www.habseyesontheprize.com Open in urlscan Pro
104.248.51.254 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.habseyesontheprize.com/
Effective URL:
https://www.habseyesontheprize.com/
Submission: On October 27 via manual (October 27th 2023, 11:32:27 am UTC) from IN — Scanned from DE

Summary HTTP 190 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 35 IPs in 8 countries across 41 domains to perform 190 HTTP transactions. The main IP is 104.248.51.254, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.habseyesontheprize.com. The Cisco Umbrella rank of the primary domain is 695802.
TLS certificate: Issued by R3 on September 11th 2023. Valid for: 3 months.

This is the only time www.habseyesontheprize.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	104.248.51.254 104.248.51.254	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
16	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
9	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
16	138.197.227.182 138.197.227.182	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
2	2606:4700:e0:... 2606:4700:e0::ac40:660b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
42	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 15	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.165 213.155.156.165	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
3	2600:1901:0:7... 2600:1901:0:76b9::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:290e:3f93:cc5a:81f7	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.2.229 37.157.2.229	198622 (ADFORM) (ADFORM)
1 1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
3	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
2 2	52.57.124.150 52.57.124.150	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 2	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	92.123.148.9 92.123.148.9	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6810:c0cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
4 4	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
3	18.135.30.228 18.135.30.228	16509 (AMAZON-02) (AMAZON-02)
190	35

6 104.248.51.254 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 1037083.cloudwaysapps.com

www.habseyesontheprize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 138.197.227.182 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cprod.apps.forfansnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e0::ac40:660b (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.158.49 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.165 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:290e:3f93:cc5a:81f7 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.229 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.124.150 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-124-150.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.35 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 92.123.148.9 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-9.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:c0cb (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.134 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.135.30.228 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-30-228.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 33424 ad4m.at — Cisco Umbrella Rank: 12394 assets.ad4m.at — Cisco Umbrella Rank: 45800	1 MB
31	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154	118 KB
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	359 KB
18	wp.com i0.wp.com — Cisco Umbrella Rank: 3823 stats.wp.com — Cisco Umbrella Rank: 2855 pixel.wp.com — Cisco Umbrella Rank: 2799	325 KB
16	forfansnetwork.com cprod.apps.forfansnetwork.com — Cisco Umbrella Rank: 506476	16 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	180 KB
6	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 150954 static-de.ad4mat.net — Cisco Umbrella Rank: 188473	11 KB
6	habseyesontheprize.com 1 redirects www.habseyesontheprize.com — Cisco Umbrella Rank: 695802	74 KB
4	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 18131	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	236 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	49 KB
3	webgains.com track.webgains.com — Cisco Umbrella Rank: 62639
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
2	lead-alliance.net 2 redirects www.lead-alliance.net — Cisco Umbrella Rank: 83719	734 B
2	telefonica-partner.de 2 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 82742	514 B
2	conrad.de www.conrad.de — Cisco Umbrella Rank: 100456	605 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1403	450 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 912	2 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 599	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 860 s.tribalfusion.com — Cisco Umbrella Rank: 2311	1 KB
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 597	725 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4905	655 B
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 54581	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	297 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 795	1 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	316 B
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1002	28 KB
1	blau.de partner.blau.de — Cisco Umbrella Rank: 166706	1 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 90716	1 KB
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5683	553 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	464 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 746	339 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	715 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 728	98 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	542 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1324	213 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 726	187 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181	610 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 762	30 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	3 KB
190	41

	Domain	Requested by
18	assets.ad4m.at	as.ad4m.at
16	cprod.apps.forfansnetwork.com	www.habseyesontheprize.com cprod.apps.forfansnetwork.com
16	i0.wp.com	www.habseyesontheprize.com
15	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
15	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
12	ad4m.at	as.ad4m.at ad4m.at
12	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
12	pagead2.googlesyndication.com	www.habseyesontheprize.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
9	www.googletagmanager.com	www.habseyesontheprize.com www.googletagmanager.com
6	www.habseyesontheprize.com	1 redirects www.habseyesontheprize.com
4	ad.doubleclick.net	4 redirects
4	www.awin1.com	2 redirects as.ad4m.at
4	www.googletagservices.com	googleads.g.doubleclick.net
4	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
3	track.webgains.com	as.ad4m.at
3	static-de.ad4mat.net	as.ad4m.at
3	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	www.habseyesontheprize.com googleads.g.doubleclick.net
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	www.conrad.de	as.ad4m.at
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	pm.w55c.net	2 redirects
2	c1.adform.net	2 redirects
2	dis.criteo.com	googleads.g.doubleclick.net
2	d5p.de17a.com	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	um.simpli.fi	2 redirects
2	region1.google-analytics.com	www.googletagmanager.com
2	use.fontawesome.com	www.habseyesontheprize.com
1	partner.blau.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	ads.travelaudience.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	onetag-sys.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	id.rlcdn.com	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	pixel.wp.com	www.habseyesontheprize.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	code.jquery.com	www.habseyesontheprize.com
1	cdn.jsdelivr.net	www.habseyesontheprize.com
1	stats.wp.com	www.habseyesontheprize.com
190	51

This site contains links to these domains. Also see Links.

Domain
www.patreon.com
www.forhockeyfans.com
www.forfansnetwork.com
www.puckyeti.com
www.secondcityhockey.com
www.jacketscannon.com
www.bluenotehockey.com
www.runsonhockey.com
www.nucksongoal.com
www.japersrink.com
www.fiveforhowling.com
www.thejerseyscore.com
www.anaheimcalling.com
www.redmilehockey.com
www.broadstreethockey.com
www.knightsonice.com
www.categoryfivehockey.com
www.belmontskates.com
www.arcticicehockey.com
www.jewelsfromthecrown.com
www.davyjoneslockerroom.com
www.rawcharge.com
www.baystreetblues.com
www.foroilersfans.com
www.litterboxcats.com
www.tuxpucks.com
www.ontheforecheck.com
www.blueshirtbanter.com
www.wingingitinmotown.com
www.diebytheblade.com
www.forsensfans.com
www.fearthefin.com
www.defendingbigd.com
www.wildforhockey.com

Subject Issuer	Validity	Valid
www.forfansnetwork.com R3	`2023-09-11` - `2023-12-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
cprod.apps.forfansnetwork.com R3	`2023-09-20` - `2023-12-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-09-26` - `2023-12-25`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh

This page contains 28 frames:

