpzSZwMEzL9n6GBG5BA91fOyzDxpBLO3ZBhk5z4DeMgnY-0z1xltOIOZ-idw&sig=Cg0ArKJSzAuJ9xQQtrK7EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 21:12:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 28 Sep 2021 21:12:59 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092703.js?31062966
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 28 Sep 2021 21:12:59 GMT
container.html
8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5715 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092703.js?31062966
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kravmagapp.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 28 Sep 2021 21:12:59 GMT
expires
Wed, 28 Sep 2022 21:12:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Demand
server.bidfluence.com/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://server.bidfluence.com/Demand
Requested by
Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.173.199.57 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kravmagapp.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://kravmagapp.com
Pragma
no-cache
Date
Tue, 28 Sep 2021 21:12:59 GMT
Cache-Control
no-store,no-cache
Access-Control-Allow-Credentials
true
Server
Kestrel
bid
ap.lijit.com/rtb/ 		94 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.37.0
Requested by
Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/modules/prebid4.37.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
60ba0588a801aaeb7b9af160c17cf208b42a38b5db0bde83404ccbf08d9ce284

Request headers

Referer
https://kravmagapp.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 28 Sep 2021 21:12:59 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://kravmagapp.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1DA3 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kravmagapp.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 28 Sep 2021 13:52:25 GMT
expires
Wed, 28 Sep 2022 13:52:25 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
26434
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame C175 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
6fceb36b7e9d50093679dff9d557809f4a8a6e5254ebad86d64323b6a38d54ba
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6q4cQIRNzE20hUgNmuXayg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kravmagapp.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 28 Sep 2021 21:12:59 GMT
date
Tue, 28 Sep 2021 21:12:59 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-6q4cQIRNzE20hUgNmuXayg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5715 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
URL: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 17:18:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100458
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 27 Sep 2022 17:18:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5715 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
URL: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37837
x-xss-protection
0
server
sffe
etag
"1632742272549041"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 28 Sep 2021 21:12:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5715 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRMdd-oqtgEJSOFwCG83FM3Fs8YiPi_88Sph4zOD35s6n3zpxuoD3Zz6L5nC3VxboRhrM9cQ7inBFFDnkaTYwAlWUayXOff8z86dZc8jTHVS7ETt4KUUlL4oNMpiL1ljzZkSCnfkCs2rsMYOloZ5zTl417HFDpuViFcHG_EmBBXt4MdQsbpHuOvGI9h5lmGVDc_jFbfRxbGME-H5wGUC_PlOM79QjaeKdmgfWFwBro4ezUXwzjWQXjsq6KKi_Jx8QwAz1FgMsf5D5FZYcxFXljD5j4CDzd_ICEI8Vv&sai=AMfl-YS_jYWzUS2jhFNa5PPoWIEZiq1nnnAJP-B5TAoHssXKEqs8k77PXwVZZTbk7PlNJYrm_7zFG5bIJQyCp5mi4RQkU-eJKJCgBkhPJB0rDknF_PYOI2IBAubTbkb7L-x_&sig=Cg0ArKJSzDF4ry-tcMD9EAE&urlfix=1&adurl=
Requested by
Host: 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
URL: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 21:12:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js
pagead2.googlesyndication.com/bg/ Frame 1DA3 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 17:18:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
100453
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13388
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 27 Sep 2022 17:18:46 GMT
truncated
/ Frame 5715 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04a1edde1f5c0b7a1b0ef038fa83158b9c72057163cbfed668b8a4751faef86e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 5715 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuElo2hEzfJ3qKmuDX7Z79WZh92PhjwiSKVfn-jbTVto5J1gRz2u2hWtuhch6l79UKhcB5X83HRgVctDx9okdA91ildtCEFs7AupwHc5vUv1h-tVQH_JIGcSws83GKT55moCb6z4CXI1pa26iQ4AsoISIASp5OzVKLdv2D-rshOLpR3WIRDcL_wo31qPdsZj55lrS4nLV2Vt3o94zWnydq1uWLue4_BkUw63k_uz9mrSSzKYQLAt_gEDjS4zByX_sycBvAnkOnz6G1wjq6pQjasZiA5D36b2EZs0jebLIU&sai=AMfl-YQ27vjSNdt9zdnQ5D2ZZWdrX0c_-8p_DGYsh60tLdWFvIaqvtBafhZj1jW4iylO59GFCIlAFekhjG0_AUd53qFEyd1sl3ae5_VvyD6afvqs4e8zOicXQKhOHvRhJyrA&sig=Cg0ArKJSzGt4eCQ4ZTdiEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 21:12:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 28 Sep 2021 21:12:59 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kravmagapp.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092703.js?31062966
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 21:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=619861094823175&correlator=4028626003326839&output=ldjh&impl=fif&eid=31062966&vrg=2021092703&ptt=17&sc=1&sfv=1-0-38&ecs=20210928&iu_parts=368406191%2CRON&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=bdf%3D0.001%26bfadvid%3D420bcf87-cd53-4fec-96d9-f61ca98fdf92%26excl_cat%3DBF-Exclude&cookie=ID%3Df3341f9e552ce1bf-22ad895764c900bf%3AT%3D1632863578%3AS%3DALNI_MZcKGZfvnxwoA7OsNlP_t1Aj-L-hQ&bc=31&abxe=1&lmt=1632863579&dt=1632863579487&dlt=1632863577223&idt=1646&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=1111&adks=3755539520&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fkravmagapp.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=1x-1&psts=AGkb-H_LaOV3ALqTucYVWbJNftVFOwTHWG9CdISNjzTb-RKCQnss4aRULvatqYY41Hc4c01Kx6XRYbEz1MW_xe1wvPsstmyjNQ%2CAGkb-H8g4whlSan0G9bAlJ2O-IS3IJE5NwjS9Cp-tk0JtAEjgPC8pqiV9b_C_1mIaIOS_kJjrKWBn3Jy8n_eYsCDIzm6tmWqOg&ga_vid=1640099352.1632863578&ga_sid=1632863579&ga_hid=900113718&ga_fc=false&fws=516&ohw=1&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092703.js?31062966
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
5678c08f866bc733971b8f0a931929f7f4715a6443497c0f388862e0da47c639
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:12:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8331
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kravmagapp.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C175 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021092703&jk=619861094823175&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 4E26 		0
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame EFBC 		109 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
9864268ac658d73aa528ee0aeb65dcc9595024e7d63bc2eac20c1f5eed3718a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39553
x-xss-protection
0
server
cafe
etag
1940396448224934466
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 21:12:59 GMT
Rep
report.bidfluence.com/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://report.bidfluence.com/Rep?cid=-&crid=
Requested by
Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.173.199.57 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kravmagapp.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://kravmagapp.com
Pragma
no-cache
Date
Tue, 28 Sep 2021 21:12:59 GMT
Cache-Control
no-store,no-cache
Access-Control-Allow-Credentials
true
Server
Kestrel
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/ Frame EFBC 		255 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js?bust=31062935
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
5d1b2acad2dd2f0095ace4499fb9945a5436adcf28bb47260bf75def4b0235d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96603
x-xss-protection
0
server
cafe
etag
5043874018115547463
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Sep 2021 21:12:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021092703&jk=619861094823175&bg=!LC-lL2vNAAZNQyuQTUM7ACkAdvg8WveLxpgKOuJf9jeF5uJWc6NLPkqwHwSQFKi-3-jc62bhu1QHEQIAAABgUgAAABZoAQeZArmBCAobMybeFVI11Rs9YU8dpwtMRk-sgU5gYE3rHd4oYYS3Bb9jTxurQlqeZhkPmlU0gQKMrVgwlrOmTjheeEjR8E3qQDqHYgfa8dlHO22yj28sebCpdkBtNfLYfI7lhGT-IlDg_Nt6RAnRz2YgcuOX2assYYwfvRNERYxkCLAWjf9bGToLDyg07P7yIEK3ioA3cysOjF-017bXBgiYD5T8qq8WdZJUktr8YwK1dhF5j5KaGLAO_tSrc2bkMqo0Z8W9j_BJtGz5Pgui2ANKCHzVS16ZOOYEsFUpdTE7iLlOqWd4s58QZW6b0BwX7-wtOzGk6-1s2-lwis-UpSNbcNExKluVQS975pnz_HART3X9u6sPxU1VPd3S8ChVYiThnnxku2iaG1ehU3kjAEqjtLHceFWilQ1AlHFOCMqgiIDq8Zh98256UaizqxqJIoT1FQInc4UvKddrJc7l4xzi73gfJz6-wRX3DYPIRAaqlgWJjOOZYg4dNnnOad9r7O_Ebp8jPfIaqE3UycWDu4MXHwI_yejtrW7mK-VTZGnjsG00qUsKdgTK852qPX9FUfSZ_tdGja-swzlb6ln5Exn8dGPLF-1gKX4A6I2nMprPEY-XMhOe_hkZplSJqKXgdFRd4WXW0csOA44Yl4V38m7OI3wSqTPDoptmf9mTz0y9mCdlmDLok3qOP-8B7vTKAwHloYFWnMWtbCX8zA1e_ylkjwR_xYBJu-_wK9iMwTnoxRmREJ78Bjnn78U3n-04Lu7X4od2QWjS2ICy3TK_trKmWJqgVkwnlML3vSvQCrucuzDXtHxK-LCdw8wM9x-qwVGo0nuoNplYLEwq3ppmssvovk3RHh0TMBk_nUMvJmfSl3IqTaZ_m93DIoNtFzGg6-K4qA5mwrNZM0XvAiTiesW5-LSx8juW3o8LcCOD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
cookie.js
partner.googleadservices.com/gampad/ Frame EFBC 		204 B
412 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=kravmagapp.com&callback=_gfp_s_&client=ca-pub-2508572163480636&cookie=ID%3D10be6e1ffd477751%3AT%3D1632863578%3AS%3DALNI_MYg6qtjqlgnT0tGyTBCYRiboZM6Sw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js?bust=31062935
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
7f76d7655505908267251984ab2711addb1f48112dfdf1e57c60e37f529a04eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame EFBC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kravmagapp.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js?bust=31062935
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 21:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BEC8 		603 B
112 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2508572163480636&output=html&h=250&slotname=8748103476&adk=1527147156&adf=3383700272&pi=t.ma~as.8748103476&w=300&url=https%3A%2F%2Fkravmagapp.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632863579601&bpp=13&bdt=48&idt=74&shv=r20210922&mjsv=m202109220101&ptt=5&saldr=sa&cookie=ID%3D10be6e1ffd477751%3AT%3D1632863578%3AS%3DALNI_MYg6qtjqlgnT0tGyTBCYRiboZM6Sw&correlator=6330543460691&frm=23&ife=1&pv=2&ga_vid=1640099352.1632863578&ga_sid=1632863580&ga_hid=998993178&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=840&ady=2717&biw=1600&bih=1200&isw=300&ish=250&ifk=3948632032&scr_x=0&scr_y=0&eid=31062935&oid=3&pvsid=1044647733774702&pem=809&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dpodx194nq7o&btvi=1&fsb=1&dtd=87
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js?bust=31062935
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2508572163480636&output=html&h=250&slotname=8748103476&adk=1527147156&adf=3383700272&pi=t.ma~as.8748103476&w=300&url=https%3A%2F%2Fkravmagapp.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632863579601&bpp=13&bdt=48&idt=74&shv=r20210922&mjsv=m202109220101&ptt=5&saldr=sa&cookie=ID%3D10be6e1ffd477751%3AT%3D1632863578%3AS%3DALNI_MYg6qtjqlgnT0tGyTBCYRiboZM6Sw&correlator=6330543460691&frm=23&ife=1&pv=2&ga_vid=1640099352.1632863578&ga_sid=1632863580&ga_hid=998993178&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=840&ady=2717&biw=1600&bih=1200&isw=300&ish=250&ifk=3948632032&scr_x=0&scr_y=0&eid=31062935&oid=3&pvsid=1044647733774702&pem=809&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.dpodx194nq7o&btvi=1&fsb=1&dtd=87
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kravmagapp.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUl-Rv6l3Knzn9ozEay0ZT-mGmteZC62osD5W65XLxe882xZeJO6Ph7-Ha15OV4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 28 Sep 2021 21:12:59 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame EFBC 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js?bust=31062935
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
e5668ad294690c0def710438c8462f2eb7ece9e8ef4b7ab53cb93a45d1f8cd7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27596
x-xss-protection
0
server
sffe
etag
"1632742284803949"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 28 Sep 2021 21:12:59 GMT
container.html
8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FE92 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092703.js?31062966
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kravmagapp.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 28 Sep 2021 21:12:59 GMT
expires
Wed, 28 Sep 2022 21:12:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Served
served.bidfluence.com/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served.bidfluence.com/Served
Requested by
Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.173.199.57 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kravmagapp.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://kravmagapp.com
Pragma
no-cache
Date
Tue, 28 Sep 2021 21:12:59 GMT
Cache-Control
no-store,no-cache
Access-Control-Allow-Credentials
true
Server
Kestrel
Rep
report.bidfluence.com/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://report.bidfluence.com/Rep?cid=db6c846a-2269-4d85-bf49-30a1af7857c3&crid=
Requested by
Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.173.199.57 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kravmagapp.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://kravmagapp.com
Pragma
no-cache
Date
Tue, 28 Sep 2021 21:12:59 GMT
Cache-Control
no-store,no-cache
Access-Control-Allow-Credentials
true
Server
Kestrel
pixel
googleads.g.doubleclick.net/xbbe/ Frame DF28 		624 B
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEPTNpIoCGJTHm7MBMAE&v=APEucNXgQipkAwFbgWCkqFsOdW6D6-8Am_7232WEhIk--qYD7zBr4F7ZMHZaeug_ioxMZgl5Oj8qCbXXGa1H_UQUhLpmpjiqTg
Requested by
Host: 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
URL: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN8DEPTNpIoCGJTHm7MBMAE&v=APEucNXgQipkAwFbgWCkqFsOdW6D6-8Am_7232WEhIk--qYD7zBr4F7ZMHZaeug_ioxMZgl5Oj8qCbXXGa1H_UQUhLpmpjiqTg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUl-Rv6l3Knzn9ozEay0ZT-mGmteZC62osD5W65XLxe882xZeJO6Ph7-Ha15OV4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 28 Sep 2021 21:12:59 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame FE92 		57 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTT0DtUdIKRkhYazpxAyDL49cLdBmB0oc0V57QSivY43d0DjPkmo95n2QyOomv6e5ns7jSDXFJsu6hTKbQ8SRjaeCVfnpqlH3z_DvCrq9qw628b_-1wDj6WsZzKjaIRhuV7mwEdUrgJwyVQWp4AivBmJJSWQ&dbm_d=AKAmf-AuWO6wHsqTY3IXvVhFlxZAcomQIZTiyQoTNLJCDckTxwdhMqSy0Q4q_QDvS11pCbTl8UwBN6t1mF9d8kGCCXSKcdGSKndiTTOmm8aBM8pIgbUyo0yDqMw-ZQMOf0ScVBHuAt8GjHXkpVpWHpF_E-AIq45qMntxnIFZSC2JwVAcMtu_cb213mqz8L4Ehs-rhZiky1_klrJWsskxfFJop8Wj2NDWQpuVesecKGCsmNrcrMH5lWeQ_EHfyomGIA2KSgHE3YLaSe9vyraMEzDdUJN75_-Ney75OV9sXs_IWgi1IZLbRGDbr80iFheIYHiBmr9CDkOsnJT0IKD2JqD0o18BuJIuIt9TXSqSGi0RjRRsi6KGNm9wGqduswHUtJ6f_XryM-wyFYTG1McjS3kUrAzzO3uS0wxWuYNuQtXdTzc4lf_iu4-gtQYGyeeKVmvQyWLueYI_TZCFoc1pKf5znx3RraOI1eEf3dB9Lk7YzEjgchJ48XztJX2HYJvrVk96OsxUkPBcMSc0Ou9ijTMXMZOn-ov3AoHtnQjsQaxXs6qrPqZrGChTEDPmricPPlifDoivBHbcINsxudjgAJ1EWRPze0yylHuPkvgGNEolSG7wENfDMDmpaCzNumzEzwPZm-3g0HXaOQDApt38C-VXLPTxj2jF7gtAP6CI1zJQiLdEj_UGXifbV7f9Ne0HLIndzfQBqwP9n5PuEZWbqkBlmkaD3njnK1x2DytBw_9VHEuuLsCAmWmOgO8AwN6fwiDGMghwEHF2BWDrf0Aip8_SqZA8uL2cqbXtYngGnFqi878jEKKzGFF1mP9p1FER59XjhZNi6mwdMDgt_Wkrw0tfKvioOwtN7m4MN0J3fYUP4OoB7OE0XPmEeOtt8KGfj6ob8WN9WlpBZ-AcVZAMG3rOkyYwX3iQ7Jem8p85UhcuFDMj-NXD8sIbh6l-2WMHN9i6zUzP65-NT845SE8EkP9-tdkpwm-Od5ax7DYvF24yQXkyWjysg_CaLttL9-WayLkbwNUpIhRhDMaDKllMwZnJyRmq3s3QDo0h3c0SIEPvZpQGVHvqj60Wod_ZfRcL5WEieACKFiPiLlmxb5MnlvYt8mdbkNdAR3IrAwc_jcNobiS2w1WmRYi0xnQJ4x8tBEv1epx9t_B1jbykoynZZ395_x8go8fZP_hhmcG2EmjY623U9zeIHVY7hntfRBndlLuNBbf8oQ8VlF0vJXFD-zUF_NKbG-Nznyu2nNYWegRjShy-I8PaNNinf0ZsYGB7aZV53sWh4fD_-WHJfcZKRY9e1uTZ7TIjNgtozDAzgLPK6bFjtRACs5c3MLle3SY-YoJsbeUSMYLoxBhF8qUfWVT4yrKMs7JiDfQV7jPH_EiVBxZ4t7vgfjkYXIL_D0FyxGVaO3iR1td1PdZ6elnLB2uXPpvpnMtXJ6KJqHiYuYQjbLOzMLhU6nQW9Ts_bGPTC2zn31AnpxSTM2OKMYd-sBGiT2dFv_UjC5tCQkoG_WeMSsSu5oWIOZ_Su9r0S1eO9pVT-q86wvtY4bBMy_XzgTxm7ohJNx1ZzA3cL0Tx38XoFLRgLN0_kZZn4N9mYFeaJr-HStWCkU2aFLnADz6uSSsROAh5udkKM_UJzSbmXCekhJhklqE6S8LQn6JdPg2j5xIlrKkRI0H0J0ielGK4Uelox4X7Zs_zGxnf4Bg3JZLtXxB8CFHkTvFv93_GjRz_x6XqPE6nQpOvwWp4vJDDRG4EkmpeEzZHVM8tTwQO2qQsin4K_VM7C6FGJbCR5ke6qb2H5ToaQ0ylNnar756pAxgpNKCaA-Lwr6zzBm3awJlv9nkL2f1LZOifryshZLz99_FwXpnRFycssmny4Hns2fpVw0kfbIsVaPyiHEL-2YAr1d_Mq8yuPQE4Q5iUiw2wVRGrx-AMmnzMbwWpyYX3VEOSe5YUC0rmEnc0zkBmokSuAImyCb8UnVcQ_GCZ1xB_lSSUHAGZIlBB4oQS6Pv3RQ6leFLLBtI2KpAdf_YF6i58J0jARMsloWSZBQ1GXiFXF_sdzJNu-T6DPRCaQxR6EmObBpz29YVSYVWX_4atKPPWOstOgPJ7dCtQMF9WO5xKtiWDBf9YpEhzDRRMuGd9wHzytTeCDP4XPPdAgRLzKdQggUzHNmYHZNpT8xan-s13RxlHLg5GxPf5U6KrdmJC-v5jZrykHJsNs76YRdaxqOjKBgGtnnUiC5KPalBiX-Emfwi99QPBx_1saLluit98oqoV4eZjN_XzNeYaR5d8yqddkBHbR-T3I1UAcyliR9MOas1g-wKKBDb9EzXhgx3cc2v8igXUr199a4gh4VonBfxxF6xia8WzcCIpuT5WhcG19juazFxurih7_sIX7Nzz9Uj_REbCIC5OlZYAfq9WtkH7pEaQMpQiX13VRb98zhvw-riS7O9BF0FOCYRu3j2MYXWY7L3-zdqBHXrccOPNRGOiSgppqepfZvMZWVP8en_Nz9pI5n7i0fkX9IN2qP5WHEmv3y0QoK06paGrNf5eAViMkQrQFf0GycqSHt9IhOMj4B9GRaRE2N0qfmuvkYd7p9G2ifB3lK_3Rx17K81oEDc9k3SGLL7d8cjLZrsZR-zStU7DIfPlqq6MtvqurvjIPqoLSd6lOTOnnKVoIvuiSD5eshJRywhqPrDnk20cDBVCZzsQpPq5no92TqL293TjWchzVCds4rueuw&cid=CAASEuRoLofLclN7OMilxD9puDIX6A&rfl=1%2Chttps%253A%252F%252Fkravmagapp.com%252F%240