Primary Page: https://www.habseyesontheprize.com/
Frame ID: 8F886C4A9F8428359B4C56FBCC6474DE
Requests: 65 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/zrt_lookup.html
Frame ID: 787C358D71117D5E2132322057C34DD6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&adk=1812271804&adf=3025194257&lmt=1698399141&plaf=7%3A2&plat=1%3A16777216%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x810_l%7C140x810_r&format=0x0&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406341370&bpp=3&bdt=205&idt=206&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5725263893245&frm=20&pv=2&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=224
Frame ID: 926667C1BECFE7512135245AE0CBA74F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2137320495&pi=t.aa~a.2318999906~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1360&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0&nras=2&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=L1igCWK7Jc&p=https%3A//www.habseyesontheprize.com&dtd=3
Frame ID: 18FFA34D98AB9C39B5C206258BE9AAE2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2338424597&pi=t.aa~a.3462012197~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280&nras=3&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7I68LMkGhF&p=https%3A//www.habseyesontheprize.com&dtd=12
Frame ID: CD6B7D79384ACD31A196ED0D76A6B1CF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=4183556756&pi=t.aa~a.3832280647~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280%2C535x280&nras=4&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qV3vXKXlYE&p=https%3A//www.habseyesontheprize.com&dtd=16
Frame ID: 2726B93C0096EE83F3C6ED1558138073
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=200&adk=311239313&adf=2512620225&pi=t.aa~a.4211497199~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x200&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=0&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280%2C535x280%2C535x280&nras=5&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=3452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=pvFYSmB1rE&p=https%3A//www.habseyesontheprize.com&dtd=21
Frame ID: 607B67B59D10A2DC2A7397DB8E7FB366
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Frame ID: 148717EFB745614DF4B2917ABA3B46E3
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0F3BEA6AFCEFDB640461FF70E152B36D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 29DC0DD009E242EC455E3E1D95076F91
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: F5AA0F65EB0832D7321922593995CEE8
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 633E60612CD808BA1587A273D1872124
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FZ9XXdmvjlIvw6QJ2t2pvLscGtIfNwGGEz70b-Okwhc.js
Frame ID: 770306462B9ECCD9602269497A634D75
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1ghvbk832q471evphczn42ghzz3kcggwxp33k7f15bpt3bvrw6b2askzpmx99fg87w1t62rkkhc8eq8yej6daq1cgwtme1tq71m391zr6hq6rq5n39ct9nfexfv1t3ztzt6trd9vc0ps9et0d5hhx65p5yftd2jr75egea4vxec2ptja4fzw324vs346agrdsshfgyrgq7ahhk59w92evw1v3k1sw2dm4xsd97sa3q3z43zp0jb8pn1xqkzpc3fxndj8wvy3hgbyda8g55qa8nkqh5s3qev91m2083dmh5bays4keez1q1dcxg5c4abv4azzqwtpqb91prz4ct2y88bc3wszv6dfezfv6rpemsnnhg17hwx69vjy5ab4v3mmjqywg3rkr5xtk3et37gwykq2j7a4gp84txwc11knwfxfe3kn8chfa&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSUGxxp87ZenII4XK6gSw_L7wCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCtNCCGX-5sT6oAwHIAwKqBIcCT9B-ZmKZXeyy1EzwMawzcCmoJPwu_qMUAyBTRy0WZYOg53mDYn40uCixNDAYTyqdl7iS_G4jA7V2RzDktIozolcmQol47Si_-TBubrNFVuNeaGaeDtri5axG50FjTc8Qr36optuokzgazmpZTzXdCYyRgHLX0SdwN6B4Gqmu1u7QkLRBqyGFCTxOLRbrBf0A3AtAol6uDAKcSe09z97W1hjTSoPQBPZpFiBhQc3n7pNPqTR91d3jw_S5EWNe4hauNOAZ0N_LOqPPrldvw6McFs7x1OG2rAH7IQ2xGb5mF-KbYqYeNIaMQyA1uLCzGMHuxM2UY-6L88Lw4ttUUGpZLE0PaG0bCyuABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_009JdYl7-E1h3hkpkG5wLRaQ2QaA%26client%3Dca-pub-9011305505618306%26adurl%3D
Frame ID: 1EAAEBF27BF5467A08F82BCF3FC14206
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js
Frame ID: 8FA438373AEF49B47C9E01CF163E2CBF
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 29D6A012DEF7FBD62977408C38264039
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kw8mhab6516qgmrw7bjjhw804h9yzq19pyd47sybsh9q6q2wga067p9jbhkh77rkzdvyt6gpr9yc3sgywdt30vr1ac7w3h3vwfxxxt881nr7c8kgdrhm37crwvd6g0hwspy9yr3v6cxyfk0xs4ptf8egdkbbv2hr09qpda8tn2ev8w1wzd0pgec0yjykpkkn1jm57ezvaxbzk1v1jwzxg55jss103tpvfx2fbt2nrgf5pkjf43tg2g430xhgp6d4qjktf1mdydx2bvhw0apr0brksj0ce72gtvf6b540cttthm1d0qg0adf1vjph9ww3b7da4gyvfvrgpkv8wcn44nhwkw76ym4vj2zf3xv9spbrx08sgza5a8n190xdwf3yndvsv2actencvm1fv5arz9tvehkm35gkm6br6z5ngh63edp860wr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpw70xp87ZdaHI4a97gTX1KewB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9BhxQm0MMEFJSvs2WN3UC6Jcg5aDuMwKD5mte0fySaEG8DPT6BfUmSTI5BFdRA4W-tormxBXkFYYbJSvt9PenBFDi-IgOwwklJfouIRBdBnradwd5zTqCopPYg1UHaz2Zxj1RNgzgAlY4XAa-jT_XN8pHyeqI8lVoq0QxcO_2AZGUL56V4kHWuAphd261rNWyL11cv03mWSr3msICyjsU7yuKY0cFqY8x7GRiFTBZJHoetZh2z2iUuV6Y5hyMpjyLAtU8UUGhYEp05nYgRKXVWnrv1G5yR0gRRhLuy357ZPB5bbT9fkcE-CSMnWKR89nI5aCOblqPGnQAsiWuls_kLLKrf4L9eABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32CiART-WNyOqdCjL2INramiTOCQ%26client%3Dca-pub-9011305505618306%26adurl%3D
Frame ID: 13AEB2CAA99C78ACF61F7E5C8686A511
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js
Frame ID: 5CF485273D2CA605832E8B8E2B45A669
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F5EFFEE8ECC04DC52B5DE33ECD939276
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 0A127F886B0753C51BEAB489EEF30BAC
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 1478E6F0435D411647F9A5FA1C67A71C
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kj4wk0da2nhnhngjyzgk2ehegg30nq0zq4xfzdqmf5htw3za02rxfmmgpf33z8fjw3tkqj5d7hm41thfcfsgsvr2sjg8fw8qj8t7tswex3d47vwk0hzs71n09rpxyd0vat969r786nsvmawhrcra26mrag7w6g0z261ykh6p7s45wpzgghy1063prcnqtz8dfet214p0fy36zqz2my66dacc8qgp8da0b3v61fgbdn6x7jesjgdqg8pzyrf66wevxh9tnzeqkzv4xvwv81cjmf1cd4w02mckgw0de2h704e1ac4wwqg673fvg159mzthfkpkx287z9cc2mb7qnf8jcwp4rm72rk8ryxrask68e10n14bb2vc02vc8abkzccb61m3djf7vraav56p5rhsag9fq0nyx375qb42h0p8aa022qwsc70m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_Ufnxp87ZbS1IsXImQbZ2Kj4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9Cr1tPAkojV5na2UM28FuvWnk_ujNTERBca0vD-aVYc_KJOzS7PDC3Gxqgo9o7ovBg0CU7XaacdP5oe0qgPIkM1EbPw2L17EUW3AdukIVjaga0HA4aAwoPtr8dtMz7i-rOxQFBWcq6ZLhM9pARXle9pxrhCzA5RjXbVGoiWz58Mfz0n6A5mpnANc6uBwFL6Jh0Xj9ZKkWsk_0ZPZUeG5NsOKiMNDw-zYHZuAjHPShQO6JiYlGXUSh1wxN0f8em8r9kVmjyCXBGRoRwLbeoDSuJADQKPBbWXpa7iSYRG7Yw21y20VJKHmPKU_4z-_s9dRhtTysZtqCDU6pPY460zJu6j1EQ6VMOABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_13-q6sM1VA-0KmHVNnyqyX2z5fnQ%26client%3Dca-pub-9011305505618306%26adurl%3D
Frame ID: 24E24981802E672D1F03768F504D0486
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js
Frame ID: 6DECC0B4BBC14D7E1CD540351EF0C97E
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AB00FE1392D5B2757A2FDF1F2812B419
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C19491&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=ee367f44e9ed3ac4cd5ed7381ff40a42%2F17095224808383307496&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343184&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzwrtkt7vjmfnec8khpd0y3kn1yvttwn5d2y2083k1hfvy1h87fd7akrdw9tyn66ve8w2cbeprgc1sqk6wtjdppbrmjn80j4zxye0s7zzbaqhhby6gmk8y68vz9xqrznf93k3xz3wyqgwmy0h8rhvzmw5646j1rrr8fs4zwkscdq31t6bqd99fs9z04n8spsh1t2vjkxxc96zx2pzd5336ydfgy0b5q8et3ep3q63zy9mypva06p46tbq1ygj7d61apwrsq9jjztd8jqvp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSUGxxp87ZenII4XK6gSw_L7wCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCtNCCGX-5sT6oAwHIAwKqBIcCT9B-ZmKZXeyy1EzwMawzcCmoJPwu_qMUAyBTRy0WZYOg53mDYn40uCixNDAYTyqdl7iS_G4jA7V2RzDktIozolcmQol47Si_-TBubrNFVuNeaGaeDtri5axG50FjTc8Qr36optuokzgazmpZTzXdCYyRgHLX0SdwN6B4Gqmu1u7QkLRBqyGFCTxOLRbrBf0A3AtAol6uDAKcSe09z97W1hjTSoPQBPZpFiBhQc3n7pNPqTR91d3jw_S5EWNe4hauNOAZ0N_LOqPPrldvw6McFs7x1OG2rAH7IQ2xGb5mF-KbYqYeNIaMQyA1uLCzGMHuxM2UY-6L88Lw4ttUUGpZLE0PaG0bCyuABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_009JdYl7-E1h3hkpkG5wLRaQ2QaA%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Frame ID: F42276E871F0BCD502988D62A4832A20
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=3fae36ae061d446c5b2ccde96e22107a%2F9172787288021173686&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz0623mkeny9hdfqsq87d2g41v3m132h16mvg46fza77j01sp71xczkby0zcnscajc6m39dqn9trb5cwg7e6nvbdp4n5afmn83se490yfmdm0pw9k7nq3zpnaxw4hnz09exhqef9azhw3tq0hkbrq4n9t0x3t7exvwgt1bdt52an6fe7bdvqv3mjs2zr5mrzrdhqmra1rrr4zghtr48tcm11sf2eb8jxq3ks3ej7bfg14q9d8mbh9c21d6wpgpea76a9pjvatdrwxzt525g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpw70xp87ZdaHI4a97gTX1KewB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9BhxQm0MMEFJSvs2WN3UC6Jcg5aDuMwKD5mte0fySaEG8DPT6BfUmSTI5BFdRA4W-tormxBXkFYYbJSvt9PenBFDi-IgOwwklJfouIRBdBnradwd5zTqCopPYg1UHaz2Zxj1RNgzgAlY4XAa-jT_XN8pHyeqI8lVoq0QxcO_2AZGUL56V4kHWuAphd261rNWyL11cv03mWSr3msICyjsU7yuKY0cFqY8x7GRiFTBZJHoetZh2z2iUuV6Y5hyMpjyLAtU8UUGhYEp05nYgRKXVWnrv1G5yR0gRRhLuy357ZPB5bbT9fkcE-CSMnWKR89nI5aCOblqPGnQAsiWuls_kLLKrf4L9eABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_32CiART-WNyOqdCjL2INramiTOCQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Frame ID: A884FEC46A239A438220D39F5AD2BCA9
Requests: 11 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: F749F6B18BD875C81995FB752915C34D
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=24723%2C305597%2C14019&b=2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9%2CV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ&f=4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA%2Cm8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA&c=300&d=250&e=&g=b86b57b7c9a6d1f190fb9ad4feb883a3%2F2198910366992176183&i=22473%2C83339%2C21596&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343384&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1krpn56n4tea223kgsvpabnzyknty5bcxtq765j5kh5x0hq27v94g1hahv4x6k8zwz7t703v5kks6r5t85906cdxydsfh876t92ey9zd58msmd3a7cqhgrex8vdc289f31dy3st560ps8bksmckvvj84j227q2jddxv7td0jzzt1e5z4jr1s5k21bgmssmtcqxkw5j2a6cn2v2jxkes7s5wr6fxrx3qas8zd6hgnz9t3z6jw8dy1mk3v6fjpja211aqk3j7pw1rkh7khz9eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Ufnxp87ZbS1IsXImQbZ2Kj4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9Cr1tPAkojV5na2UM28FuvWnk_ujNTERBca0vD-aVYc_KJOzS7PDC3Gxqgo9o7ovBg0CU7XaacdP5oe0qgPIkM1EbPw2L17EUW3AdukIVjaga0HA4aAwoPtr8dtMz7i-rOxQFBWcq6ZLhM9pARXle9pxrhCzA5RjXbVGoiWz58Mfz0n6A5mpnANc6uBwFL6Jh0Xj9ZKkWsk_0ZPZUeG5NsOKiMNDw-zYHZuAjHPShQO6JiYlGXUSh1wxN0f8em8r9kVmjyCXBGRoRwLbeoDSuJADQKPBbWXpa7iSYRG7Yw21y20VJKHmPKU_4z-_s9dRhtTysZtqCDU6pPY460zJu6j1EQ6VMOABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_13-q6sM1VA-0KmHVNnyqyX2z5fnQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Frame ID: 6EEB1A642DE65FEA8A7F8A76976A5A53
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Habs Eyes on the Prize

Page URL History Show full URLs

http://www.habseyesontheprize.com/ HTTP 301
https://www.habseyesontheprize.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

190
Requests

91 %
HTTPS

47 %
IPv6

41
Domains

51
Subdomains

35
IPs

8
Countries

2636 kB
Transfer

5590 kB
Size

36
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://www.patreon.com/user?u=87543484
Title: Support Us

Search URL Search Domain Scan URL

URL: https://www.forhockeyfans.com/
Title: Teams

Search URL Search Domain Scan URL

URL: https://www.forfansnetwork.com/
Title: ForFansNetwork

Search URL Search Domain Scan URL

URL: https://www.puckyeti.com/
Title: Avalanche

Search URL Search Domain Scan URL

URL: https://www.secondcityhockey.com/
Title: Blackhawks

Search URL Search Domain Scan URL

URL: https://www.jacketscannon.com/
Title: Blue Jackets

Search URL Search Domain Scan URL

URL: https://www.bluenotehockey.com/
Title: Blues

Search URL Search Domain Scan URL

URL: https://www.runsonhockey.com/
Title: Bruins

Search URL Search Domain Scan URL

URL: https://www.nucksongoal.com/
Title: Canucks

Search URL Search Domain Scan URL

URL: https://www.japersrink.com/
Title: Capitals

Search URL Search Domain Scan URL

URL: https://www.fiveforhowling.com/
Title: Coyotes

Search URL Search Domain Scan URL

URL: https://www.thejerseyscore.com/
Title: Devils

Search URL Search Domain Scan URL

URL: https://www.anaheimcalling.com/
Title: Ducks

Search URL Search Domain Scan URL

URL: https://www.redmilehockey.com/
Title: Flames

Search URL Search Domain Scan URL

URL: https://www.broadstreethockey.com/
Title: Flyers

Search URL Search Domain Scan URL

URL: https://www.knightsonice.com/
Title: Golden Knights

Search URL Search Domain Scan URL

URL: https://www.categoryfivehockey.com/
Title: Hurricanes

Search URL Search Domain Scan URL

URL: https://www.belmontskates.com/
Title: Islanders

Search URL Search Domain Scan URL

URL: https://www.arcticicehockey.com/
Title: Jets

Search URL Search Domain Scan URL

URL: https://www.jewelsfromthecrown.com/
Title: Kings

Search URL Search Domain Scan URL

URL: https://www.davyjoneslockerroom.com/
Title: Kraken

Search URL Search Domain Scan URL

URL: https://www.rawcharge.com/
Title: Lightning

Search URL Search Domain Scan URL

URL: https://www.baystreetblues.com/
Title: Maple Leafs

Search URL Search Domain Scan URL

URL: https://www.foroilersfans.com/
Title: Oilers

Search URL Search Domain Scan URL

URL: https://www.litterboxcats.com/
Title: Panthers

Search URL Search Domain Scan URL

URL: https://www.tuxpucks.com/
Title: Penguins

Search URL Search Domain Scan URL

URL: https://www.ontheforecheck.com/
Title: Predators

Search URL Search Domain Scan URL

URL: https://www.blueshirtbanter.com/
Title: Rangers

Search URL Search Domain Scan URL

URL: https://www.wingingitinmotown.com/
Title: Red Wings

Search URL Search Domain Scan URL

URL: https://www.diebytheblade.com/
Title: Sabres

Search URL Search Domain Scan URL

URL: https://www.forsensfans.com/
Title: Senators

Search URL Search Domain Scan URL

URL: https://www.fearthefin.com/
Title: Sharks

Search URL Search Domain Scan URL

URL: https://www.defendingbigd.com/
Title: Stars

Search URL Search Domain Scan URL

URL: https://www.wildforhockey.com/
Title: Wild

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.habseyesontheprize.com/ HTTP 301
https://www.habseyesontheprize.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 96