Requested by
Host: kravmagapp.com
URL: https://kravmagapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
3d42bd3602afb5aaf8c78ecec6627a401861026304c6a2782e26715f0b3a23fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:12:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26727
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FE92 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AHYStl4iJPr0_DXqsIvG13og-GABXyGc1jked-8mRWsELSKPbKONrD_fHr8-_uu_djuDp-rUXkgnFFGBMqry2tdiMkG5WGANZZcBbxtfmpjw4yL1s
Requested by
Host: 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
URL: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:12:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame FE92 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js
Requested by
Host: 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
URL: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:10:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Oct 2021 21:10:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FE92 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
URL: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37837
x-xss-protection
0
server
sffe
etag
"1632742272549041"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 28 Sep 2021 21:12:59 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame FE92 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
URL: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
431
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6232
x-xss-protection
0
server
cafe
etag
15606800361334891596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Oct 2021 21:05:48 GMT
l
www.google.com/ads/measurement/ Frame FE92 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRmtVXsBEP4NXBUNNmTzZ4KjU0UrBjPoLvHhiEGWX_xEVFUGrd5-oWqRYFe8m3CojyEzMI4GwXfnIu29J5vrDL-knIdhw
Requested by
Host: 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
URL: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame DF28
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELy2Rtunh32XqwTBowrQaeQ&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELy2Rtunh32XqwTBowrQaeQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEPTNpIoCGJTHm7MBMAE&v=APEucNXgQipkAwFbgWCkqFsOdW6D6-8Am_7232WEhIk--qYD7zBr4F7ZMHZaeug_ioxMZgl5Oj8qCbXXGa1H_UQUhLpmpjiqTg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 21:12:59 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 28 Sep 2021 21:12:59 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:12:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELy2Rtunh32XqwTBowrQaeQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DF28
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YVOFW8V069ehivaOrj1fEQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELy2Rtunh32XqwTBowrQaeQ&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELy2Rtunh32XqwTBowrQaeQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEPTNpIoCGJTHm7MBMAE&v=APEucNXgQipkAwFbgWCkqFsOdW6D6-8Am_7232WEhIk--qYD7zBr4F7ZMHZaeug_ioxMZgl5Oj8qCbXXGa1H_UQUhLpmpjiqTg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 21:12:59 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 28 Sep 2021 21:12:59 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:12:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELy2Rtunh32XqwTBowrQaeQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame DF28
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAw0UkNVBnkj1LyRYwxGzDo&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAw0UkNVBnkj1LyRYwxGzDo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEPTNpIoCGJTHm7MBMAE&v=APEucNXgQipkAwFbgWCkqFsOdW6D6-8Am_7232WEhIk--qYD7zBr4F7ZMHZaeug_ioxMZgl5Oj8qCbXXGa1H_UQUhLpmpjiqTg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 21:12:59 GMT
X-Proxy-Origin
216.131.114.199; 216.131.114.199; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
6a9b1a53-dc40-4377-a38b-36b34eeb28ee
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:12:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAw0UkNVBnkj1LyRYwxGzDo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DF28
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY1NzQxNTg4MDgxMjA4ODQ1Nw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY1NzQxNTg4MDgxMjA4ODQ1Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEPTNpIoCGJTHm7MBMAE&v=APEucNXgQipkAwFbgWCkqFsOdW6D6-8Am_7232WEhIk--qYD7zBr4F7ZMHZaeug_ioxMZgl5Oj8qCbXXGa1H_UQUhLpmpjiqTg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:12:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 21:12:59 GMT
X-Proxy-Origin
216.131.114.199; 216.131.114.199; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
69d4ead5-8d31-4361-a548-9a7b8b970ddf
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY1NzQxNTg4MDgxMjA4ODQ1Nw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame FE92 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTT0DtUdIKRkhYazpxAyDL49cLdBmB0oc0V57QSivY43d0DjPkmo95n2QyOomv6e5ns7jSDXFJsu6hTKbQ8SRjaeCVfnpqlH3z_DvCrq9qw628b_-1wDj6WsZzKjaIRhuV7mwEdUrgJwyVQWp4AivBmJJSWQ&dbm_d=AKAmf-AuWO6wHsqTY3IXvVhFlxZAcomQIZTiyQoTNLJCDckTxwdhMqSy0Q4q_QDvS11pCbTl8UwBN6t1mF9d8kGCCXSKcdGSKndiTTOmm8aBM8pIgbUyo0yDqMw-ZQMOf0ScVBHuAt8GjHXkpVpWHpF_E-AIq45qMntxnIFZSC2JwVAcMtu_cb213mqz8L4Ehs-rhZiky1_klrJWsskxfFJop8Wj2NDWQpuVesecKGCsmNrcrMH5lWeQ_EHfyomGIA2KSgHE3YLaSe9vyraMEzDdUJN75_-Ney75OV9sXs_IWgi1IZLbRGDbr80iFheIYHiBmr9CDkOsnJT0IKD2JqD0o18BuJIuIt9TXSqSGi0RjRRsi6KGNm9wGqduswHUtJ6f_XryM-wyFYTG1McjS3kUrAzzO3uS0wxWuYNuQtXdTzc4lf_iu4-gtQYGyeeKVmvQyWLueYI_TZCFoc1pKf5znx3RraOI1eEf3dB9Lk7YzEjgchJ48XztJX2HYJvrVk96OsxUkPBcMSc0Ou9ijTMXMZOn-ov3AoHtnQjsQaxXs6qrPqZrGChTEDPmricPPlifDoivBHbcINsxudjgAJ1EWRPze0yylHuPkvgGNEolSG7wENfDMDmpaCzNumzEzwPZm-3g0HXaOQDApt38C-VXLPTxj2jF7gtAP6CI1zJQiLdEj_UGXifbV7f9Ne0HLIndzfQBqwP9n5PuEZWbqkBlmkaD3njnK1x2DytBw_9VHEuuLsCAmWmOgO8AwN6fwiDGMghwEHF2BWDrf0Aip8_SqZA8uL2cqbXtYngGnFqi878jEKKzGFF1mP9p1FER59XjhZNi6mwdMDgt_Wkrw0tfKvioOwtN7m4MN0J3fYUP4OoB7OE0XPmEeOtt8KGfj6ob8WN9WlpBZ-AcVZAMG3rOkyYwX3iQ7Jem8p85UhcuFDMj-NXD8sIbh6l-2WMHN9i6zUzP65-NT845SE8EkP9-tdkpwm-Od5ax7DYvF24yQXkyWjysg_CaLttL9-WayLkbwNUpIhRhDMaDKllMwZnJyRmq3s3QDo0h3c0SIEPvZpQGVHvqj60Wod_ZfRcL5WEieACKFiPiLlmxb5MnlvYt8mdbkNdAR3IrAwc_jcNobiS2w1WmRYi0xnQJ4x8tBEv1epx9t_B1jbykoynZZ395_x8go8fZP_hhmcG2EmjY623U9zeIHVY7hntfRBndlLuNBbf8oQ8VlF0vJXFD-zUF_NKbG-Nznyu2nNYWegRjShy-I8PaNNinf0ZsYGB7aZV53sWh4fD_-WHJfcZKRY9e1uTZ7TIjNgtozDAzgLPK6bFjtRACs5c3MLle3SY-YoJsbeUSMYLoxBhF8qUfWVT4yrKMs7JiDfQV7jPH_EiVBxZ4t7vgfjkYXIL_D0FyxGVaO3iR1td1PdZ6elnLB2uXPpvpnMtXJ6KJqHiYuYQjbLOzMLhU6nQW9Ts_bGPTC2zn31AnpxSTM2OKMYd-sBGiT2dFv_UjC5tCQkoG_WeMSsSu5oWIOZ_Su9r0S1eO9pVT-q86wvtY4bBMy_XzgTxm7ohJNx1ZzA3cL0Tx38XoFLRgLN0_kZZn4N9mYFeaJr-HStWCkU2aFLnADz6uSSsROAh5udkKM_UJzSbmXCekhJhklqE6S8LQn6JdPg2j5xIlrKkRI0H0J0ielGK4Uelox4X7Zs_zGxnf4Bg3JZLtXxB8CFHkTvFv93_GjRz_x6XqPE6nQpOvwWp4vJDDRG4EkmpeEzZHVM8tTwQO2qQsin4K_VM7C6FGJbCR5ke6qb2H5ToaQ0ylNnar756pAxgpNKCaA-Lwr6zzBm3awJlv9nkL2f1LZOifryshZLz99_FwXpnRFycssmny4Hns2fpVw0kfbIsVaPyiHEL-2YAr1d_Mq8yuPQE4Q5iUiw2wVRGrx-AMmnzMbwWpyYX3VEOSe5YUC0rmEnc0zkBmokSuAImyCb8UnVcQ_GCZ1xB_lSSUHAGZIlBB4oQS6Pv3RQ6leFLLBtI2KpAdf_YF6i58J0jARMsloWSZBQ1GXiFXF_sdzJNu-T6DPRCaQxR6EmObBpz29YVSYVWX_4atKPPWOstOgPJ7dCtQMF9WO5xKtiWDBf9YpEhzDRRMuGd9wHzytTeCDP4XPPdAgRLzKdQggUzHNmYHZNpT8xan-s13RxlHLg5GxPf5U6KrdmJC-v5jZrykHJsNs76YRdaxqOjKBgGtnnUiC5KPalBiX-Emfwi99QPBx_1saLluit98oqoV4eZjN_XzNeYaR5d8yqddkBHbR-T3I1UAcyliR9MOas1g-wKKBDb9EzXhgx3cc2v8igXUr199a4gh4VonBfxxF6xia8WzcCIpuT5WhcG19juazFxurih7_sIX7Nzz9Uj_REbCIC5OlZYAfq9WtkH7pEaQMpQiX13VRb98zhvw-riS7O9BF0FOCYRu3j2MYXWY7L3-zdqBHXrccOPNRGOiSgppqepfZvMZWVP8en_Nz9pI5n7i0fkX9IN2qP5WHEmv3y0QoK06paGrNf5eAViMkQrQFf0GycqSHt9IhOMj4B9GRaRE2N0qfmuvkYd7p9G2ifB3lK_3Rx17K81oEDc9k3SGLL7d8cjLZrsZR-zStU7DIfPlqq6MtvqurvjIPqoLSd6lOTOnnKVoIvuiSD5eshJRywhqPrDnk20cDBVCZzsQpPq5no92TqL293TjWchzVCds4rueuw&cid=CAASEuRoLofLclN7OMilxD9puDIX6A&rfl=1%2Chttps%253A%252F%252Fkravmagapp.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
289d6e0a0907342fcc661d9944f30ab735754993b96f13f5b59ef4f5269b40fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
546
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9237
x-xss-protection
0
server
cafe
etag
9463376652360951579
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Oct 2021 21:03:53 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/ Frame FE92 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTT0DtUdIKRkhYazpxAyDL49cLdBmB0oc0V57QSivY43d0DjPkmo95n2QyOomv6e5ns7jSDXFJsu6hTKbQ8SRjaeCVfnpqlH3z_DvCrq9qw628b_-1wDj6WsZzKjaIRhuV7mwEdUrgJwyVQWp4AivBmJJSWQ&dbm_d=AKAmf-AuWO6wHsqTY3IXvVhFlxZAcomQIZTiyQoTNLJCDckTxwdhMqSy0Q4q_QDvS11pCbTl8UwBN6t1mF9d8kGCCXSKcdGSKndiTTOmm8aBM8pIgbUyo0yDqMw-ZQMOf0ScVBHuAt8GjHXkpVpWHpF_E-AIq45qMntxnIFZSC2JwVAcMtu_cb213mqz8L4Ehs-rhZiky1_klrJWsskxfFJop8Wj2NDWQpuVesecKGCsmNrcrMH5lWeQ_EHfyomGIA2KSgHE3YLaSe9vyraMEzDdUJN75_-Ney75OV9sXs_IWgi1IZLbRGDbr80iFheIYHiBmr9CDkOsnJT0IKD2JqD0o18BuJIuIt9TXSqSGi0RjRRsi6KGNm9wGqduswHUtJ6f_XryM-wyFYTG1McjS3kUrAzzO3uS0wxWuYNuQtXdTzc4lf_iu4-gtQYGyeeKVmvQyWLueYI_TZCFoc1pKf5znx3RraOI1eEf3dB9Lk7YzEjgchJ48XztJX2HYJvrVk96OsxUkPBcMSc0Ou9ijTMXMZOn-ov3AoHtnQjsQaxXs6qrPqZrGChTEDPmricPPlifDoivBHbcINsxudjgAJ1EWRPze0yylHuPkvgGNEolSG7wENfDMDmpaCzNumzEzwPZm-3g0HXaOQDApt38C-VXLPTxj2jF7gtAP6CI1zJQiLdEj_UGXifbV7f9Ne0HLIndzfQBqwP9n5PuEZWbqkBlmkaD3njnK1x2DytBw_9VHEuuLsCAmWmOgO8AwN6fwiDGMghwEHF2BWDrf0Aip8_SqZA8uL2cqbXtYngGnFqi878jEKKzGFF1mP9p1FER59XjhZNi6mwdMDgt_Wkrw0tfKvioOwtN7m4MN0J3fYUP4OoB7OE0XPmEeOtt8KGfj6ob8WN9WlpBZ-AcVZAMG3rOkyYwX3iQ7Jem8p85UhcuFDMj-NXD8sIbh6l-2WMHN9i6zUzP65-NT845SE8EkP9-tdkpwm-Od5ax7DYvF24yQXkyWjysg_CaLttL9-WayLkbwNUpIhRhDMaDKllMwZnJyRmq3s3QDo0h3c0SIEPvZpQGVHvqj60Wod_ZfRcL5WEieACKFiPiLlmxb5MnlvYt8mdbkNdAR3IrAwc_jcNobiS2w1WmRYi0xnQJ4x8tBEv1epx9t_B1jbykoynZZ395_x8go8fZP_hhmcG2EmjY623U9zeIHVY7hntfRBndlLuNBbf8oQ8VlF0vJXFD-zUF_NKbG-Nznyu2nNYWegRjShy-I8PaNNinf0ZsYGB7aZV53sWh4fD_-WHJfcZKRY9e1uTZ7TIjNgtozDAzgLPK6bFjtRACs5c3MLle3SY-YoJsbeUSMYLoxBhF8qUfWVT4yrKMs7JiDfQV7jPH_EiVBxZ4t7vgfjkYXIL_D0FyxGVaO3iR1td1PdZ6elnLB2uXPpvpnMtXJ6KJqHiYuYQjbLOzMLhU6nQW9Ts_bGPTC2zn31AnpxSTM2OKMYd-sBGiT2dFv_UjC5tCQkoG_WeMSsSu5oWIOZ_Su9r0S1eO9pVT-q86wvtY4bBMy_XzgTxm7ohJNx1ZzA3cL0Tx38XoFLRgLN0_kZZn4N9mYFeaJr-HStWCkU2aFLnADz6uSSsROAh5udkKM_UJzSbmXCekhJhklqE6S8LQn6JdPg2j5xIlrKkRI0H0J0ielGK4Uelox4X7Zs_zGxnf4Bg3JZLtXxB8CFHkTvFv93_GjRz_x6XqPE6nQpOvwWp4vJDDRG4EkmpeEzZHVM8tTwQO2qQsin4K_VM7C6FGJbCR5ke6qb2H5ToaQ0ylNnar756pAxgpNKCaA-Lwr6zzBm3awJlv9nkL2f1LZOifryshZLz99_FwXpnRFycssmny4Hns2fpVw0kfbIsVaPyiHEL-2YAr1d_Mq8yuPQE4Q5iUiw2wVRGrx-AMmnzMbwWpyYX3VEOSe5YUC0rmEnc0zkBmokSuAImyCb8UnVcQ_GCZ1xB_lSSUHAGZIlBB4oQS6Pv3RQ6leFLLBtI2KpAdf_YF6i58J0jARMsloWSZBQ1GXiFXF_sdzJNu-T6DPRCaQxR6EmObBpz29YVSYVWX_4atKPPWOstOgPJ7dCtQMF9WO5xKtiWDBf9YpEhzDRRMuGd9wHzytTeCDP4XPPdAgRLzKdQggUzHNmYHZNpT8xan-s13RxlHLg5GxPf5U6KrdmJC-v5jZrykHJsNs76YRdaxqOjKBgGtnnUiC5KPalBiX-Emfwi99QPBx_1saLluit98oqoV4eZjN_XzNeYaR5d8yqddkBHbR-T3I1UAcyliR9MOas1g-wKKBDb9EzXhgx3cc2v8igXUr199a4gh4VonBfxxF6xia8WzcCIpuT5WhcG19juazFxurih7_sIX7Nzz9Uj_REbCIC5OlZYAfq9WtkH7pEaQMpQiX13VRb98zhvw-riS7O9BF0FOCYRu3j2MYXWY7L3-zdqBHXrccOPNRGOiSgppqepfZvMZWVP8en_Nz9pI5n7i0fkX9IN2qP5WHEmv3y0QoK06paGrNf5eAViMkQrQFf0GycqSHt9IhOMj4B9GRaRE2N0qfmuvkYd7p9G2ifB3lK_3Rx17K81oEDc9k3SGLL7d8cjLZrsZR-zStU7DIfPlqq6MtvqurvjIPqoLSd6lOTOnnKVoIvuiSD5eshJRywhqPrDnk20cDBVCZzsQpPq5no92TqL293TjWchzVCds4rueuw&cid=CAASEuRoLofLclN7OMilxD9puDIX6A&rfl=1%2Chttps%253A%252F%252Fkravmagapp.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
bcb80c86da267703311d2eeb3bdb5af0dedf63589d7d6eee4ed81f4bad7537f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
546
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3143
x-xss-protection
0
server
cafe
etag
2416364338287085106
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Oct 2021 21:03:53 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FE92 		0
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuG9MzcYGZldpa4_7n6Ld1kLFHqXI8dp-ng5-ZJGTCLNxsfM2vdX1D7t5aqma4SQkdg2dFpBhTOXryKklyYbTVKe3KNJPLYICy7I6uoXH3S0xTJPbFIxyGWGJGf4jGH8zt2v0_L_yp5zHzvnOPX31mcvTuk65wShq8R33xZjE7jL-i-LmUT3USGkofWX-60X8xRQS9DAy4NAy8CFxXLknNduoTvERv0e0EGGPUXiM_NEZoT_dT2_O4JaHaw86wWA20XvYcUWvb4XPKggU1YtXj6bzmp2vfXCoJ5dA1HZepAgjZYwRGFT5RX0KDoVSNKgF4zz83TPF6UjAbC6zG8BsgWMXSeeDaW7UR6xFHUJkZekVMpwNnwPVXWzdkm7-hfmG_iJj1DcBLfVYw1WOnUaH_CTKD2kXpdVoeHHkm6ZQvV0E9HeV6bPJObHuuRNihmuNujzScoC-sfIQRzqNu6BjXSHdAEmzivV4fZCPMkN7bsAwzIHxBz9jfaHnJULs8gWzk6n4pArvkHycOpSUJx7GQAbfxLpNDfGhZERgcIwoah5_kYu29frTITQnmtY4IhIVo7UUKGaQ47SckIn-2cclbWjx8CYEFKRv9qKjK_L_GK5m5yoxoyRFMICkEZTUEiLsghOhiseToyp9Lhl3kKIB5on2nBQbZIw73PuO0HCc0K1du3re2PTMtD2KRDWGEUvDwUjrpIfWJOUuUxTLzROtFeVEssS8aXE1GBZzFtrfaemD4gxUWEGHoqjSRk_bfAAc_Ip342VLmCVrdWYdATJvqiEgTwRV1HX7qnz1XLk125XITIU7C43W7nSZl6mca27Via8QQOb6oGFk9UEvT-ikDppS11c9F4vIEjM_0k1_fbSH7q8az0b4pSZJKJen0V_t5R3O95_oAqR2aq7IVwo_CbIjub_YCDoliuSgWfiYLgjGQB4nCUIrRa0x-PresSujvH6rbAoUnd5AppD85SKA57tmN3R-QrrrW6pwD6Ic77EV-w2XwSWQL2HRHWfvnTPovOA6pGvL7rwIpV84at4gfEcUYjDgTR81UKxbyOBMX_OPLQAw0PtozhNB_ObA&sai=AMfl-YQcHYoTrRWx_vMnG5DNu6hxKiFpyAyOx4fdN1I_iMnUscZai4OJ4iVfcKatAyniqFbzuUVKfSMR6t8aF0w-HqNVmvQ6IQDIKqOSQbBNYyfeGZp-e5iBYhh7s8y90H2WV2ZzY68SQ5FEcOY7QfmpI8oUU0SRww&sig=Cg0ArKJSzNePwaGRcP3UEAE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210922.82527&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTT0DtUdIKRkhYazpxAyDL49cLdBmB0oc0V57QSivY43d0DjPkmo95n2QyOomv6e5ns7jSDXFJsu6hTKbQ8SRjaeCVfnpqlH3z_DvCrq9qw628b_-1wDj6WsZzKjaIRhuV7mwEdUrgJwyVQWp4AivBmJJSWQ&dbm_d=AKAmf-AuWO6wHsqTY3IXvVhFlxZAcomQIZTiyQoTNLJCDckTxwdhMqSy0Q4q_QDvS11pCbTl8UwBN6t1mF9d8kGCCXSKcdGSKndiTTOmm8aBM8pIgbUyo0yDqMw-ZQMOf0ScVBHuAt8GjHXkpVpWHpF_E-AIq45qMntxnIFZSC2JwVAcMtu_cb213mqz8L4Ehs-rhZiky1_klrJWsskxfFJop8Wj2NDWQpuVesecKGCsmNrcrMH5lWeQ_EHfyomGIA2KSgHE3YLaSe9vyraMEzDdUJN75_-Ney75OV9sXs_IWgi1IZLbRGDbr80iFheIYHiBmr9CDkOsnJT0IKD2JqD0o18BuJIuIt9TXSqSGi0RjRRsi6KGNm9wGqduswHUtJ6f_XryM-wyFYTG1McjS3kUrAzzO3uS0wxWuYNuQtXdTzc4lf_iu4-gtQYGyeeKVmvQyWLueYI_TZCFoc1pKf5znx3RraOI1eEf3dB9Lk7YzEjgchJ48XztJX2HYJvrVk96OsxUkPBcMSc0Ou9ijTMXMZOn-ov3AoHtnQjsQaxXs6qrPqZrGChTEDPmricPPlifDoivBHbcINsxudjgAJ1EWRPze0yylHuPkvgGNEolSG7wENfDMDmpaCzNumzEzwPZm-3g0HXaOQDApt38C-VXLPTxj2jF7gtAP6CI1zJQiLdEj_UGXifbV7f9Ne0HLIndzfQBqwP9n5PuEZWbqkBlmkaD3njnK1x2DytBw_9VHEuuLsCAmWmOgO8AwN6fwiDGMghwEHF2BWDrf0Aip8_SqZA8uL2cqbXtYngGnFqi878jEKKzGFF1mP9p1FER59XjhZNi6mwdMDgt_Wkrw0tfKvioOwtN7m4MN0J3fYUP4OoB7OE0XPmEeOtt8KGfj6ob8WN9WlpBZ-AcVZAMG3rOkyYwX3iQ7Jem8p85UhcuFDMj-NXD8sIbh6l-2WMHN9i6zUzP65-NT845SE8EkP9-tdkpwm-Od5ax7DYvF24yQXkyWjysg_CaLttL9-WayLkbwNUpIhRhDMaDKllMwZnJyRmq3s3QDo0h3c0SIEPvZpQGVHvqj60Wod_ZfRcL5WEieACKFiPiLlmxb5MnlvYt8mdbkNdAR3IrAwc_jcNobiS2w1WmRYi0xnQJ4x8tBEv1epx9t_B1jbykoynZZ395_x8go8fZP_hhmcG2EmjY623U9zeIHVY7hntfRBndlLuNBbf8oQ8VlF0vJXFD-zUF_NKbG-Nznyu2nNYWegRjShy-I8PaNNinf0ZsYGB7aZV53sWh4fD_-WHJfcZKRY9e1uTZ7TIjNgtozDAzgLPK6bFjtRACs5c3MLle3SY-YoJsbeUSMYLoxBhF8qUfWVT4yrKMs7JiDfQV7jPH_EiVBxZ4t7vgfjkYXIL_D0FyxGVaO3iR1td1PdZ6elnLB2uXPpvpnMtXJ6KJqHiYuYQjbLOzMLhU6nQW9Ts_bGPTC2zn31AnpxSTM2OKMYd-sBGiT2dFv_UjC5tCQkoG_WeMSsSu5oWIOZ_Su9r0S1eO9pVT-q86wvtY4bBMy_XzgTxm7ohJNx1ZzA3cL0Tx38XoFLRgLN0_kZZn4N9mYFeaJr-HStWCkU2aFLnADz6uSSsROAh5udkKM_UJzSbmXCekhJhklqE6S8LQn6JdPg2j5xIlrKkRI0H0J0ielGK4Uelox4X7Zs_zGxnf4Bg3JZLtXxB8CFHkTvFv93_GjRz_x6XqPE6nQpOvwWp4vJDDRG4EkmpeEzZHVM8tTwQO2qQsin4K_VM7C6FGJbCR5ke6qb2H5ToaQ0ylNnar756pAxgpNKCaA-Lwr6zzBm3awJlv9nkL2f1LZOifryshZLz99_FwXpnRFycssmny4Hns2fpVw0kfbIsVaPyiHEL-2YAr1d_Mq8yuPQE4Q5iUiw2wVRGrx-AMmnzMbwWpyYX3VEOSe5YUC0rmEnc0zkBmokSuAImyCb8UnVcQ_GCZ1xB_lSSUHAGZIlBB4oQS6Pv3RQ6leFLLBtI2KpAdf_YF6i58J0jARMsloWSZBQ1GXiFXF_sdzJNu-T6DPRCaQxR6EmObBpz29YVSYVWX_4atKPPWOstOgPJ7dCtQMF9WO5xKtiWDBf9YpEhzDRRMuGd9wHzytTeCDP4XPPdAgRLzKdQggUzHNmYHZNpT8xan-s13RxlHLg5GxPf5U6KrdmJC-v5jZrykHJsNs76YRdaxqOjKBgGtnnUiC5KPalBiX-Emfwi99QPBx_1saLluit98oqoV4eZjN_XzNeYaR5d8yqddkBHbR-T3I1UAcyliR9MOas1g-wKKBDb9EzXhgx3cc2v8igXUr199a4gh4VonBfxxF6xia8WzcCIpuT5WhcG19juazFxurih7_sIX7Nzz9Uj_REbCIC5OlZYAfq9WtkH7pEaQMpQiX13VRb98zhvw-riS7O9BF0FOCYRu3j2MYXWY7L3-zdqBHXrccOPNRGOiSgppqepfZvMZWVP8en_Nz9pI5n7i0fkX9IN2qP5WHEmv3y0QoK06paGrNf5eAViMkQrQFf0GycqSHt9IhOMj4B9GRaRE2N0qfmuvkYd7p9G2ifB3lK_3Rx17K81oEDc9k3SGLL7d8cjLZrsZR-zStU7DIfPlqq6MtvqurvjIPqoLSd6lOTOnnKVoIvuiSD5eshJRywhqPrDnk20cDBVCZzsQpPq5no92TqL293TjWchzVCds4rueuw&cid=CAASEuRoLofLclN7OMilxD9puDIX6A&rfl=1%2Chttps%253A%252F%252Fkravmagapp.