https://um.simpli.fi/gp_match?google_gid=CAESEJSBZxIYM9mo6BpLXUWkhrU&google_cver=1&google_push=AXcoOmQh_zWpOh07F_qpkGZu7-XjI9_nquOPnUv2GNXC0Fix3KxedECbSogOKaoG-WIqFBEfYPGo8yBy4rgZyjsK2TufdZz0UFE7bqwF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=73A910ED26CF44AEBD3EEC4AC84EFCE5&google_push=AXcoOmQh_zWpOh07F_qpkGZu7-XjI9_nquOPnUv2GNXC0Fix3KxedECbSogOKaoG-WIqFBEfYPGo8yBy4rgZyjsK2TufdZz0UFE7bqwF

Request Chain 99

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGOCWA4q02qhUQ4JsXXDACU&google_cver=1&google_push=AXcoOmQZUFQPZ5xiXUcSDJk-Al8ZoZQtTx5IXeWqan0fa8kqq1pCdrkdFZA9tqeGdI9Kxdqgrlo5cKoua9Zg8TsXde0jELxfnObynPk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQZUFQPZ5xiXUcSDJk-Al8ZoZQtTx5IXeWqan0fa8kqq1pCdrkdFZA9tqeGdI9Kxdqgrlo5cKoua9Zg8TsXde0jELxfnObynPk&google_hm=HmYG_iAhTNeIcEewr9rBhio

Request Chain 100

https://d5p.de17a.com/cookies/google?google_gid=CAESENXDZ5GauCiBzQ9fteGMfrQ&google_cver=1&google_push=AXcoOmR3MosXwxjaIsVo_vlSofDVHj3Q1QgRtn9ybzJTn2SGMT48LxSXGES0u-F7NoQNwV3zhK7XOqzTr-1TIy5IjKPGUsghkMGtI3gt HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESENXDZ5GauCiBzQ9fteGMfrQ&google_cver=1&google_push=AXcoOmR3MosXwxjaIsVo_vlSofDVHj3Q1QgRtn9ybzJTn2SGMT48LxSXGES0u-F7NoQNwV3zhK7XOqzTr-1TIy5IjKPGUsghkMGtI3gt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR3MosXwxjaIsVo_vlSofDVHj3Q1QgRtn9ybzJTn2SGMT48LxSXGES0u-F7NoQNwV3zhK7XOqzTr-1TIy5IjKPGUsghkMGtI3gt

Request Chain 113

https://a.tribalfusion.com/i.match?p=b6&u=CAESECMRoHqQ0Fdyn3CzdxoZQt0&google_cver=1&google_push=AXcoOmS3cajFQZ3RwUITngE9nRshg8Li_OfKpGr5--ns-11OGd4dQUEzzkhu5h_zL6uR1aIhJSU8ZFw4ykiWKVbvpZVJIzHYqK-37mM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS3cajFQZ3RwUITngE9nRshg8Li_OfKpGr5--ns-11OGd4dQUEzzkhu5h_zL6uR1aIhJSU8ZFw4ykiWKVbvpZVJIzHYqK-37mM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECMRoHqQ0Fdyn3CzdxoZQt0&google_cver=1&google_push=AXcoOmS3cajFQZ3RwUITngE9nRshg8Li_OfKpGr5--ns-11OGd4dQUEzzkhu5h_zL6uR1aIhJSU8ZFw4ykiWKVbvpZVJIzHYqK-37mM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS3cajFQZ3RwUITngE9nRshg8Li_OfKpGr5--ns-11OGd4dQUEzzkhu5h_zL6uR1aIhJSU8ZFw4ykiWKVbvpZVJIzHYqK-37mM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 114

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKGZ-3iiN_e-3MYa4hoqFZ0&google_cver=1&google_push=AXcoOmSeK6zOcvD5lh_AVtbzWgEWNcqqdjitWpq_T6I2Egxe-30h0Xo5d32SSArGCo0e1FQzFo95-mEXxPKI6UN2c5SNG1W4eL_uLGw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKGZ-3iiN_e-3MYa4hoqFZ0&google_push=AXcoOmSeK6zOcvD5lh_AVtbzWgEWNcqqdjitWpq_T6I2Egxe-30h0Xo5d32SSArGCo0e1FQzFo95-mEXxPKI6UN2c5SNG1W4eL_uLGw

Request Chain 117

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECqzAJJt8SwEhfflF1GhyWo&google_cver=1&google_push=AXcoOmRQ436P8uAuONZcbrk4BIrI8pgCD6VvMb0huCOHPbOWjDXfq_jT_mvPpB4-5Beu-5lQFVQ0x_seBeVFiN--PFOJxRzlSVjAu7A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRQ436P8uAuONZcbrk4BIrI8pgCD6VvMb0huCOHPbOWjDXfq_jT_mvPpB4-5Beu-5lQFVQ0x_seBeVFiN--PFOJxRzlSVjAu7A&google_hm=eS10U21qOXVoRTJwRjdUTXJmSjBhR1ZMTVNrY0NFVERuM35B

Request Chain 118

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA5Z4DxHU3EtQfSg-z6JqvU&google_cver=1&google_push=AXcoOmR1KKglg5GMJmrml-JVUlWnteMYglsZiLS8DW8HoY0zGyQM8nQivT6eOH44g4GEcpASIdJCH-bKyZPldwXEKr98swiN8FNtNyg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEA5Z4DxHU3EtQfSg-z6JqvU&google_cver=1&google_push=AXcoOmR1KKglg5GMJmrml-JVUlWnteMYglsZiLS8DW8HoY0zGyQM8nQivT6eOH44g4GEcpASIdJCH-bKyZPldwXEKr98swiN8FNtNyg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjAxNjUzMzI5NDMyNTgzOTAwMA&google_push=AXcoOmR1KKglg5GMJmrml-JVUlWnteMYglsZiLS8DW8HoY0zGyQM8nQivT6eOH44g4GEcpASIdJCH-bKyZPldwXEKr98swiN8FNtNyg

Request Chain 119

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKS0WT6MGy4GAr7rGlNCjRA&google_cver=1&google_push=AXcoOmQCJzfzCFhIOZcQqmKhVazmCiwM9IvTTPThfk9vuHGDFFdMUJd1RwKHtyjD0SsZXSovSM6OlSa4bPlgbXhBQKeIIkEf_TEMx_o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQCJzfzCFhIOZcQqmKhVazmCiwM9IvTTPThfk9vuHGDFFdMUJd1RwKHtyjD0SsZXSovSM6OlSa4bPlgbXhBQKeIIkEf_TEMx_o

Request Chain 143

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK1pKzKohEAMSw3Ldfm-Usk&google_cver=1&google_push=AXcoOmRYC4O-LMyNCjiKG0jQgj7jBw6HpolRckljeQhfqOfPe3dX-PGcH1ghB7lM6JZdNdY8dMtrx3dZkXEXL5uKCzuwCzT28IypYg4 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK1pKzKohEAMSw3Ldfm-Usk&google_cver=1&google_push=AXcoOmRYC4O-LMyNCjiKG0jQgj7jBw6HpolRckljeQhfqOfPe3dX-PGcH1ghB7lM6JZdNdY8dMtrx3dZkXEXL5uKCzuwCzT28IypYg4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cWhLN01IOFAxUVdsNEg1&google_gid=CAESEK1pKzKohEAMSw3Ldfm-Usk&google_cver=1&google_push=AXcoOmRYC4O-LMyNCjiKG0jQgj7jBw6HpolRckljeQhfqOfPe3dX-PGcH1ghB7lM6JZdNdY8dMtrx3dZkXEXL5uKCzuwCzT28IypYg4

Request Chain 144

https://um.simpli.fi/gp_match?google_gid=CAESENQNqJk88XCZdtCLXBKU1mY&google_cver=1&google_push=AXcoOmSBT5FdVKgtS03ykWy0N2F-SdvJLjiG532t56c4sZVyrX6loBGXRXvxNI5PrCJ6p2b3T5EzeW5tG94QpnAJcG6gLZE4PS9lzqM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=73A910ED26CF44AEBD3EEC4AC84EFCE5&google_push=AXcoOmSBT5FdVKgtS03ykWy0N2F-SdvJLjiG532t56c4sZVyrX6loBGXRXvxNI5PrCJ6p2b3T5EzeW5tG94QpnAJcG6gLZE4PS9lzqM

Request Chain 145

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELSJfEl4FgiQ6o5Q9-pBOXw&google_cver=1&google_push=AXcoOmRRKyDvrTHmlf7CU471jaazdmIyLDukFDj6xIC_7G5I8GjjNFYHuM5QkJSPsBl3R3E8v1pudQYjXnQL_Ksvg0DBlreGKWn_JL0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRRKyDvrTHmlf7CU471jaazdmIyLDukFDj6xIC_7G5I8GjjNFYHuM5QkJSPsBl3R3E8v1pudQYjXnQL_Ksvg0DBlreGKWn_JL0&google_hm=HmYG_iAhTNeIcEewr9rBhio

Request Chain 146

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBMhPRhBxEuUo_p0wAZmQzg&google_cver=1&google_push=AXcoOmRCZWp97m8EeegGs_SulOA4Zs7qjEIfd1MsdYJU8LkeMTajN2fLyrqTo0sDtaUVKEU34rqPcfjqqp6zv167yOV8xvHsbaUC8A HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=aiMtrPJ_RxA8eG5A9XXGgA&google_push=AXcoOmRCZWp97m8EeegGs_SulOA4Zs7qjEIfd1MsdYJU8LkeMTajN2fLyrqTo0sDtaUVKEU34rqPcfjqqp6zv167yOV8xvHsbaUC8A

Request Chain 148

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFLa7qBPOi0Zzmocz_DC8xQ&google_cver=1&google_push=AXcoOmRgrwswe3ecSzo6rjANo8p0h9rAbLQb2XitdCMtBd9qC5OyK8WEsMSikvb_wTyJMlEd-K1S5QNIen9VCXDXevNvuUUynQfc5GY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRgrwswe3ecSzo6rjANo8p0h9rAbLQb2XitdCMtBd9qC5OyK8WEsMSikvb_wTyJMlEd-K1S5QNIen9VCXDXevNvuUUynQfc5GY HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 159

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1698406343_7f5032a0-74bc-11ee-84cc-223908f3a6a6&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 162

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=COLhndaQloIDFaeJ_Qcd65EB4g;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023102713322390048505163X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023102713322390048505163X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218

Request Chain 165

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3Dviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CMTindaQloIDFdmh_QcdOWQJ8g;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3Dviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023102713322390048505165X113752V1225131106MSviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0