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 28 Sep 2021 21:12:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FE92 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTT0DtUdIKRkhYazpxAyDL49cLdBmB0oc0V57QSivY43d0DjPkmo95n2QyOomv6e5ns7jSDXFJsu6hTKbQ8SRjaeCVfnpqlH3z_DvCrq9qw628b_-1wDj6WsZzKjaIRhuV7mwEdUrgJwyVQWp4AivBmJJSWQ&dbm_d=AKAmf-AuWO6wHsqTY3IXvVhFlxZAcomQIZTiyQoTNLJCDckTxwdhMqSy0Q4q_QDvS11pCbTl8UwBN6t1mF9d8kGCCXSKcdGSKndiTTOmm8aBM8pIgbUyo0yDqMw-ZQMOf0ScVBHuAt8GjHXkpVpWHpF_E-AIq45qMntxnIFZSC2JwVAcMtu_cb213mqz8L4Ehs-rhZiky1_klrJWsskxfFJop8Wj2NDWQpuVesecKGCsmNrcrMH5lWeQ_EHfyomGIA2KSgHE3YLaSe9vyraMEzDdUJN75_-Ney75OV9sXs_IWgi1IZLbRGDbr80iFheIYHiBmr9CDkOsnJT0IKD2JqD0o18BuJIuIt9TXSqSGi0RjRRsi6KGNm9wGqduswHUtJ6f_XryM-wyFYTG1McjS3kUrAzzO3uS0wxWuYNuQtXdTzc4lf_iu4-gtQYGyeeKVmvQyWLueYI_TZCFoc1pKf5znx3RraOI1eEf3dB9Lk7YzEjgchJ48XztJX2HYJvrVk96OsxUkPBcMSc0Ou9ijTMXMZOn-ov3AoHtnQjsQaxXs6qrPqZrGChTEDPmricPPlifDoivBHbcINsxudjgAJ1EWRPze0yylHuPkvgGNEolSG7wENfDMDmpaCzNumzEzwPZm-3g0HXaOQDApt38C-VXLPTxj2jF7gtAP6CI1zJQiLdEj_UGXifbV7f9Ne0HLIndzfQBqwP9n5PuEZWbqkBlmkaD3njnK1x2DytBw_9VHEuuLsCAmWmOgO8AwN6fwiDGMghwEHF2BWDrf0Aip8_SqZA8uL2cqbXtYngGnFqi878jEKKzGFF1mP9p1FER59XjhZNi6mwdMDgt_Wkrw0tfKvioOwtN7m4MN0J3fYUP4OoB7OE0XPmEeOtt8KGfj6ob8WN9WlpBZ-AcVZAMG3rOkyYwX3iQ7Jem8p85UhcuFDMj-NXD8sIbh6l-2WMHN9i6zUzP65-NT845SE8EkP9-tdkpwm-Od5ax7DYvF24yQXkyWjysg_CaLttL9-WayLkbwNUpIhRhDMaDKllMwZnJyRmq3s3QDo0h3c0SIEPvZpQGVHvqj60Wod_ZfRcL5WEieACKFiPiLlmxb5MnlvYt8mdbkNdAR3IrAwc_jcNobiS2w1WmRYi0xnQJ4x8tBEv1epx9t_B1jbykoynZZ395_x8go8fZP_hhmcG2EmjY623U9zeIHVY7hntfRBndlLuNBbf8oQ8VlF0vJXFD-zUF_NKbG-Nznyu2nNYWegRjShy-I8PaNNinf0ZsYGB7aZV53sWh4fD_-WHJfcZKRY9e1uTZ7TIjNgtozDAzgLPK6bFjtRACs5c3MLle3SY-YoJsbeUSMYLoxBhF8qUfWVT4yrKMs7JiDfQV7jPH_EiVBxZ4t7vgfjkYXIL_D0FyxGVaO3iR1td1PdZ6elnLB2uXPpvpnMtXJ6KJqHiYuYQjbLOzMLhU6nQW9Ts_bGPTC2zn31AnpxSTM2OKMYd-sBGiT2dFv_UjC5tCQkoG_WeMSsSu5oWIOZ_Su9r0S1eO9pVT-q86wvtY4bBMy_XzgTxm7ohJNx1ZzA3cL0Tx38XoFLRgLN0_kZZn4N9mYFeaJr-HStWCkU2aFLnADz6uSSsROAh5udkKM_UJzSbmXCekhJhklqE6S8LQn6JdPg2j5xIlrKkRI0H0J0ielGK4Uelox4X7Zs_zGxnf4Bg3JZLtXxB8CFHkTvFv93_GjRz_x6XqPE6nQpOvwWp4vJDDRG4EkmpeEzZHVM8tTwQO2qQsin4K_VM7C6FGJbCR5ke6qb2H5ToaQ0ylNnar756pAxgpNKCaA-Lwr6zzBm3awJlv9nkL2f1LZOifryshZLz99_FwXpnRFycssmny4Hns2fpVw0kfbIsVaPyiHEL-2YAr1d_Mq8yuPQE4Q5iUiw2wVRGrx-AMmnzMbwWpyYX3VEOSe5YUC0rmEnc0zkBmokSuAImyCb8UnVcQ_GCZ1xB_lSSUHAGZIlBB4oQS6Pv3RQ6leFLLBtI2KpAdf_YF6i58J0jARMsloWSZBQ1GXiFXF_sdzJNu-T6DPRCaQxR6EmObBpz29YVSYVWX_4atKPPWOstOgPJ7dCtQMF9WO5xKtiWDBf9YpEhzDRRMuGd9wHzytTeCDP4XPPdAgRLzKdQggUzHNmYHZNpT8xan-s13RxlHLg5GxPf5U6KrdmJC-v5jZrykHJsNs76YRdaxqOjKBgGtnnUiC5KPalBiX-Emfwi99QPBx_1saLluit98oqoV4eZjN_XzNeYaR5d8yqddkBHbR-T3I1UAcyliR9MOas1g-wKKBDb9EzXhgx3cc2v8igXUr199a4gh4VonBfxxF6xia8WzcCIpuT5WhcG19juazFxurih7_sIX7Nzz9Uj_REbCIC5OlZYAfq9WtkH7pEaQMpQiX13VRb98zhvw-riS7O9BF0FOCYRu3j2MYXWY7L3-zdqBHXrccOPNRGOiSgppqepfZvMZWVP8en_Nz9pI5n7i0fkX9IN2qP5WHEmv3y0QoK06paGrNf5eAViMkQrQFf0GycqSHt9IhOMj4B9GRaRE2N0qfmuvkYd7p9G2ifB3lK_3Rx17K81oEDc9k3SGLL7d8cjLZrsZR-zStU7DIfPlqq6MtvqurvjIPqoLSd6lOTOnnKVoIvuiSD5eshJRywhqPrDnk20cDBVCZzsQpPq5no92TqL293TjWchzVCds4rueuw&cid=CAASEuRoLofLclN7OMilxD9puDIX6A&rfl=1%2Chttps%253A%252F%252Fkravmagapp.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 13:28:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114278
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 27 Sep 2022 13:28:21 GMT
2113274297379277632
s0.2mdn.net/simgad/ Frame FE92 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2113274297379277632
Requested by
Host: 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
URL: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
sffe /
Resource Hash
22f746ffb20b3253ac520bad5f6c18dbf04aec9413fa378b17af8d60211f0fd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 18:20:44 GMT
x-content-type-options
nosniff
age
183135
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20370
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 14:33:22 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 26 Sep 2022 18:20:44 GMT
iu3
s.amazon-adsystem.com/ Frame FE92
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?d=forester-did&ex-fch=4167913&ex-fargs=1JDhLkbwBT0wZjkbLf-NDvLgGuA64DZPlbkNv6X2tI2QXnErZkRWLIZERJI51HH74a94nMNO1jg3JbsAF0TQDc2jg8djKys6WXSrY&cb=
  • https://s.amazon-adsystem.com/iu3?d=forester-did&ex-fch=4167913&ex-fargs=1JDhLkbwBT0wZjkbLf-NDvLgGuA64DZPlbkNv6X2tI2QXnErZkRWLIZERJI51HH74a94nMNO1jg3JbsAF0TQDc2jg8djKys6WXSrY&cb=&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?d=forester-did&ex-fch=4167913&ex-fargs=1JDhLkbwBT0wZjkbLf-NDvLgGuA64DZPlbkNv6X2tI2QXnErZkRWLIZERJI51HH74a94nMNO1jg3JbsAF0TQDc2jg8djKys6WXSrY&cb=&dcc=t
Requested by
Host: 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
URL: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 21:13:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MWFAMB574B26THN64VT3
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?d=forester-did&ex-fch=4167913&ex-fargs=1JDhLkbwBT0wZjkbLf-NDvLgGuA64DZPlbkNv6X2tI2QXnErZkRWLIZERJI51HH74a94nMNO1jg3JbsAF0TQDc2jg8djKys6WXSrY&cb=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6FCD 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
URL: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 28 Sep 2021 21:06:15 GMT
expires
Wed, 29 Sep 2021 21:06:15 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
404
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame FE92 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaf042ded29efeb14f46e2ef3287926178d9ae5fb0335865ecb0c94b2a8cc261

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D75A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Mon, 27 Sep 2021 13:28:22 GMT
expires
Tue, 27 Sep 2022 13:28:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
114277
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
google
match.adsrvr.org/track/cmf/ Frame 6FCD 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMvTxtt4kPaiaRWV3ZTX-6Q&google_cver=1&google_push=AYg5qPLDvMzBnLWLNqYkDX-JtWnfwxPkQxRpgfWigB2gF4dM4qvwSo6yAfqnjRiKXlplmJb1W-CywXwQB60EomOKpf_3sVy_SYv9
Requested by
Host: 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
URL: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:12:59 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 6FCD
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEApFcExKkvV5nL1y0GptLXA&google_cver=1&google_push=AYg5qPJvBLxb2v7ixSlUguNAiPbaYxqgXYQ7MapnuVTlav1MFbUIxVcEo6cMBVzkj6xW9za2xUXdQGt...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEApFcExKkvV5nL1y0GptLXA&google_cver=1&google_push=AYg5qPJvBLxb2v7ixSlUguNAiPbaYxqgXYQ7MapnuVTlav1MFbUIxVcEo6cMBVzkj6xW9...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=JS6jMULGT4KP5sWx_ed_P2FThVs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=JS6jMULGT4KP5sWx_ed_P2FThVs
Requested by
Host: 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
URL: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:13:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:12:59 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=JS6jMULGT4KP5sWx_ed_P2FThVs
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 6FCD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMN2UWm8SXSFFbD93dQyZEw&google_cver=1&google_push=AYg5qPJDPc-wmXi0eq7dJ0dBLscjz60Ei_Hbwc0WIVjfLeAPpER6hIxCU2EbN5-5rJasJaEkIW5...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1U0S1REU0MtNS0xUFlW&google_push=AYg5qPJDPc-wmXi0eq7dJ0dBLscjz60Ei_Hbwc0WIVjfLeAPpER6hIxCU2EbN5-5rJasJaEkIW5KF-kr3ytNzvU8ikgKMyp0dko
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1U0S1REU0MtNS0xUFlW&google_push=AYg5qPJDPc-wmXi0eq7dJ0dBLscjz60Ei_Hbwc0WIVjfLeAPpER6hIxCU2EbN5-5rJasJaEkIW5KF-kr3ytNzvU8ikgKMyp0dko
Requested by
Host: 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
URL: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:12:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1U0S1REU0MtNS0xUFlW&google_push=AYg5qPJDPc-wmXi0eq7dJ0dBLscjz60Ei_Hbwc0WIVjfLeAPpER6hIxCU2EbN5-5rJasJaEkIW5KF-kr3ytNzvU8ikgKMyp0dko
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame 6FCD
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEEazeaRKCKcxALtQX35ChzM&google_cver=1&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1bC1ei6...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEazeaRKCKcxALtQX35ChzM&google_cver=1&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf...
0
0
pixel
cm.g.doubleclick.net/ Frame 6FCD
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEGYdeLKEMw_9Hm31TZch_XY&google_cver=1&google_push=AYg5qPIorYlWywaIC-mE8QrWuUtaCIG_CyfsLTQzysZuW7kpLjv6dy0SarmNfL9DDNio8B42mxqzK5LZHho4wxqD3_isbAckIYpd
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc1ODY1MTc5OTMyNTU0NDAwMFYxMA%3d%3d&mn_hm=Mjc1ODY1MTc5OTMyNTU0NDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIorYlWywaIC-mE8QrWuUtaCIG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc1ODY1MTc5OTMyNTU0NDAwMFYxMA%3d%3d&mn_hm=Mjc1ODY1MTc5OTMyNTU0NDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIorYlWywaIC-mE8QrWuUtaCIG_CyfsLTQzysZuW7kpLjv6dy0SarmNfL9DDNio8B42mxqzK5LZHho4wxqD3_isbAckIYpd&gdpr=&gdpr_consent=
Requested by
Host: 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
URL: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:12:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 28 Sep 2021 21:12:59 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc1ODY1MTc5OTMyNTU0NDAwMFYxMA%3d%3d&mn_hm=Mjc1ODY1MTc5OTMyNTU0NDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIorYlWywaIC-mE8QrWuUtaCIG_CyfsLTQzysZuW7kpLjv6dy0SarmNfL9DDNio8B42mxqzK5LZHho4wxqD3_isbAckIYpd&gdpr=&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Tue, 28 Sep 2021 21:12:59 GMT
pixel
cm.g.doubleclick.net/ Frame 6FCD
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEPM29Nr9LzaVTptwjnj_VwU&google_cver=1&google_push=AYg5qPLtNqD176TzP5a0qsEYGIWNTuS27rJts0qFY9nkKLJXtW4gqPV2eQIhEhLRIKUBVddooF5yM...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPLtNqD176TzP5a0qsEYGIWNTuS27rJts0qFY9nkKLJXtW4gqPV2eQIhEhLRIKUBVddooF5yMarB4G0SsWJYm5VYrZ162nQ&google_hm=WVZPRlhNQ284...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPLtNqD176TzP5a0qsEYGIWNTuS27rJts0qFY9nkKLJXtW4gqPV2eQIhEhLRIKUBVddooF5yMarB4G0SsWJYm5VYrZ162nQ&google_hm=WVZPRlhNQ284WDRBQUpSRk40OEFBQUFB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:13:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
46
Date
Tue, 28 Sep 2021 21:13:00 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEPM29Nr9LzaVTptwjnj_VwU&google_push=AYg5qPLtNqD176TzP5a0qsEYGIWNTuS27rJts0qFY9nkKLJXtW4gqPV2eQIhEhLRIKUBVddooF5yMarB4G0SsWJYm5VYrZ162nQ&proto=google_ebda","cluster_id":46,"gdpr":true,"ipv4":"0.0.0.0","key":"YVOFXMCo8X4AAJRFN48AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40196"}
X-SO-Ads-Time
3
X-SO-Key
YVOFXMCo8X4AAJRFN48AAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40196
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPLtNqD176TzP5a0qsEYGIWNTuS27rJts0qFY9nkKLJXtW4gqPV2eQIhEhLRIKUBVddooF5yMarB4G0SsWJYm5VYrZ162nQ&google_hm=WVZPRlhNQ284WDRBQUpSRk40OEFBQUFB
Cache-Control
private
X-SO-HostName
a-ad40196.dc2p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
m-tgng26.dc4p.scaleout.jp
X-SO-IP
216.131.114.199
pixel
cm.g.doubleclick.net/ Frame 6FCD
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=googleban&pm=1&google_gid=CAESEN_paC59XPCN97UYbI_j2XU&google_cver=1&google_push=AYg5qPLjmHO-ip-rmbIQuMSurBi6zv3PtuNeSiIC7z6LVQcxWcACAn4--2LUT-lmhqYfX_uMydyynEt09chRG0BPN...
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3D1458dc2f-1f82-465b-97cd-f2b19c922c3c%26google_push%3DAYg5qPLjmHO-ip-rmbIQuMSurBi6zv3...
  • https://tech.rtb.mts.ru/?dsp_uid=1458dc2f-1f82-465b-97cd-f2b19c922c3c&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3D1458dc2f-1f82-465b-97cd-f2b19c922c3c%26g...
  • https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=1458dc2f-1f82-465b-97cd-f2b19c922c3c&google_push=AYg5qPLjmHO-ip-rmbIQuMSurBi6zv3PtuNeSiIC7z6LVQcxWcACAn4--2LUT-lmhqYfX_uMydyynEt09chRG0BP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=1458dc2f-1f82-465b-97cd-f2b19c922c3c&google_push=AYg5qPLjmHO-ip-rmbIQuMSurBi6zv3PtuNeSiIC7z6LVQcxWcACAn4--2LUT-lmhqYfX_uMydyynEt09chRG0BPNIkPRh6Zh-On
Requested by
Host: 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
URL: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:13:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 28 Sep 2021 21:13:00 GMT
Server
nginx/1.13.12
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=1458dc2f-1f82-465b-97cd-f2b19c922c3c&google_push=AYg5qPLjmHO-ip-rmbIQuMSurBi6zv3PtuNeSiIC7z6LVQcxWcACAn4--2LUT-lmhqYfX_uMydyynEt09chRG0BPNIkPRh6Zh-On
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
attr
cm.g.doubleclick.net/pixel/ Frame 6FCD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LX9MxNeofzGpHiAXDGVeFdbyXlnnQJtrVAK1Z2l6pCnba7N_qnEhMKBPrLaRT-gjDGLIw16A
Requested by
Host: 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
URL: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:12:59 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js
pagead2.googlesyndication.com/bg/ Frame D75A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 17:18:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
100453
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13388
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 27 Sep 2022 17:18:46 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FE92 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuG9MzcYGZldpa4_7n6Ld1kLFHqXI8dp-ng5-ZJGTCLNxsfM2vdX1D7t5aqma4SQkdg2dFpBhTOXryKklyYbTVKe3KNJPLYICy7I6uoXH3S0xTJPbFIxyGWGJGf4jGH8zt2v0_L_yp5zHzvnOPX31mcvTuk65wShq8R33xZjE7jL-i-LmUT3USGkofWX-60X8xRQS9DAy4NAy8CFxXLknNduoTvERv0e0EGGPUXiM_NEZoT_dT2_O4JaHaw86wWA20XvYcUWvb4XPKggU1YtXj6bzmp2vfXCoJ5dA1HZepAgjZYwRGFT5RX0KDoVSNKgF4zz83TPF6UjAbC6zG8BsgWMXSeeDaW7UR6xFHUJkZekVMpwNnwPVXWzdkm7-hfmG_iJj1DcBLfVYw1WOnUaH_CTKD2kXpdVoeHHkm6ZQvV0E9HeV6bPJObHuuRNihmuNujzScoC-sfIQRzqNu6BjXSHdAEmzivV4fZCPMkN7bsAwzIHxBz9jfaHnJULs8gWzk6n4pArvkHycOpSUJx7GQAbfxLpNDfGhZERgcIwoah5_kYu29frTITQnmtY4IhIVo7UUKGaQ47SckIn-2cclbWjx8CYEFKRv9qKjK_L_GK5m5yoxoyRFMICkEZTUEiLsghOhiseToyp9Lhl3kKIB5on2nBQbZIw73PuO0HCc0K1du3re2PTMtD2KRDWGEUvDwUjrpIfWJOUuUxTLzROtFeVEssS8aXE1GBZzFtrfaemD4gxUWEGHoqjSRk_bfAAc_Ip342VLmCVrdWYdATJvqiEgTwRV1HX7qnz1XLk125XITIU7C43W7nSZl6mca27Via8QQOb6oGFk9UEvT-ikDppS11c9F4vIEjM_0k1_fbSH7q8az0b4pSZJKJen0V_t5R3O95_oAqR2aq7IVwo_CbIjub_YCDoliuSgWfiYLgjGQB4nCUIrRa0x-PresSujvH6rbAoUnd5AppD85SKA57tmN3R-QrrrW6pwD6Ic77EV-w2XwSWQL2HRHWfvnTPovOA6pGvL7rwIpV84at4gfEcUYjDgTR81UKxbyOBMX_OPLQAw0PtozhNB_ObA&sai=AMfl-YQcHYoTrRWx_vMnG5DNu6hxKiFpyAyOx4fdN1I_iMnUscZai4OJ4iVfcKatAyniqFbzuUVKfSMR6t8aF0w-HqNVmvQ6IQDIKqOSQbBNYyfeGZp-e5iBYhh7s8y90H2WV2ZzY68SQ5FEcOY7QfmpI8oUU0SRww&sig=Cg0ArKJSzNePwaGRcP3UEAE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=110&vt=11&dtpt=109&dett=2&cstd=0&cisv=r20210922.82527&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTT0DtUdIKRkhYazpxAyDL49cLdBmB0oc0V57QSivY43d0DjPkmo95n2QyOomv6e5ns7jSDXFJsu6hTKbQ8SRjaeCVfnpqlH3z_DvCrq9qw628b_-1wDj6WsZzKjaIRhuV7mwEdUrgJwyVQWp4AivBmJJSWQ&dbm_d=AKAmf-AuWO6wHsqTY3IXvVhFlxZAcomQIZTiyQoTNLJCDckTxwdhMqSy0Q4q_QDvS11pCbTl8UwBN6t1mF9d8kGCCXSKcdGSKndiTTOmm8aBM8pIgbUyo0yDqMw-ZQMOf0ScVBHuAt8GjHXkpVpWHpF_E-AIq45qMntxnIFZSC2JwVAcMtu_cb213mqz8L4Ehs-rhZiky1_klrJWsskxfFJop8Wj2NDWQpuVesecKGCsmNrcrMH5lWeQ_EHfyomGIA2KSgHE3YLaSe9vyraMEzDdUJN75_-Ney75OV9sXs_IWgi1IZLbRGDbr80iFheIYHiBmr9CDkOsnJT0IKD2JqD0o18BuJIuIt9TXSqSGi0RjRRsi6KGNm9wGqduswHUtJ6f_XryM-wyFYTG1McjS3kUrAzzO3uS0wxWuYNuQtXdTzc4lf_iu4-gtQYGyeeKVmvQyWLueYI_TZCFoc1pKf5znx3RraOI1eEf3dB9Lk7YzEjgchJ48XztJX2HYJvrVk96OsxUkPBcMSc0Ou9ijTMXMZOn-ov3AoHtnQjsQaxXs6qrPqZrGChTEDPmricPPlifDoivBHbcINsxudjgAJ1EWRPze0yylHuPkvgGNEolSG7wENfDMDmpaCzNumzEzwPZm-3g0HXaOQDApt38C-VXLPTxj2jF7gtAP6CI1zJQiLdEj_UGXifbV7f9Ne0HLIndzfQBqwP9n5PuEZWbqkBlmkaD3njnK1x2DytBw_9VHEuuLsCAmWmOgO8AwN6fwiDGMghwEHF2BWDrf0Aip8_SqZA8uL2cqbXtYngGnFqi878jEKKzGFF1mP9p1FER59XjhZNi6mwdMDgt_Wkrw0tfKvioOwtN7m4MN0J3fYUP4OoB7OE0XPmEeOtt8KGfj6ob8WN9WlpBZ-AcVZAMG3rOkyYwX3iQ7Jem8p85UhcuFDMj-NXD8sIbh6l-2WMHN9i6zUzP65-NT845SE8EkP9-tdkpwm-Od5ax7DYvF24yQXkyWjysg_CaLttL9-WayLkbwNUpIhRhDMaDKllMwZnJyRmq3s3QDo0h3c0SIEPvZpQGVHvqj60Wod_ZfRcL5WEieACKFiPiLlmxb5MnlvYt8mdbkNdAR3IrAwc_jcNobiS2w1WmRYi0xnQJ4x8tBEv1epx9t_B1jbykoynZZ395_x8go8fZP_hhmcG2EmjY623U9zeIHVY7hntfRBndlLuNBbf8oQ8VlF0vJXFD-zUF_NKbG-Nznyu2nNYWegRjShy-I8PaNNinf0ZsYGB7aZV53sWh4fD_-WHJfcZKRY9e1uTZ7TIjNgtozDAzgLPK6bFjtRACs5c3MLle3SY-YoJsbeUSMYLoxBhF8qUfWVT4yrKMs7JiDfQV7jPH_EiVBxZ4t7vgfjkYXIL_D0FyxGVaO3iR1td1PdZ6elnLB2uXPpvpnMtXJ6KJqHiYuYQjbLOzMLhU6nQW9Ts_bGPTC2zn31AnpxSTM2OKMYd-sBGiT2dFv_UjC5tCQkoG_WeMSsSu5oWIOZ_Su9r0S1eO9pVT-q86wvtY4bBMy_XzgTxm7ohJNx1ZzA3cL0Tx38XoFLRgLN0_kZZn4N9mYFeaJr-HStWCkU2aFLnADz6uSSsROAh5udkKM_UJzSbmXCekhJhklqE6S8LQn6JdPg2j5xIlrKkRI0H0J0ielGK4Uelox4X7Zs_zGxnf4Bg3JZLtXxB8CFHkTvFv93_GjRz_x6XqPE6nQpOvwWp4vJDDRG4EkmpeEzZHVM8tTwQO2qQsin4K_VM7C6FGJbCR5ke6qb2H5ToaQ0ylNnar756pAxgpNKCaA-Lwr6zzBm3awJlv9nkL2f1LZOifryshZLz99_FwXpnRFycssmny4Hns2fpVw0kfbIsVaPyiHEL-2YAr1d_Mq8yuPQE4Q5iUiw2wVRGrx-AMmnzMbwWpyYX3VEOSe5YUC0rmEnc0zkBmokSuAImyCb8UnVcQ_GCZ1xB_lSSUHAGZIlBB4oQS6Pv3RQ6leFLLBtI2KpAdf_YF6i58J0jARMsloWSZBQ1GXiFXF_sdzJNu-T6DPRCaQxR6EmObBpz29YVSYVWX_4atKPPWOstOgPJ7dCtQMF9WO5xKtiWDBf9YpEhzDRRMuGd9wHzytTeCDP4XPPdAgRLzKdQggUzHNmYHZNpT8xan-s13RxlHLg5GxPf5U6KrdmJC-v5jZrykHJsNs76YRdaxqOjKBgGtnnUiC5KPalBiX-Emfwi99QPBx_1saLluit98oqoV4eZjN_XzNeYaR5d8yqddkBHbR-T3I1UAcyliR9MOas1g-wKKBDb9EzXhgx3cc2v8igXUr199a4gh4VonBfxxF6xia8WzcCIpuT5WhcG19juazFxurih7_sIX7Nzz9Uj_REbCIC5OlZYAfq9WtkH7pEaQMpQiX13VRb98zhvw-riS7O9BF0FOCYRu3j2MYXWY7L3-zdqBHXrccOPNRGOiSgppqepfZvMZWVP8en_Nz9pI5n7i0fkX9IN2qP5WHEmv3y0QoK06paGrNf5eAViMkQrQFf0GycqSHt9IhOMj4B9GRaRE2N0qfmuvkYd7p9G2ifB3lK_3Rx17K81oEDc9k3SGLL7d8cjLZrsZR-zStU7DIfPlqq6MtvqurvjIPqoLSd6lOTOnnKVoIvuiSD5eshJRywhqPrDnk20cDBVCZzsQpPq5no92TqL293TjWchzVCds4rueuw&cid=CAASEuRoLofLclN7OMilxD9puDIX6A&rfl=1%2Chttps%253A%252F%252Fkravmagapp.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 21:12:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame EFBC 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210922&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js?bust=31062935