Request Chain 190

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1698406343_7f78f050-74bc-11ee-98d5-22653d8c0e4c&insert=AW&&gdpr=0&gdpr_consent=

190 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.habseyesontheprize.com/
Redirect Chain

http://www.habseyesontheprize.com/
https://www.habseyesontheprize.com/

74 KB
15 KB

394ms
194ms

Document
text/html

104.248.51.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.habseyesontheprize.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.248.51.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1037083.cloudwaysapps.com
Software: nginx /
Resource Hash: d29e107bd14ea447ebdd2865fb4567534ac384fd7e16ac2703da851d96f5085b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 54
content-encoding: gzip
content-length: 14617
content-type: text/html; charset=UTF-8
date: Fri, 27 Oct 2023 11:32:21 GMT
link: <https://www.habseyesontheprize.com/wp-json/>; rel="https://api.w.org/"
server: nginx
vary: Accept-Encoding
x-cache: HIT

Redirect headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 27 Oct 2023 11:32:20 GMT
Location: https://www.habseyesontheprize.com/
Server: nginx

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 45ms
17ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f80efe3fb8e7a80d38a9b6be176d3027ad1e34a73c6195a677ced8caee29400

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 27 Oct 2023 11:32:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 11:19:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 Oct 2023 11:32:21 GMT

GET
H2 200 habs-eyes-on-the-prize-logo.png
i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/09/ 18 KB
18 KB 39ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/09/habs-eyes-on-the-prize-logo.png?fit=300%2C300&ssl=1

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

d566f1cc231612758c9a4c6784c1c4a04599940e22a0785784572016b6f58d07

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Fri, 27 Oct 2023 11:32:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 04 Sep 2023 02:15:21 GMT
server: nginx
etag: "13ec1c75ce612441"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/09/habs-eyes-on-the-prize-logo.png>; rel="canonical"
content-length: 18390
expires: Wed, 03 Sep 2025 14:15:21 GMT

GET
H2 200 USATSI_19177487-scaled.jpg
i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/ 21 KB
21 KB 47ms
16ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/USATSI_19177487-scaled.jpg?resize=600%2C313&ssl=1

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

b901560d01b1a2ec1d793e5df73a42eef79feded8af9af8ae8f6d501c2e494ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Fri, 27 Oct 2023 11:32:21 GMT
x-content-type-options: nosniff
last-modified: Fri, 27 Oct 2023 10:01:31 GMT
server: nginx
etag: "d242bbcc272db938"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/USATSI_19177487-scaled.jpg>; rel="canonical"
content-length: 21138
expires: Sun, 26 Oct 2025 22:01:31 GMT

GET
H2 200 USATSI_21726672-scaled.jpg
i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/ 22 KB
23 KB 50ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/USATSI_21726672-scaled.jpg?resize=600%2C313&ssl=1

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

92801e772fce51a9f523d71c22153aab3c0d34767458c3eeb7ede2f7762c5f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Fri, 27 Oct 2023 11:32:21 GMT
x-content-type-options: nosniff
last-modified: Fri, 27 Oct 2023 08:02:20 GMT
server: nginx
etag: "7d50ac8fbbc4f590"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/USATSI_21726672-scaled.jpg>; rel="canonical"
content-length: 22982
expires: Sun, 26 Oct 2025 20:02:20 GMT

GET
H2 200 USATSI_21741232-scaled.jpg
i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/ 19 KB
20 KB 49ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/USATSI_21741232-scaled.jpg?resize=600%2C313&ssl=1

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

bc2cb8f8cf74cccc3b4c914b1fd1a6bca25b109419f1cee45e264e0ef1450cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Fri, 27 Oct 2023 11:32:21 GMT
x-content-type-options: nosniff
last-modified: Fri, 27 Oct 2023 02:15:11 GMT
server: nginx
etag: "c11607c79bf46bf6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/USATSI_21741232-scaled.jpg>; rel="canonical"
content-length: 19688
expires: Sun, 26 Oct 2025 14:15:11 GMT

GET
H2 200 USATSI_20320907-scaled.jpg
i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/ 20 KB
20 KB 49ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/USATSI_20320907-scaled.jpg?resize=600%2C313&ssl=1

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

5f55f7d61831516527c92983e18992658cd45f94407a2b426ce9e12d847b0939

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Fri, 27 Oct 2023 11:32:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 26 Oct 2023 22:07:40 GMT
server: nginx
etag: "0dae2d8b76718747"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/USATSI_20320907-scaled.jpg>; rel="canonical"
content-length: 20424
expires: Sun, 26 Oct 2025 10:07:40 GMT

GET
H2 200 USATSI_21538674-scaled.jpg
i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/ 11 KB
12 KB 48ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/USATSI_21538674-scaled.jpg?resize=600%2C313&ssl=1

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

11769dce4b087b41c1b7ee447129156fea48606333025d78c9902744e9251ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 27 Oct 2023 11:32:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 26 Oct 2023 10:00:19 GMT
server: nginx
etag: "4cd8effb628edce9"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/USATSI_21538674-scaled.jpg>; rel="canonical"
content-length: 11486
expires: Sat, 25 Oct 2025 22:00:19 GMT

GET
H2 200 USATSI_18660197-scaled.jpg
i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/ 28 KB
28 KB 16ms
14ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/USATSI_18660197-scaled.jpg?resize=600%2C313&ssl=1

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

f323934379a9755b43f906d21a54878a7c3e1f7db45b0ca73b9815005d47e317

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Fri, 27 Oct 2023 11:32:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 26 Oct 2023 08:15:44 GMT
server: nginx
etag: "5c4d08d1ec656dde"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/USATSI_18660197-scaled.jpg>; rel="canonical"
content-length: 28278
expires: Sat, 25 Oct 2025 20:15:44 GMT

GET
H2 200 Screenshot-2023-10-24-at-13.25.39.jpg
i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/ 16 KB
16 KB 17ms
14ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/Screenshot-2023-10-24-at-13.25.39.jpg?resize=600%2C313&ssl=1

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

c2b648bc16ece8b9582dccbe8eeccc003a17953e89ae7964b60fc8ae7ca6bcd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Fri, 27 Oct 2023 11:32:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Oct 2023 12:00:21 GMT
server: nginx
etag: "524326ec381e967a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/Screenshot-2023-10-24-at-13.25.39.jpg>; rel="canonical"
content-length: 16360
expires: Sat, 25 Oct 2025 00:00:21 GMT

GET
H2 200 USATSI_21652748-scaled.jpg
i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/ 17 KB
17 KB 17ms
15ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/USATSI_21652748-scaled.jpg?resize=600%2C313&ssl=1

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

2ee8d5d7a782b00379cc354076f2e38e1bdca45271c79a94f905571ef2c62aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Fri, 27 Oct 2023 11:32:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Oct 2023 10:00:31 GMT
server: nginx
etag: "1639b13bdfee75ff"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/USATSI_21652748-scaled.jpg>; rel="canonical"
content-length: 17166
expires: Fri, 24 Oct 2025 22:00:31 GMT

GET
H2 200 USATSI_20392616-scaled.jpg
i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/ 15 KB
16 KB 17ms
15ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/USATSI_20392616-scaled.jpg?resize=600%2C313&ssl=1

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

7787f986b5a577248681c155fd3a6facd1bd35c606b16a79a21d14b96df1372e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 27 Oct 2023 11:32:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Oct 2023 08:01:35 GMT
server: nginx
etag: "711c6a1a269b4a27"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/USATSI_20392616-scaled.jpg>; rel="canonical"
content-length: 15516
expires: Fri, 24 Oct 2025 20:01:35 GMT

GET
H2 200 USATSI_21725537-scaled.jpg
i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/ 20 KB
20 KB 17ms
15ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/USATSI_21725537-scaled.jpg?resize=600%2C313&ssl=1

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

5fbd5ae496292dbc98dced1784b850fd25db5f22f65866a9abf4cb9dce0212a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 27 Oct 2023 11:32:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Oct 2023 02:07:46 GMT
server: nginx
etag: "6c58c89d7043f34e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/USATSI_21725537-scaled.jpg>; rel="canonical"
content-length: 20468
expires: Fri, 24 Oct 2025 14:07:46 GMT

GET
H2 200 USATSI_21503407-scaled.jpg
i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/09/ 27 KB
27 KB 17ms
15ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/09/USATSI_21503407-scaled.jpg?resize=600%2C313&ssl=1

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

222f4d8f5c826fa8760d5eca2d9ddff071714c5680a99f3afbf405ea4dc59c8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Fri, 27 Oct 2023 11:32:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 24 Oct 2023 22:15:48 GMT
server: nginx
etag: "29e66ffa1add5cd7"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/09/USATSI_21503407-scaled.jpg>; rel="canonical"
content-length: 27202
expires: Fri, 24 Oct 2025 10:15:48 GMT

GET
H2 200 lindstrom.jpeg
i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/ 22 KB
23 KB 17ms
15ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/lindstrom.jpeg?resize=600%2C313&ssl=1

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

475e8f240e689f58d71e08cc6ca95cdc6ebfae87deea992d868b234a8900a676

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Fri, 27 Oct 2023 11:32:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 24 Oct 2023 14:35:46 GMT
server: nginx
etag: "67a369b36d133ef5"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/lindstrom.jpeg>; rel="canonical"
content-length: 22928
expires: Fri, 24 Oct 2025 02:35:46 GMT

GET
H2 200 USATSI_20208548-scaled.jpg
i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/ 22 KB
22 KB 17ms
16ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/USATSI_20208548-scaled.jpg?resize=600%2C313&ssl=1

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

e8ca8283c01de3936abe3230466a4884be2e93bb64b033088ea2ddf518a5d92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Fri, 27 Oct 2023 11:32:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 24 Oct 2023 12:00:36 GMT
server: nginx
etag: "57904d001ad4752f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/USATSI_20208548-scaled.jpg>; rel="canonical"
content-length: 22336
expires: Fri, 24 Oct 2025 00:00:36 GMT

GET
H2 200 USATSI_20331882-scaled.jpg
i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/ 23 KB
23 KB 18ms
16ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/USATSI_20331882-scaled.jpg?resize=600%2C313&ssl=1

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

c6d2b738bd69f3e771a58c0fb82784ac5b2b9ba032bd3f91dcaba53ac3882ea3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:21 GMT
x-content-type-options: nosniff
x-optim-disabled: true
content-length: 23529
x-nc: HIT hhn 3
last-modified: Tue, 24 Oct 2023 10:02:13 GMT
server: nginx
etag: "1d8f5b3544b17c7d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/USATSI_20331882-scaled.jpg>; rel="canonical"
expires: Thu, 23 Oct 2025 22:02:13 GMT

GET
H2 200 USATSI_21540157-scaled.jpg
i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/ 15 KB
15 KB 18ms
16ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/USATSI_21540157-scaled.jpg?resize=600%2C313&ssl=1

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

4ec206375a28278a0d0fa5397ca63193f6f34702144529c194803304b65c0f84

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Fri, 27 Oct 2023 11:32:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 24 Oct 2023 08:06:37 GMT
server: nginx
etag: "cf84cb84d6ee7017"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.habseyesontheprize.com/wp-content/uploads/sites/29/2023/10/USATSI_21540157-scaled.jpg>; rel="canonical"
content-length: 15074
expires: Thu, 23 Oct 2025 20:06:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 58ms
29ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LNVN58D3TT

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

41c4b63c72df5a8d1b84978e3d13b5435315d8da4e32956e40a47b8d0cd3f82b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92522
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 27 Oct 2023 11:32:21 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 100ms
67ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9011305505618306

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b309cd2d63cd4364b51cd82f01a94ae5e33b8b888c7387837005e133fe3a1cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.habseyesontheprize.com/
Origin: https://www.habseyesontheprize.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51867
x-xss-protection: 0
server: cafe
etag: 18112486769758204636
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 27 Oct 2023 11:32:21 GMT

GET
H2 200 breeze-prefetch-links.min.js Show response
www.habseyesontheprize.com/wp-content/plugins/breeze/assets/js/js-front-end/ 864 B
706 B 103ms
98ms Script
application/javascript 104.248.51.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.habseyesontheprize.com/wp-content/plugins/breeze/assets/js/js-front-end/breeze-prefetch-links.min.js?m=1697662411
Requested by: Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.248.51.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1037083.cloudwaysapps.com
Software: nginx /
Resource Hash: e0f8d9203a084855ec3252ed54409199f6610b7352b507d00d5a01b0b94c0c1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:21 GMT
content-encoding: gzip
last-modified: Wed, 18 Oct 2023 20:53:31 GMT
server: nginx
etag: W/"653045cb-360"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 count.js Show response
cprod.apps.forfansnetwork.com/assets/js/ 22 KB
8 KB 328ms
99ms Script
application/javascript 138.197.227.182
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cprod.apps.forfansnetwork.com/assets/js/count.js

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.227.182 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

7dd6900939e384a29f7642d713b89d5d17d9e0efdec85bd6a341a79e40024266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: 7e310700-74bc-11ee-8bc4-4dd962fc471c
date: Fri, 27 Oct 2023 11:32:21 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 20:44:08 GMT
etag: W/"1f67-18a3de3b5c0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
content-language: en-US
cache-control: public, max-age=1800, s-max-age=604800
accept-ranges: bytes
content-length: 8039
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
www.habseyesontheprize.com/_jb_static/ 15 KB
5 KB 103ms
99ms Script
application/javascript 104.248.51.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.habseyesontheprize.com/_jb_static/??-eJy1jkEOgkAMRW/jSmwwgnFBPIopQ8FBpiXTAtHTi1GMiSsXrprfpu8/mPrECRuxQd8NjWeFlqxHd1nmaSSuJAIOJgHNvFsuiQ/YUOIqhsqrwTtuWl3DB9nOFEihllgjq03ipBsCQ6vAOPoGzcvX0+86Hd6uTyd9Cc2kqOQe+ERKpThS/EPPx2KmH0OR5od9nm93WbZyZZHeAbkIh7E=
Requested by: Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.248.51.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1037083.cloudwaysapps.com
Software: nginx /
Resource Hash: f0efb545afdfeafbe403407a22e4edb225a64c75ddf72a993425e91db103b32e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:21 GMT
content-encoding: gzip
last-modified: Wed, 18 Oct 2023 20:54:15 GMT
server: nginx
age: 18
x-page-optimize: cached
etag: "db0c613b7ec6d78ba2237ef9133854ea-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5121

GET
H2 200 e-202343.js Show response
stats.wp.com/ 7 KB
3 KB 46ms
11ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202343.js
Requested by: Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Fri, 27 Oct 2023 11:32:21 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/13576-1695421998473.3982
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 20 Oct 2024 23:49:16 GMT

GET
H2 200 umbrellajs Show response
cdn.jsdelivr.net/npm/ 8 KB
3 KB 56ms
19ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/umbrellajs

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f441cd0957482aa1fca749d678691f7e9bc427613bd52d0c4ee746ba8f7ea500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 21082
x-jsd-version: 3.3.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230135-FRA, cache-yyz4559-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"2046-th/JTL/LZvr/OL91CM8HsBqK44M"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GohO0SMAVhQRuFoYxmQj80%2BM8vRHk%2BNULAhr0K%2FXTgkcG8HM2ZdUeOaE23KWb1yvMhRSJ32vyLmyiP8OU%2BmgTPZzj5zqt7ZcXRKRj5cXaRPHb99NFpEmM8QDL6YzxL2Jqf2KpDkdH6vCHhU3wM0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 81ca9e30997e65c6-FRA

GET
H2 200 jquery-3.7.0.min.js Show response
code.jquery.com/ 85 KB
30 KB 43ms
13ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.7.0.min.js
Requested by: Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Request headers

Referer: https://www.habseyesontheprize.com/
Origin: https://www.habseyesontheprize.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:21 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2093130
x-cache: HIT, HIT
content-length: 30308
x-served-by: cache-lga13623-LGA, cache-fra-eddf8230042-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1698406341.207252,VS0,VE0
etag: W/"28feccc0-155a6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 27, 79697

GET
H2 200 /
www.habseyesontheprize.com/_jb_static/ 291 KB
48 KB 102ms
100ms Stylesheet
text/css 104.248.51.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.habseyesontheprize.com/_jb_static/??-eJyNj91uwjAMRt9mVwSLCYq4QDxL6rqdqfOjOKHq25PSXRRNm3aXT/mOfQxTNOxRSkcKqAoda4ZWAo5GuE02zaB5Fto79vta2MGWuCs46tiSkCOf30IUO1MyQoPF+X94/dvmNwiDz0snShnYV9AOjEZCDav0Yv+KZtVftX/DH6zFSr3RjyYmejBN65hYWmH8weWvqqTQh9Rbr3kKGKQ4D39vuVOOFseX2/d76d7c9dBczk3zeTydPrC9Hp4teZLm
Requested by: Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.248.51.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1037083.cloudwaysapps.com
Software: nginx /
Resource Hash: 5a8b48f7afa56d3af88fb60fd9d31ded04d917aefa363b2b4464b137b7034976

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:21 GMT
content-encoding: gzip
last-modified: Wed, 18 Oct 2023 20:54:15 GMT
server: nginx
age: 55
x-page-optimize: cached
etag: "9294470abb58eeedc8ec940fbaff7c05-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 49225

GET
H2 200 all.css
use.fontawesome.com/releases/v6.4.2/css/ 100 KB
23 KB 48ms
25ms Stylesheet
text/css 2606:4700:e0::ac40:660b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.4.2/css/all.css
Requested by: Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Request headers

Referer: https://www.habseyesontheprize.com/
Origin: https://www.habseyesontheprize.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CE8K77TF8NHW73BK
age: 1928716
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: QvQHxT5vXUG+iGVdtBvLDckAf0uJjTNzoegvYAbfGtVj3eEO4oplEp9f2ZhCvl8gF3tQW21OHPE=
last-modified: Tue, 01 Aug 2023 19:16:43 GMT
server: cloudflare
etag: W/"5222e06b77a1692fa2520a219840e6be"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i0BWe56WUb0yuWgSix7r5JyDhBOd4Bc2n1wVxd23HcYF9vLout9TETTHJrTWPPNVekcshf7RI4DMHme2Ba9Ur1WTlrrLNWMafBzkURww%2FyOBXSpM3pDzo25TLCaylxIU6AfwpKAXURoZJSLLOUxq83ID"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 81ca9e30ca66bbc8-FRA

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v6.4.2/css/ 27 KB
5 KB 49ms
27ms Stylesheet
text/css 2606:4700:e0::ac40:660b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.4.2/css/v4-shims.css
Requested by: Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e0a27c105caf20bd4cc76fe58f222d856ab8f626447846842dddca8ce7509ef

Request headers

Referer: https://www.habseyesontheprize.com/
Origin: https://www.habseyesontheprize.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CE8YVVGEBZE6F33E
age: 1928716
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: RkMfim4airkhDxOvm61vs/f0AGw8P4ZkjoDQmfDik/NW9CUaJIbOVHfnsveR30n2YQvSZGAEVco=
last-modified: Tue, 01 Aug 2023 19:16:43 GMT
server: cloudflare
etag: W/"665de85010641f678f0178a9d330a7af"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s13Vkj5kHvyuW%2F2XaVvB4Kd6q%2FAHTmMgrZ9Qt6LGMA85OeREc5y87A984TnXmejcQhwSguFiFWO668Bfm%2FKaTrK1%2FHAqvCxZINudEr8avvzbSSGJct7%2BC569wsHFAvvjID2mKcYK%2F8VK5y3g043NuPvH"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 81ca9e30ca6cbbc8-FRA

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 41ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.habseyesontheprize.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:19:05 GMT
x-content-type-options: nosniff
age: 61996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:19:05 GMT

GET
BLOB 200
OK 7bf95066-972d-47f5-8456-c8ec872a0498
https://www.habseyesontheprize.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.habseyesontheprize.com/7bf95066-972d-47f5-8456-c8ec872a0498
Requested by: Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

POST
H2 204 collect
region1.google-analytics.com/g/ 0
262 B 38ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LNVN58D3TT&gtm=45je3ap0v9164771155&_p=1635788178&gcd=11l1l1l1l1&cid=641861502.1698406341&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698406341&sct=1&seg=0&dl=https%3A%2F%2Fwww.habseyesontheprize.com%2F&dt=Habs%20Eyes%20on%20the%20Prize&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LNVN58D3TT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 11:32:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.habseyesontheprize.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
89 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5TP7XEK014&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LNVN58D3TT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b21a787b54d7ebbdd7d9f0ab8b0c44c2090c40969a0b26a7ba9de634ddc09622

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91099
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 27 Oct 2023 11:32:21 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/ 398 KB
135 KB 111ms
93ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9011305505618306&plah=www.habseyesontheprize.com&bust=31079248

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9011305505618306

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5834147fa545b7d548198ea6a4c5e856d8207fcab70dd4d3c806eb50babe27c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138072
x-xss-protection: 0
server: cafe
etag: 14850637779680729987
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 27 Oct 2023 11:32:21 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/ Frame 787C 10 KB
5 KB 36ms
7ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9011305505618306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.habseyesontheprize.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57779
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 26 Oct 2023 19:29:22 GMT
etag: 4569948109300706969
expires: Thu, 09 Nov 2023 19:29:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5TP7XEK014&gtm=45je3ap0v9110511144&_p=1635788178&gcd=11l1l1l1l1&cid=641861502.1698406341&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698406341&sct=1&seg=0&dl=https%3A%2F%2Fwww.habseyesontheprize.com%2F&dt=Habs%20Eyes%20on%20the%20Prize&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5TP7XEK014&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 11:32:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.habseyesontheprize.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 18ms
17ms Image
text/html 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-5TP7XEK014&v=3&t=t&pid=1479276831&cv=1&rv=3ap0&tc=15&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=www.habseyesontheprize.com%2F&tdp=G-5TP7XEK014;110511144;0;2;0&z=0

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:21 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 td
www.googletagmanager.com/ 0
15 B 126ms
125ms Image
image/gif 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=G-5TP7XEK014&v=3&t=t&pid=1479276831&cv=1&rv=3ap0&tc=15&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=www.habseyesontheprize.com%2F&tdp=G-5TP7XEK014;110511144;0;2;0&z=0
Requested by: Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 11:32:21 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 34ms
33ms Image
text/html 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-5TP7XEK014&v=3&t=t&pid=1479276831&cv=1&rv=3ap0&tc=15&es=1&e=gtm.init&eid=0&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ogtgooglesignals.1ccdgaregscope.1ccdemdownload.1ccdemform.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdgalast&z=0

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:21 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 34ms
33ms Image
text/html 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-5TP7XEK014&v=3&t=t&pid=1479276831&cv=1&rv=3ap0&tc=15&es=1&e=gtm.js&eid=1&h=Ag&tr=1gct&ti=1gct&z=0

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:21 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 42ms
41ms Image
text/html 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-5TP7XEK014&v=3&t=t&pid=1479276831&cv=1&rv=3ap0&tc=15&es=1&e=gtag.config&eid=7&h=Ag&z=0