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
81f307ac40f263e7d4d12a6be3b20edd1c0afaffaddf313d97dca3f6f9977116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 21:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8694
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EFBC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js?bust=31062935
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 28 Sep 2021 21:13:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 83E5 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kravmagapp.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 28 Sep 2021 13:52:25 GMT
expires
Wed, 28 Sep 2022 13:52:25 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
26435
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 868A 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
9dbc92c6ed8953f36da25017d80501fbc64bbf379cf0a64c4e7dfb6e06d9159d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1rrDBYdJ6IJYmlgHIuITQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kravmagapp.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 28 Sep 2021 21:13:00 GMT
date
Tue, 28 Sep 2021 21:13:00 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-1rrDBYdJ6IJYmlgHIuITQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame 5715 		0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 868A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210922&jk=1044647733774702&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js
pagead2.googlesyndication.com/bg/ Frame 83E5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 17:18:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
100454
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13388
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 27 Sep 2022 17:18:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D75A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTAC_W4VTYYmXL4a43wOz5o_gBgAAAAA4AeAEAg&bg=!AQKlAkbNAAZNQyuQTUM7ACkAdvg8WsXOl5YHcraMX06z8ExMc3fPKYWMb6-7-qGsMYILJwqzjxEGdAIAAACXUgAAABpoAQcKAEAlM_ei99MhkDH3DRIaonW4sNQF_cIMi19aDN4wzWk1u6qOd4fi5OIIFvn3gzSCxiSlSzV_4LbUNtZIE_fxS8yHmQMWr13FL_bb1UiZxSVufZB10O79-FVJLzk8QxDizoKZDO89APZCKAfXficrOsNKTadA8VH4g2rMq100-Q2FGxF390DZFFzNYaJITHxrwjr4V57rcZTpQouSRjhdEzo7hSCQiscuMmrZELhcQsl359CPHjiem4hPVrg_BsAez4e5DKooY3ZmC28BybhM5PqiaIKE3EDSj1TPeC4OMETg-l1pHtNcCjl8IaHod--Y2DOihlNfZcxH4LRBNO_xhj_Bb7e35JYWOZZ6GsP_NJKzOAo3u6vlll-OVNopuhkujIxbvHUmZehCdzkU2pEnUv4WbxFB0X6xYmAEL3Zma0HcmS4G3mCylsY2qJlx69j3x7IB7eYEOPR0AjcWE1GQA_21x3ycOKi3u71YMdvuITNCFWxDyDNcVjVXrsUk9Hor8Hq62o_K1Q6QmWYmD2nD5X6ALxRwgA1Z-yHvPYvIMeOLaXGK4IMOYRnTZt2mJWjPTW5A8rLF4JlXeJxoFB1XDLm8mumowQYU8GtflNpUbSqqA85NUgDox7KCRqi0nM-aHDgmtzyFrjzmXx2Tq3J7WHf43D5Q-mwh9XNIlFPUJYTx-wj59KiJn_UrLvpPnw8BBLS_p0VWEw6FseOY7muHAPgxztJjD--EGrRgFgt15vRfMoqabqWOXZV4hKkCGk_SZ5sb4iI8bdPfd2T5ohknRjx2Dev1pPhSyKjF1-kjHO-6B3ylXSY3toxd5CFDrGg_vndnw_SZNJaXjKcWztpFItT_UrRVGO0Ox9ognlSadakWu1sXjjFPmxh0Pyumnl0JW5aCXcTimRoUgaBkEu41BEeTFxaT6nqYDKjRDPUw5ViSbeN6RujeUFGBEFG84cvBdskLdXzI3pEW0J0ekyM7432fVf7xixMkvUStHfg72PMEp_J5JKDLTSFGbC1PkLaPAQ4BM6iV7v-q_HwCkxLUkM18ivaBIyhmpHApPtVg2vBwGXtIvHLwS0XMiXhlFbXjjmvAzg8T4WYtfeSLct5TDYRAzAv2_QW2mQwFBuL2NtiBklbdzWXekMkCrw
Requested by
Host: 8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
URL: https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:13:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EFBC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210922&jk=1044647733774702&bg=!SEulSw_NAAZNQyuQTUM7ACkAdvg8WrIJUIfplK6xqGof1suU4s3kh3kfQAOikNTxBCnSG75rDYVZfAIAAABWUgAAAApoAQcKAMoXJIFKJLZJcB3SvExHJMeM34fW4drFpvIeAwizhPj3esHW-o1pPvvnoNKZcIXDD0lVtU6KepsArWa-hb5FVfjr8aITdooQeu0VM0tsHuEKZi_pAWxqnK7lRoz9moMzdMBuxdWnB-Ss6xHSnaYR6yM6rM0Yovc7C7OBXWMLptWEuFLCuqd20UXu6qs8tCA9Rk9QEkJnHwEksOIkt-rLbB6K73gCJqmR4YYc8Ts7wz0yrSoAvFyJ2xCqBNYvn77ahz6sYNIAE1wEbayGmQLQ6tVnIh2Z_rmhmFnq0iND-_aFeiygC7X_Y7v7SFN7JuWYAngxseC-9AiGwqlPkFdnc9mzUV8f1p8csKvs9fFzBJHdnPJ5BR6nGcTnLJBgzMIsXaZG2RhUT-VBs359lEpi_-BuXb6VAHdobRYW2xKcza8OHe9wHtN5jq16AJ1BN7ixUrSMXh5gmaCaGaVpqgLFbKzPHtlPC6HyOWXxgi_TllrbdvAOgto65YVYjEaZCC4lvJ3__38uP_sFL47CoCNHx-lIzITB1c_jLU74u5q9OmJEX62MCkP2u34aVquoFCpX7PYazxKunpS8FCgJjbzr2fI17Dbrqq3iwa0Mi1GRZgG7SULqJmJNTr92sadnIZLiK9m-6TKrZTjyeySVwv0GExTxVZLrsA79xghhUnQ_XiiFnp-kCaWZzAcHVbkOCpSRh6U8FeETS3Lvb289k52FtE8fLH6AhKYVLMUibVh8KNL0aZLFs2hLVWNoQNxZNErkPB75os_Nj0xwSCwR-CRxFRmjehHjimGiWhk2d11q3Xio_cCSwXfUGOCWZunwhKYYM-Y4gCJfJPaW0hlnT02G77YSdjBjgJFkNEAZQ0oEtBm0_oo-ULfruKDs9LMoIYUGVtLy0PHcfQdMM3Zl79OLQB5Z0eYYvWob_8Vu4eBr-z9P-NF4k9--UhSgN7Z2vJJzRtV_cs4lzl4xV8YzLyqINoPBoSlF-oSlSXbMljVZ48BkuBdn278yawYSi3yoJWFA5YPiuUWrIwqSGFSN9xmlvvnwN_WH9R0S99uCN7h1iiJDRFJR3YXbLI8T5426YvxQBmoXIBRfh_PjgMH1a-DveUNPvUnHn1CWvy20I5HpGXnV6mbkNfOtCgqR0IUjBqsTe4ZaeJ7JeM4cyHnmX5G3dAGzywtUocMXry28dV-FB-XmZ0N0u9aO39eXHVvrhh2unwIGW46tdnK0IAVmppv3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kravmagapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
Viewed
viewed.bidfluence.com/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://viewed.bidfluence.com/Viewed
Requested by
Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.173.199.57 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kravmagapp.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://kravmagapp.com
Pragma
no-cache
Date
Tue, 28 Sep 2021 21:13:00 GMT
Cache-Control
no-store,no-cache
Access-Control-Allow-Credentials
true
Server
Kestrel
activeview
pagead2.googlesyndication.com/pcs/ Frame FE92 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_kYLMJn0UvvlXz1LtNjCjw-oIsTWC-mdK0yIscRbv4U4RCLrbXh2V9_QShyTth_ly1Pd5TP67TiyJtiKEMl3ahDBcOASKg-DdMQEavYxe1tQzuXw&sai=AMfl-YR8StTmECBV30pUtdbkMH8B0-4EHrXYuUNgJbKskMx_eGftBD2blxWAXuW3Tm6e5oRDuiezCjCBtT-_O2-BPuKXKwgRPBc3TuAbkM371LJEbBrNfKHXxBEGK25L&sig=Cg0ArKJSzI-7h6z9HTLLEAE&cid=CAASEuRoLofLclN7OMilxD9puDIX6A&id=lidar2&mcvt=1000&p=1110,436,1204,1164&asp=1111,436,1205,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210927&bin=7&avms=nio&bs=0,0&mc=0.95&if=1&app=0&itpl=20&adk=3755539520&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1632863579731&rpt=209&isd=0&lsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 21:13:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsurPuIx_rze-TegRBE1wmB2vK1eSXlUopHt9-S8rr5pZmIPDrdcEz9iYIRw3FFF89_bj-MgDI7KZ5KZ7Jh_JlUxg1-LMdOqwxKO1XDP_-cciWJNmACP&sig=Cg0ArKJSzJDad5WdNDQdEAE&id=lidartos&mcvt=0&p=2742,989,2743,990&asp=2742,989,2743,990&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210927&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=19&adk=2662621310&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1632863579252&rpt=105&isd=0&lsd=0&ec=0
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1bC1ei6gPXog
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiSa0N8bF5ullpaqL5qU4r3YxlTI8Q1DvCZa2d4IvQUhFz7SgcCZqmF2G_GBNKqkjdMXrTJZ7nTj32iN33kg0JwHhvZ5-jan0F21qY0UYgy0TszYY5&sig=Cg0ArKJSzGjauAKOxHdWEAE&id=lidartos&mcvt=0&p=1136,800,1137,801&asp=1136,800,1137,801&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210927&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=19&adk=1212291067&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1632863579399&rpt=77&isd=0&lsd=0&ec=0

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect boolean| originAgentCluster function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _$_4354 function| __awaiter function| __generator object| Architecture object| Utilities object| s object| bfGoog object| bfAmazon object| carouselWidgets boolean| isBot function| bfRefresh object| bfAdReportOpen object| bfAdReportSend object| topWindow boolean| fired object| quickInsightCookie object| cookieSyncCookie object| FORGE function| bfoorl function| sendBdfReport function| bfGooCback boolean| BfGlobals boolean| cookiesSynced boolean| saveInsights boolean| cookiesEnabled number| limit object| allIDs function| bfRefreshAll function| $ function| jQuery function| Popper object| bootstrap function| Stellar object| AOS function| JsBarcode object| gaplugins object| gaGlobal object| gaData function| bdfpbjsChunk object| bdfpbjs object| _pbjsGlobals object| e object| googletag object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_reactive_ads_global_state object| google_image_requests object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| google_jobrunner

26 Cookies

Domain/Path Name / Value
.cdn.bidfluence.com/ Name: ARRAffinitySameSite
Value: f6b0ad74f2fb0fac1757395cc07478888ea0fbd4924902216639f4363488295a
.kravmagapp.com/ Name: _ga
Value: GA1.2.1640099352.1632863578
.kravmagapp.com/ Name: _gid
Value: GA1.2.1331410206.1632863578
.kravmagapp.com/ Name: _gat_gtag_UA_157159242_1
Value: 1
kravmagapp.com/ Name: bf_saveIns_qk
Value: false
.doubleclick.net/ Name: IDE
Value: AHWqTUl-Rv6l3Knzn9ozEay0ZT-mGmteZC62osD5W65XLxe882xZeJO6Ph7-Ha15OV4
.kravmagapp.com/ Name: __gads
Value: ID=f3341f9e552ce1bf:T=1632863578:S=ALNI_MYDyke2lfld2JCU6eGQDXs2SdVgVA
.adnxs.com/ Name: uuid2
Value: 7657415880812088457
.casalemedia.com/ Name: CMID
Value: YVOFW8V069ehivaOrj1fEQAA
.casalemedia.com/ Name: CMPS
Value: 3210
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GU'qGAm=!]tbPl1M>e)ZlrFUfJ+tGXxoPaRxt?CcSgzK-alyEThtdOrX*]c?30AJ)[Wu%nugO%v4VB%nlq/)wZ-7
.casalemedia.com/ Name: CMPRO
Value: 1140
.casalemedia.com/ Name: CMST
Value: YVOFW2FThVsA
.media.net/ Name: visitor-id
Value: 2758651799325544000V10
.media.net/ Name: data-g
Value: CAESEGYdeLKEMw_9Hm31TZch_XY~~3
.media.net/ Name: gdpr_status
Value: 1
.casalemedia.com/ Name: CMRUM3
Value: 2d6153855b2760CAESELy2Rtunh32XqwTBowrQaeQ
.360yield.com/ Name: tuuid
Value: 5d77106c-0e44-4a81-abc7-b314ae001aca
.360yield.com/ Name: tuuid_lu
Value: 1632863579
.mts.ru/ Name: dspid
Value: 1458dc2f-1f82-465b-97cd-f2b19c922c3c
.sitescout.com/ Name: ssi
Value: 252ea331-42c6-4f82-8fe6-c5b1fde77f3f#1632863579985
.sitescout.com/ Name: _ssuma
Value: e30
.mts.ru/ Name: mts_id
Value: 15412538-ac56-4859-9530-0bf3909b997f
.mts.ru/ Name: mts_id_last_sync
Value: 1632863580
.amazon-adsystem.com/ Name: ad-id
Value: AzVX0Cz-GkXRgBsq2uqqC7Q
.amazon-adsystem.com/ Name: ad-privacy
Value: 0

1 Console Messages

Source Level URL
Text
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XXcQbA5ESoGrx7MUrgAayg&google_push=AYg5qPIHxQotXlaZUYcwa1JN6NXBhtSetU5UZIDIpPx1Zliw2ElCQMh7Zo0xU61utwCLecH5M01TQ30sQpS7ewf1bC1ei6gPXog
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8e0f2173bc7a5d8fe632922bd91b7a74.safeframe.googlesyndication.com
adservice.google.com
ap.lijit.com
call.bidfluence.com
cdn.bidfluence.com
cdn.jsdelivr.net
cm.g.doubleclick.net
cs.media.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
kravmagapp.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
report.bidfluence.com
s.amazon-adsystem.com
s0.2mdn.net
securepubads.g.doubleclick.net
served.bidfluence.com
server.bidfluence.com
sm.rtb.mts.ru
stwfit.com
tech.rtb.mts.ru
tg.socdm.com
tpc.googlesyndication.com
viewed.bidfluence.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
cm.g.doubleclick.net
pagead2.googlesyndication.com
100.42.50.200
104.16.88.20
124.146.215.51
13.248.242.197
142.250.181.230
142.250.184.193
142.250.184.232
142.250.185.130
142.250.185.132
142.250.185.162
142.250.185.170
142.250.185.194
142.250.185.66
142.250.185.78
142.250.186.34
142.250.186.65
142.250.74.194
151.139.128.11
172.217.18.98
172.217.23.99
2.18.234.21
2.18.235.93
209.54.178.82
213.87.44.187
217.66.147.167
37.252.172.249
52.173.199.57
66.155.71.25
69.173.144.138
72.251.249.13
8.29.155.145
0035297f685fe99c19aaf6afbe028b94190d3bde29a5ecfd5a9c639e2363afe5
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
02a072ba2ec0294703895d51b11d544fea9763807740545df2f25661cc47c911
02ab95cb08b050f9343cef378e404ebacac7f638a5a75ef8eeb3c15b854e6555
03af5404b4ec8f46c5514f311124cc0f92c1c2379645aaefc3af8276981241af
04a1edde1f5c0b7a1b0ef038fa83158b9c72057163cbfed668b8a4751faef86e
0570e86090cc32276c5ec9d9c808ea832a6f045adf1c6eb76e05df0c61e1f3a7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0e32fa3e8193aca4d1295fb08c5c4e1582afde28a1ae382f643df7b88b1d1cf2
0f021d59c3a847ae91997a40765d2e93293ea21d88f0b632c031a47788a028ff
0f49f0ab868a28344372bf122ef6f152cdf6c2457fe24a08102581a2bd16165a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1743b54e611ae08f0ddb89d8d1bc9ae7d78feacbd672c86a5f5bb3c1a582e05e
1b6f88717e97441718b9fbd436b0aa65d4753c36c9901535eb81b7ce4b760bc4
1bc5aa58a785fda75967b7005e1f470cec165041f765b205bd0b8109675592e8
1c60fa4fac4fdab67cf5ad10ec8184d7204e650a145dc992bacb286ddcf62f03
1dd583c8ff8eaeeb2f5622845527acbf0e4a875e335b4b706b305590d5a7b456
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
22f746ffb20b3253ac520bad5f6c18dbf04aec9413fa378b17af8d60211f0fd7
25a54ff1cb79229cc4d3eea2fee74b29d539a0432795a1057d98f7b04f1606c3
289d6e0a0907342fcc661d9944f30ab735754993b96f13f5b59ef4f5269b40fd
28c24329928c6c9d4e0a6f84b33d47027ab3bd213cbc186523bfa1f611836117
2baf44d75c3e355643e73c925f6f587b39e593b51ac18754693d55691157e382
2d203d27410f0097ef8edd788a82e73aeef09cc6ed5134aa04e1428aaddb8e62
2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50
3d42bd3602afb5aaf8c78ecec6627a401861026304c6a2782e26715f0b3a23fb
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
4837c770b412ef92044aabcbe38167362b258f90b1a0a878263be710b7b4349b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bea325722b794d2d66da77b37b6990c75eb49bdc327c581ee372eabfed40f0d
4c95d706475a153fe4bc12a4aae383e5bf845cba076d95d76f413f51424802ee
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5678c08f866bc733971b8f0a931929f7f4715a6443497c0f388862e0da47c639
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0
5d1b2acad2dd2f0095ace4499fb9945a5436adcf28bb47260bf75def4b0235d0
5e40b725929ed342dbb9f130645e2e6a1951ec2868f1faec652f1edb85d43a74
60ba0588a801aaeb7b9af160c17cf208b42a38b5db0bde83404ccbf08d9ce284
6b3d87346e5844331fccb97479b3ddc28a0b10642e53a538ba4db96c9ce90f4a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e25eb10367ca289c8bb70fe93136e734b7ffa12b830d5721c12c73eae798a39
6fceb36b7e9d50093679dff9d557809f4a8a6e5254ebad86d64323b6a38d54ba
740d5a2786ed742a7e5f4b70655da06d451b787ecb741e91c284ff5574f3094f
781c6f5a4d6c00d28b2374244ec58b26c796547371becd613d5aba08968aa8e2
7f76d7655505908267251984ab2711addb1f48112dfdf1e57c60e37f529a04eb
81f307ac40f263e7d4d12a6be3b20edd1c0afaffaddf313d97dca3f6f9977116
88e1cc5467bfcd1bd6b269fcf9db684676ae7d732c2a036d10dacdb66f6bbcaa
89e8eee33ec5ce23049d271aaf4cf8722c76d651e1a63519f24cf23a8ee8df25
8acb04628394993656dad11f23029fc6ad13cf90cfaa1f5df89150b2727684a9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e2d5b7c96931a7cac72873b2f3715f72349cb9bc6289d1facedca268d686864
8ef21389bce7cd844ef9e9fda3d5650f6035c54f801d1384076a70db9183554f
9864268ac658d73aa528ee0aeb65dcc9595024e7d63bc2eac20c1f5eed3718a7
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9dbc92c6ed8953f36da25017d80501fbc64bbf379cf0a64c4e7dfb6e06d9159d
9f36332c33872d7bf19c3479450f6dc08b67537876ed408df283bafddb1a15ef
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aaa6ea2c7d4aaf01461c078c089b35e0800d0010b5602262b323e144c15ed1fe
ac7bd3107f547865a470b1f23ad19a3a00f920b2c786372e989949f3f0ebbec2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b3f8fd60851ea25465da509b7406bcff926f3eeddffa7769fbea9b485ef84ad8
b696dfc59a40f98665773871c86c7efa7b0a8323e589d6a5ef4ddc1fb5d6e8e8
b9c69658dc953f6a4c66d4199f059ff9fffe88aee1b745b465e4a835ff36cc0e
ba9f66e8a9ba6c03f4bd2acb263d493000ba0760eade817ada4c6ba160bbe2dd
bab0b131a4edcae13c50ae5779562e41b9bf3219d77e5a99fc1f403a4c9382ea
bbea63dcf699405225d801cbf8554601327dde44d76e8e26710844e21c62fd88
bcb80c86da267703311d2eeb3bdb5af0dedf63589d7d6eee4ed81f4bad7537f6
c12787c0349b163de911d9605e4299a4ac5b578d23d2094b7b1c6abf850700e8
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
d2b9f29ea1f42a60a8beb1c04f76868287f2a48d6ec50fb39d6b888584a03c49
d627327018514004ab6c7fa5c920302e5d80343176293dd71cc2670b07a69838
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
da8167104dc010ab07b884fd8941e92aad258f4ad0d86b92e35aada15b45a294
dcf8ba61161c2fedfe80ed191526f3d6907b994bbdaf7a85a2d9a2fd2df5b07f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5668ad294690c0def710438c8462f2eb7ece9e8ef4b7ab53cb93a45d1f8cd7c
e5f904c052561f2de7cb1e1e91467d3da611e871c46e1195ef4d3e2b5c375294
eaf042ded29efeb14f46e2ef3287926178d9ae5fb0335865ecb0c94b2a8cc261
eca6e6ff5dfd177a0cced70a8d011bcd754833c103ddfe3b31a6e14ff61be710
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a6c653ee82cb36677404eab7c258ce985aef5a6d36a064a5a805548fadea82
f3ce311a88c449a4103d3d88e1d4e6a55a5a8418fb2b9b5fa6b0895e7ac6e967
f9385ecf19d3c9a47b063498b5444d251cbe7528ee7af46698c9e25627fb8acc
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62