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:21 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 43ms
42ms Image
text/html 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-5TP7XEK014&v=3&t=t&pid=1479276831&cv=1&rv=3ap0&tc=15&es=1&e=gtag.config&eid=8&u=AAAAAAAAAAAAACA&h=Ag&epr=1G.2G&z=0

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:21 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 411 B
610 B 39ms
15ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.habseyesontheprize.com&callback=_gfp_s_&client=ca-pub-9011305505618306

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9011305505618306&plah=www.habseyesontheprize.com&bust=31079248

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf75887ae76b99d4f3efaa8c83cfa5938619d8b649e9a47aea52156fa7f59b7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9266 211 KB
54 KB 870ms
869ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&adk=1812271804&adf=3025194257&lmt=1698399141&plaf=7%3A2&plat=1%3A16777216%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x810_l%7C140x810_r&format=0x0&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406341370&bpp=3&bdt=205&idt=206&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5725263893245&frm=20&pv=2&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=224

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa45f0cbf81974913a298a5bc9301039b553a65b5c0716fa0a5aac7f5ce0012e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.habseyesontheprize.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 54817
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 11:32:22 GMT
expires: Fri, 27 Oct 2023 11:32:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=FOOTER&id=colophon&cls=site-footer&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 11:32:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 count.js Show response
cprod.apps.forfansnetwork.com/api/story/ 420 B
511 B 118ms
114ms Script
text/javascript 138.197.227.182
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cprod.apps.forfansnetwork.com/api/story/count.js?callback=CoralCount.setCount&ref=aHR0cHM6Ly93d3cuaGFic2V5ZXNvbnRoZXByaXplLmNvbS9tYXJ0aW4tc3QtbG91aXMtbW9udHJlYWwtY2FuYWRpZW5zLWNvbWViYWNrLWxvY2tlci1yb29tLXNwZWVjaC1oYWJzLWJsdWUtamFja2V0cy1uZXdzLXNjb3JlLXJlY2FwLw%3D%3D&url=https%3A%2F%2Fwww.habseyesontheprize.com%2Fmartin-st-louis-montreal-canadiens-comeback-locker-room-speech-habs-blue-jackets-news-score-recap%2F

Requested by

Host: cprod.apps.forfansnetwork.com
URL: https://cprod.apps.forfansnetwork.com/assets/js/count.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.227.182 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

51ad60372f13f4013991dc42a1f1d6565b28bf345d2b53b5cc060ad04ba0ebec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: 7e4f1650-74bc-11ee-8bc4-4dd962fc471c
date: Fri, 27 Oct 2023 11:32:21 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
etag: W/"1a4-T7jLqSOp+B5pTuhq+14gQPTbYnE"
content-language: en-US
content-type: text/javascript; charset=utf-8
cache-control: no-store
content-length: 420
x-xss-protection: 1; mode=block

GET
H2 200 count.js Show response
cprod.apps.forfansnetwork.com/api/story/ 466 B
557 B 110ms
106ms Script
text/javascript 138.197.227.182
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cprod.apps.forfansnetwork.com/api/story/count.js?callback=CoralCount.setCount&ref=aHR0cHM6Ly93d3cuaGFic2V5ZXNvbnRoZXByaXplLmNvbS9tb250cmVhbC1jYW5hZGllbnMtbmhsLW5ld3MtcGVuYWx0eS1raWxsLXBvd2VyLXBsYXktZ3VzdGF2LWxpbmRzdHJvbS1zaGFuZS1waW50by1zdXNwZW5zaW9uLWJldHRpbmctcXVlYmVjLW5vcmRpcXVlcy1uaGwtZXhwYW5zaW9uLw%3D%3D&url=https%3A%2F%2Fwww.habseyesontheprize.com%2Fmontreal-canadiens-nhl-news-penalty-kill-power-play-gustav-lindstrom-shane-pinto-suspension-betting-quebec-nordiques-nhl-expansion%2F

Requested by

Host: cprod.apps.forfansnetwork.com
URL: https://cprod.apps.forfansnetwork.com/assets/js/count.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.227.182 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

ac10e191c73bf52d253ffa48f0ba9ad351e4414d4b7ec103a6e85d24f980ddc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: 7e4f3d61-74bc-11ee-8bc4-4dd962fc471c
date: Fri, 27 Oct 2023 11:32:21 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
etag: W/"1d2-3TTAwH9mnWyw9Pj26jGEVYhsrz4"
content-language: en-US
content-type: text/javascript; charset=utf-8
cache-control: no-store
content-length: 466
x-xss-protection: 1; mode=block

GET
H2 200 count.js Show response
cprod.apps.forfansnetwork.com/api/story/ 454 B
544 B 114ms
110ms Script
text/javascript 138.197.227.182
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cprod.apps.forfansnetwork.com/api/story/count.js?callback=CoralCount.setCount&ref=aHR0cHM6Ly93d3cuaGFic2V5ZXNvbnRoZXByaXplLmNvbS9tb250cmVhbC1jYW5hZGllbnMtY29sdW1idXMtYmx1ZS1qYWNrZXRzLXRvcC1zaXgtbWludXRlcy1jb2xlLWNhdWZpZWxkLWNvb3JkaW5hdGVzLXRoZS1jb21lYmFja21hdGhlc29uLXN1enVraS1tb250ZW1iZWF1bHQv&url=https%3A%2F%2Fwww.habseyesontheprize.com%2Fmontreal-canadiens-columbus-blue-jackets-top-six-minutes-cole-caufield-coordinates-the-comebackmatheson-suzuki-montembeault%2F

Requested by

Host: cprod.apps.forfansnetwork.com
URL: https://cprod.apps.forfansnetwork.com/assets/js/count.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.227.182 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

9f5f275915b87fd05dfff4f44d6fdf7f2ed626b25b66fe819f37e8c5ea46d77a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: 7e4f6470-74bc-11ee-8bc4-4dd962fc471c
date: Fri, 27 Oct 2023 11:32:21 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
etag: W/"1c6-1poGoRUR0ar7imM72GA/H4bCuuY"
content-language: en-US
content-type: text/javascript; charset=utf-8
cache-control: no-store
content-length: 454
x-xss-protection: 1; mode=block

GET
H2 200 count.js Show response
cprod.apps.forfansnetwork.com/api/story/ 439 B
530 B 115ms
112ms Script
text/javascript 138.197.227.182
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cprod.apps.forfansnetwork.com/api/story/count.js?callback=CoralCount.setCount&ref=aHR0cHM6Ly93d3cuaGFic2V5ZXNvbnRoZXByaXplLmNvbS9tb250cmVhbC1jYW5hZGllbnMtY29sdW1idXMtYmx1ZS1qYWNrZXRzLWdhbWUtdGhyZWFkLXJvc3RlcnMtbGluZXMtYW5kLWhvdy10by13YXRjaC10di1saXN0aW5ncy1vbmxpbmUtc3RyZWFtLw%3D%3D&url=https%3A%2F%2Fwww.habseyesontheprize.com%2Fmontreal-canadiens-columbus-blue-jackets-game-thread-rosters-lines-and-how-to-watch-tv-listings-online-stream%2F

Requested by

Host: cprod.apps.forfansnetwork.com
URL: https://cprod.apps.forfansnetwork.com/assets/js/count.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.227.182 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

0eb874fb1c33c2eed3c8d3d1c521400714925f38427d11d7e259992e6935d0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: 7e4f8b80-74bc-11ee-8bc4-4dd962fc471c
date: Fri, 27 Oct 2023 11:32:21 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
etag: W/"1b7-VTzDIwe1PbnfX3pNWY1eNVY3aWY"
content-language: en-US
content-type: text/javascript; charset=utf-8
cache-control: no-store
content-length: 439
x-xss-protection: 1; mode=block

GET
H2 200 count.js Show response
cprod.apps.forfansnetwork.com/api/story/ 439 B
526 B 118ms
115ms Script
text/javascript 138.197.227.182
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cprod.apps.forfansnetwork.com/api/story/count.js?callback=CoralCount.setCount&ref=aHR0cHM6Ly93d3cuaGFic2V5ZXNvbnRoZXByaXplLmNvbS9tb250cmVhbC1jYW5hZGllbnMtY29sdW1idXMtYmx1ZS1qYWNrZXRzLWdhbWUtcHJldmlldy1zdGFydC10aW1lLXRhbGUtb2YtdGhlLXRhcGUtYW5kLWhvdy10by13YXRjaC10di1saXN0aW5ncy8%3D&url=https%3A%2F%2Fwww.habseyesontheprize.com%2Fmontreal-canadiens-columbus-blue-jackets-game-preview-start-time-tale-of-the-tape-and-how-to-watch-tv-listings%2F

Requested by

Host: cprod.apps.forfansnetwork.com
URL: https://cprod.apps.forfansnetwork.com/assets/js/count.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.227.182 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

040bfc148967acabf788cdeeed5cb2533ccb209d70c4e899da5e40c678089dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: 7e4f8b82-74bc-11ee-8bc4-4dd962fc471c
date: Fri, 27 Oct 2023 11:32:21 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
etag: W/"1b7-xHSxgTt1ts2ITKK9RZj2rsikqYE"
content-language: en-US
content-type: text/javascript; charset=utf-8
cache-control: no-store
content-length: 439
x-xss-protection: 1; mode=block

GET
H2 200 count.js Show response
cprod.apps.forfansnetwork.com/api/story/ 411 B
501 B 146ms
143ms Script
text/javascript 138.197.227.182
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cprod.apps.forfansnetwork.com/api/story/count.js?callback=CoralCount.setCount&ref=aHR0cHM6Ly93d3cuaGFic2V5ZXNvbnRoZXByaXplLmNvbS9tb250cmVhbC1jYW5hZGllbnMtbmhsLW5ld3MtZHJhZnQtZGVjZW50cmFsaXphdGlvbi12b3RlLTIwMjQtbmhsLWRyYWZ0LWphY2staHVnaGVzLXN0YXRzLw%3D%3D&url=https%3A%2F%2Fwww.habseyesontheprize.com%2Fmontreal-canadiens-nhl-news-draft-decentralization-vote-2024-nhl-draft-jack-hughes-stats%2F

Requested by

Host: cprod.apps.forfansnetwork.com
URL: https://cprod.apps.forfansnetwork.com/assets/js/count.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.227.182 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

0e6dd2d19d5bafbfa50203aedbdb225291d4f762ded4b2f451478ef456304ebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: 7e4f3d60-74bc-11ee-8bc4-4dd962fc471c
date: Fri, 27 Oct 2023 11:32:21 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
etag: W/"19b-BuuQLqs8CQ0qH7NQqC2FaoSG6hY"
content-language: en-US
content-type: text/javascript; charset=utf-8
cache-control: no-store
content-length: 411
x-xss-protection: 1; mode=block

GET
H2 200 count.js Show response
cprod.apps.forfansnetwork.com/api/story/ 422 B
512 B 203ms
200ms Script
text/javascript 138.197.227.182
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cprod.apps.forfansnetwork.com/api/story/count.js?callback=CoralCount.setCount&ref=aHR0cHM6Ly93d3cuaGFic2V5ZXNvbnRoZXByaXplLmNvbS9maWxpcC1lcmlrc3Nvbi10ZWFtLXN3ZWRlbi1yb3N0ZXItZml2ZS1uYXRpb25zLXUyMC10b3VybmFtZW50LWN6ZWNoaWEtZmlubGFuZC1zd2l0emVybGFuZC1zbG92YWtpYS8%3D&url=https%3A%2F%2Fwww.habseyesontheprize.com%2Ffilip-eriksson-team-sweden-roster-five-nations-u20-tournament-czechia-finland-switzerland-slovakia%2F

Requested by

Host: cprod.apps.forfansnetwork.com
URL: https://cprod.apps.forfansnetwork.com/assets/js/count.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.227.182 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

1027f6016a63bb8691e834944302656fb55befe2a8b73aaac3c22a0bbeda0fcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: 7e4f6471-74bc-11ee-8bc4-4dd962fc471c
date: Fri, 27 Oct 2023 11:32:21 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
etag: W/"1a6-pjw0RcAN4guT73KYSaem5kETGSs"
content-language: en-US
content-type: text/javascript; charset=utf-8
cache-control: no-store
content-length: 422
x-xss-protection: 1; mode=block

GET
H2 200 count.js Show response
cprod.apps.forfansnetwork.com/api/story/ 383 B
504 B 108ms
105ms Script
text/javascript 138.197.227.182
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cprod.apps.forfansnetwork.com/api/story/count.js?callback=CoralCount.setCount&ref=aHR0cHM6Ly93d3cuaGFic2V5ZXNvbnRoZXByaXplLmNvbS9taWtlLW1hdGhlc29uLWdvYWwtaGlnaGxpZ2h0LWNhbmFkaWVucy1kZXZpbHMtcmVjYXAtcG9kY2FzdC1uZXdzLWhhYnMv&url=https%3A%2F%2Fwww.habseyesontheprize.com%2Fmike-matheson-goal-highlight-canadiens-devils-recap-podcast-news-habs%2F

Requested by

Host: cprod.apps.forfansnetwork.com
URL: https://cprod.apps.forfansnetwork.com/assets/js/count.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.227.182 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

51e44f753d8c920154293ce7e45af5e81bfa01abe31b4f917f025de18a9fa16f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: 7e4f8b81-74bc-11ee-8bc4-4dd962fc471c
date: Fri, 27 Oct 2023 11:32:21 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
etag: W/"17f-ksExpDuhLTTlpQ1AHHrt4b9Yv7M"
content-language: en-US
content-type: text/javascript; charset=utf-8
cache-control: no-store
content-length: 383
x-xss-protection: 1; mode=block

GET
H2 200 count.js Show response
cprod.apps.forfansnetwork.com/api/story/ 443 B
534 B 112ms
109ms Script
text/javascript 138.197.227.182
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cprod.apps.forfansnetwork.com/api/story/count.js?callback=CoralCount.setCount&ref=aHR0cHM6Ly93d3cuaGFic2V5ZXNvbnRoZXByaXplLmNvbS9tb250cmVhbC1jYW5hZGllbnMtbmhsLW5ld3MtanVzdGluLWJhcnJvbi1yb3N0ZXItc3BvdC1mbG9yaWFuLXhoZWthai1maWdodC10eWxlci10b2Zmb2xpLXRyYXZpcy1kZXJtb3R0LXByaWRlLXRhcGUv&url=https%3A%2F%2Fwww.habseyesontheprize.com%2Fmontreal-canadiens-nhl-news-justin-barron-roster-spot-florian-xhekaj-fight-tyler-toffoli-travis-dermott-pride-tape%2F

Requested by

Host: cprod.apps.forfansnetwork.com
URL: https://cprod.apps.forfansnetwork.com/assets/js/count.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.227.182 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

fa4d01f2c9021152b91e8811d7078e2c05b6e789630845acc29410c1d086a459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: 7e4fb290-74bc-11ee-8bc4-4dd962fc471c
date: Fri, 27 Oct 2023 11:32:21 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
etag: W/"1bb-RnCKQ1hNQEQKQaUSsnfYS4U6/Ak"
content-language: en-US
content-type: text/javascript; charset=utf-8
cache-control: no-store
content-length: 443
x-xss-protection: 1; mode=block

GET
H2 200 count.js Show response
cprod.apps.forfansnetwork.com/api/story/ 430 B
522 B 204ms
202ms Script
text/javascript 138.197.227.182
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cprod.apps.forfansnetwork.com/api/story/count.js?callback=CoralCount.setCount&ref=aHR0cHM6Ly93d3cuaGFic2V5ZXNvbnRoZXByaXplLmNvbS9tb250cmVhbC1jYW5hZGllbnMtbmV3LWplcnNleS1kZXZpbHMtdG9wLXNpeC1taW51dGVzLXJlY2FwLWhpZ2hsaWdodHMtY2F5ZGVuLXByaW1lYXUtc3RhcnQtbWlrZS1tYXRoZXNvbi8%3D&url=https%3A%2F%2Fwww.habseyesontheprize.com%2Fmontreal-canadiens-new-jersey-devils-top-six-minutes-recap-highlights-cayden-primeau-start-mike-matheson%2F

Requested by

Host: cprod.apps.forfansnetwork.com
URL: https://cprod.apps.forfansnetwork.com/assets/js/count.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.227.182 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

98a703c3bb6ac15c83cde15ad7920973b2e848c09e838cd6bf326637da5c977a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: 7e549490-74bc-11ee-8bc4-4dd962fc471c
date: Fri, 27 Oct 2023 11:32:21 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
etag: W/"1ae-Nm+8DK0cCq+8lVJ5n00iZZsZGFc"
content-language: en-US
content-type: text/javascript; charset=utf-8
cache-control: no-store
content-length: 430
x-xss-protection: 1; mode=block

GET
H2 200 count.js Show response
cprod.apps.forfansnetwork.com/api/story/ 431 B
522 B 144ms
141ms Script
text/javascript 138.197.227.182
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cprod.apps.forfansnetwork.com/api/story/count.js?callback=CoralCount.setCount&ref=aHR0cHM6Ly93d3cuaGFic2V5ZXNvbnRoZXByaXplLmNvbS9tb250cmVhbC1jYW5hZGllbnMtbmV3LWplcnNleS1kZXZpbHMtZ2FtZS10aHJlYWQtcm9zdGVycy1saW5lcy1hbmQtaG93LXRvLXdhdGNoLXR2LWxpc3RpbmdzLW9ubGluZS1zdHJlYW0v&url=https%3A%2F%2Fwww.habseyesontheprize.com%2Fmontreal-canadiens-new-jersey-devils-game-thread-rosters-lines-and-how-to-watch-tv-listings-online-stream%2F

Requested by

Host: cprod.apps.forfansnetwork.com
URL: https://cprod.apps.forfansnetwork.com/assets/js/count.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.227.182 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

f64e98064fc46903be3fcda60951aebf46c0876ac8609bb5686fbca23d47e124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: 7e54bba0-74bc-11ee-8bc4-4dd962fc471c
date: Fri, 27 Oct 2023 11:32:21 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
etag: W/"1af-7u294swEfJdrAqH3EQD/0GQekHg"
content-language: en-US
content-type: text/javascript; charset=utf-8
cache-control: no-store
content-length: 431
x-xss-protection: 1; mode=block

GET
H2 200 count.js Show response
cprod.apps.forfansnetwork.com/api/story/ 399 B
490 B 146ms
143ms Script
text/javascript 138.197.227.182
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cprod.apps.forfansnetwork.com/api/story/count.js?callback=CoralCount.setCount&ref=aHR0cHM6Ly93d3cuaGFic2V5ZXNvbnRoZXByaXplLmNvbS9tb250cmVhbC1jYW5hZGllbnMtcmVjYWxsLWd1c3Rhdi1saW5kc3Ryb20tb24tZW1lcmdlbmN5LWJhc2lzLWRhdmlkLXNhdmFyZC1pbmp1cnkv&url=https%3A%2F%2Fwww.habseyesontheprize.com%2Fmontreal-canadiens-recall-gustav-lindstrom-on-emergency-basis-david-savard-injury%2F

Requested by

Host: cprod.apps.forfansnetwork.com
URL: https://cprod.apps.forfansnetwork.com/assets/js/count.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.227.182 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

4f73a5aefa435a61102f5413f9e5dc3b480c05be780f12e653e521ca4f70040d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: 7e54e2b0-74bc-11ee-8bc4-4dd962fc471c
date: Fri, 27 Oct 2023 11:32:21 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
etag: W/"18f-NIT3FhMISB1IKE/Nvq9deweKhrU"
content-language: en-US
content-type: text/javascript; charset=utf-8
cache-control: no-store
content-length: 399
x-xss-protection: 1; mode=block

GET
H2 200 count.js Show response
cprod.apps.forfansnetwork.com/api/story/ 434 B
524 B 146ms
144ms Script
text/javascript 138.197.227.182
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cprod.apps.forfansnetwork.com/api/story/count.js?callback=CoralCount.setCount&ref=aHR0cHM6Ly93d3cuaGFic2V5ZXNvbnRoZXByaXplLmNvbS9tb250cmVhbC1jYW5hZGllbnMtbmV3LWplcnNleS1kZXZpbHMtZ2FtZS1wcmV2aWV3LXN0YXJ0LXRpbWUtdGFsZS1vZi10aGUtdGFwZS1hbmQtaG93LXRvLXdhdGNoLXR2LWxpc3RpbmdzLw%3D%3D&url=https%3A%2F%2Fwww.habseyesontheprize.com%2Fmontreal-canadiens-new-jersey-devils-game-preview-start-time-tale-of-the-tape-and-how-to-watch-tv-listings%2F

Requested by

Host: cprod.apps.forfansnetwork.com
URL: https://cprod.apps.forfansnetwork.com/assets/js/count.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.227.182 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

29697b182ec78c8a2c26bb7d2966bc01d7445c9954e63ad8a892cc3cb696b886

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: 7e54e2b1-74bc-11ee-8bc4-4dd962fc471c
date: Fri, 27 Oct 2023 11:32:21 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
etag: W/"1b2-bZIZcp0meo+vv2tdi6hSus8biq0"
content-language: en-US
content-type: text/javascript; charset=utf-8
cache-control: no-store
content-length: 434
x-xss-protection: 1; mode=block

GET
H2 200 count.js Show response
cprod.apps.forfansnetwork.com/api/story/ 434 B
521 B 203ms
201ms Script
text/javascript 138.197.227.182
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cprod.apps.forfansnetwork.com/api/story/count.js?callback=CoralCount.setCount&ref=aHR0cHM6Ly93d3cuaGFic2V5ZXNvbnRoZXByaXplLmNvbS9icmVuZGFuLWdhbGxhZ2hlci1zdGF0cy0yMDIzLW1vbnRyZWFsLWNhbmFkaWVucy1idWZmYWxvLXNhYnJlcy1oaWdobGlnaHRzLXJlY2FwLXBvZGNhc3QtaGFicy10cmFkZS1kZWFkbGluZS8%3D&url=https%3A%2F%2Fwww.habseyesontheprize.com%2Fbrendan-gallagher-stats-2023-montreal-canadiens-buffalo-sabres-highlights-recap-podcast-habs-trade-deadline%2F

Requested by

Host: cprod.apps.forfansnetwork.com
URL: https://cprod.apps.forfansnetwork.com/assets/js/count.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.227.182 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

46de8fef8b0d952cccf95aeab4f51c3f2c1306c2816014e6f51ade9cd1ebb0fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: 7e54e2b2-74bc-11ee-8bc4-4dd962fc471c
date: Fri, 27 Oct 2023 11:32:21 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
etag: W/"1b2-wzS7zgFE2SAnCDCwPr82E4o9BsU"
content-language: en-US
content-type: text/javascript; charset=utf-8
cache-control: no-store
content-length: 434
x-xss-protection: 1; mode=block

GET
H2 200 count.js Show response
cprod.apps.forfansnetwork.com/api/story/ 374 B
465 B 204ms
202ms Script
text/javascript 138.197.227.182
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cprod.apps.forfansnetwork.com/api/story/count.js?callback=CoralCount.setCount&ref=aHR0cHM6Ly93d3cuaGFic2V5ZXNvbnRoZXByaXplLmNvbS90dWVzZGF5LWhhYnMtaGVhZGxpbmVzLWNvbGUtY2F1ZmllbGRzLXNob3VsZGVyLWxvb2tzLWp1c3QtZmluZS8%3D&url=https%3A%2F%2Fwww.habseyesontheprize.com%2Ftuesday-habs-headlines-cole-caufields-shoulder-looks-just-fine%2F

Requested by

Host: cprod.apps.forfansnetwork.com
URL: https://cprod.apps.forfansnetwork.com/assets/js/count.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

138.197.227.182 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

dfef7ce44b32a775fb27858aa6d69cfdaf08524ed28f14564ef104a5709b84f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: 7e5509c0-74bc-11ee-8bc4-4dd962fc471c
date: Fri, 27 Oct 2023 11:32:21 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
etag: W/"176-2PIEAvV49wdwIOy9d8M4nuu5lfQ"
content-language: en-US
content-type: text/javascript; charset=utf-8
cache-control: no-store
content-length: 374
x-xss-protection: 1; mode=block

GET
H2 200 g.gif
pixel.wp.com/ 50 B
153 B 23ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=223096998&post=0&tz=-4&srv=www.habseyesontheprize.com&j=1%3A12.7&host=www.habseyesontheprize.com&ref=&fcp=753&rand=0.5471454312968447
Requested by: Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 27 Oct 2023 11:32:21 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 wp-emoji-release.min.js Show response
www.habseyesontheprize.com/wp-includes/js/ 18 KB
5 KB 100ms
98ms Script
application/javascript 104.248.51.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.habseyesontheprize.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
Requested by: Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.248.51.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1037083.cloudwaysapps.com
Software: nginx /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:21 GMT
content-encoding: gzip
last-modified: Tue, 27 Jun 2023 07:43:15 GMT
server: nginx
etag: W/"649a9313-4904"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 60ms
60ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231025&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c316bc34736acc1acac77a04de279d71fc043970bd00f40fa92cc5bbad6fef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12142
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/ 160 KB
55 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310260102/reactive_library_fy2021.js?bust=31079248

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ba4a8bfae608c3201b11856b8457a6cec714ef6f8067d3b1a06abad659f2d20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55815
x-xss-protection: 0
server: cafe
etag: 9107832860776617491
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Oct 2023 11:32:22 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 18FF 46 KB
17 KB 619ms
618ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2137320495&pi=t.aa~a.2318999906~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1360&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0&nras=2&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=L1igCWK7Jc&p=https%3A//www.habseyesontheprize.com&dtd=3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1352b869ce3f850407ecbdfab5b371dfd782c33a2780a9910540b46b2137733b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.habseyesontheprize.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17066
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 11:32:23 GMT
expires: Fri, 27 Oct 2023 11:32:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CD6B 46 KB
17 KB 416ms
416ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2338424597&pi=t.aa~a.3462012197~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280&nras=3&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7I68LMkGhF&p=https%3A//www.habseyesontheprize.com&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68b13ad654b2f1dbaa299f1b7d92f2b5e6a1ae275d6bb79e0f79199432329b9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.habseyesontheprize.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17168
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 11:32:22 GMT
expires: Fri, 27 Oct 2023 11:32:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2726 46 KB
17 KB 367ms
367ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=4183556756&pi=t.aa~a.3832280647~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280%2C535x280&nras=4&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qV3vXKXlYE&p=https%3A//www.habseyesontheprize.com&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccf4d4dbf9839916ee3373edcddcc405eb5596f7b6a00b13a423f6088c450f95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.habseyesontheprize.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16959
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 11:32:22 GMT
expires: Fri, 27 Oct 2023 11:32:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 607B 436 B
237 B 275ms
275ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=200&adk=311239313&adf=2512620225&pi=t.aa~a.4211497199~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x200&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=0&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280%2C535x280%2C535x280&nras=5&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=3452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=pvFYSmB1rE&p=https%3A//www.habseyesontheprize.com&dtd=21

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b3ce3b296a1160391697d1abc9e4bec50f20a0fd53a402f0bf8ec767239e988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.habseyesontheprize.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 11:32:22 GMT
expires: Fri, 27 Oct 2023 11:32:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 50ms
27ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 11:32:22 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/ Frame 1487 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.habseyesontheprize.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57837
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 26 Oct 2023 19:28:25 GMT
etag: 4569948109300706969
expires: Thu, 09 Nov 2023 19:28:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 1487 4 KB
767 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 27 Oct 2023 11:32:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 11:00:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 Oct 2023 11:32:22 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1487 205 B
651 B 30ms
8ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 15:33:28 GMT
x-content-type-options: nosniff
age: 503934
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 20 Oct 2024 15:33:28 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1487 604 B
696 B 31ms
9ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 09:35:28 GMT
x-content-type-options: nosniff
age: 439014
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 21 Oct 2024 09:35:28 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/ Frame 1487 15 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25bb559beb57a681fbcd6b749ea0c17ecf3939efc5127ac756520f819f0c8f9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66839
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6638
x-xss-protection: 0
server: cafe
etag: 5714928435844906340
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:58:23 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/ Frame 1487 20 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8598
x-xss-protection: 0
server: cafe
etag: 10300645532664441910
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:35:25 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0F3B 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.habseyesontheprize.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 11:02:21 GMT
expires: Sat, 26 Oct 2024 11:02:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 29DC 829 B
1 KB 40ms
18ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

53845d8ea0260a90ed3a12941e423bba4ec0ffc71155353dffaa6e5a7c8ce596

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fiVbuS49Nm1bJbiYbNTGMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.habseyesontheprize.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-fiVbuS49Nm1bJbiYbNTGMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 11:32:22 GMT
expires: Fri, 27 Oct 2023 11:32:22 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 css
fonts.googleapis.com/ Frame F5AA 14 KB
1 KB 19ms
19ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 27 Oct 2023 11:32:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 11:00:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 Oct 2023 11:32:22 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame F5AA 2 KB
825 B 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:14:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:14:38 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/ Frame F5AA 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:14:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:14:38 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 633E 143 B
166 B 9ms
8ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 504
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 11:23:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame F5AA 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:14:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:14:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame F5AA 20 KB
8 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:14:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:14:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F5AA 187 KB
59 KB 100ms
56ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 11:32:22 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame F5AA 36 KB
15 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 16:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 16:29:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 16:42:22 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F3B 38 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 16:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 153587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Oct 2024 16:52:35 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 29DC 0
0 42ms
41ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231025&jk=1060563691961383&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 633E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

20ms
20ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 11:32:22 GMT
expires: Fri, 27 Oct 2023 11:32:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 11:32:22 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0F3B 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?MzGh2g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 FZ9XXdmvjlIvw6QJ2t2pvLscGtIfNwGGEz70b-Okwhc.js Show response
pagead2.googlesyndication.com/bg/ Frame 7703 39 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FZ9XXdmvjlIvw6QJ2t2pvLscGtIfNwGGEz70b-Okwhc.js

Requested by

Host: www.habseyesontheprize.com
URL: https://www.habseyesontheprize.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

159f575dd9af8e522fc3a409dadda9bcbb1c1ad21f370186133ef46fe3a4c217

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 16:22:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 155397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15148
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Oct 2024 16:22:25 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 1EAA 2 KB
3 KB 83ms
44ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1ghvbk832q471evphczn42ghzz3kcggwxp33k7f15bpt3bvrw6b2askzpmx99fg87w1t62rkkhc8eq8yej6daq1cgwtme1tq71m391zr6hq6rq5n39ct9nfexfv1t3ztzt6trd9vc0ps9et0d5hhx65p5yftd2jr75egea4vxec2ptja4fzw324vs346agrdsshfgyrgq7ahhk59w92evw1v3k1sw2dm4xsd97sa3q3z43zp0jb8pn1xqkzpc3fxndj8wvy3hgbyda8g55qa8nkqh5s3qev91m2083dmh5bays4keez1q1dcxg5c4abv4azzqwtpqb91prz4ct2y88bc3wszv6dfezfv6rpemsnnhg17hwx69vjy5ab4v3mmjqywg3rkr5xtk3et37gwykq2j7a4gp84txwc11knwfxfe3kn8chfa&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSUGxxp87ZenII4XK6gSw_L7wCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCtNCCGX-5sT6oAwHIAwKqBIcCT9B-ZmKZXeyy1EzwMawzcCmoJPwu_qMUAyBTRy0WZYOg53mDYn40uCixNDAYTyqdl7iS_G4jA7V2RzDktIozolcmQol47Si_-TBubrNFVuNeaGaeDtri5axG50FjTc8Qr36optuokzgazmpZTzXdCYyRgHLX0SdwN6B4Gqmu1u7QkLRBqyGFCTxOLRbrBf0A3AtAol6uDAKcSe09z97W1hjTSoPQBPZpFiBhQc3n7pNPqTR91d3jw_S5EWNe4hauNOAZ0N_LOqPPrldvw6McFs7x1OG2rAH7IQ2xGb5mF-KbYqYeNIaMQyA1uLCzGMHuxM2UY-6L88Lw4ttUUGpZLE0PaG0bCyuABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_009JdYl7-E1h3hkpkG5wLRaQ2QaA%26client%3Dca-pub-9011305505618306%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=4183556756&pi=t.aa~a.3832280647~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280%2C535x280&nras=4&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qV3vXKXlYE&p=https%3A//www.habseyesontheprize.com&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c53361818f3c189539ab7be63777d934d40f5026a524705c728e8b272b70338b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 81ca9e3baf9a2c4b-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 11:32:23 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 8FA4 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:14:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:14:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 29D6 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 02:22:07 GMT
etag: 48472445140208031
expires: Sat, 28 Oct 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 8FA4 20 KB
8 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:14:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:14:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8FA4 0
0 17ms
15ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRBkcOY8RpKsTrCB3qqe4DNLlVnUbxI_b5AjIMPHisggaVb_oRf0OY_8jwK_vPpE4CdXt8-6BbUvkMojLuNX16i-GAPjw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=4183556756&pi=t.aa~a.3832280647~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280%2C535x280&nras=4&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qV3vXKXlYE&p=https%3A//www.habseyesontheprize.com&dtd=16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8FA4 187 KB
59 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 11:32:22 GMT

GET
DATA 200
OK truncated
/ Frame 8FA4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f794a07f80c949a36a85055d7e078fde235d13dc0ce01fc0f2061efe5c94d36

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 29D6
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJSBZxIYM9mo6BpLXUWkhrU&google_cver=1&google_push=AXcoOmQh_zWpOh07F_qpkGZu7-XjI9_nquOPnUv2GNXC0Fix3KxedECbSogOKaoG-WIqFBEfYPGo8yBy4rgZyjsK2TufdZz0UFE7bqwF
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=73A910ED26CF44AEBD3EEC4AC84EFCE5&google_push=AXcoOmQh_zWpOh07F_qpkGZu7-XjI9_nquOPnUv2GNXC0Fix3KxedECbSogOKaoG-WIqFBEfYPGo8yBy4rgZyjs...

170 B
232 B

19ms
18ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=73A910ED26CF44AEBD3EEC4AC84EFCE5&google_push=AXcoOmQh_zWpOh07F_qpkGZu7-XjI9_nquOPnUv2GNXC0Fix3KxedECbSogOKaoG-WIqFBEfYPGo8yBy4rgZyjsK2TufdZz0UFE7bqwF

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 11:32:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 27 Oct 2023 11:32:23 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=73A910ED26CF44AEBD3EEC4AC84EFCE5&google_push=AXcoOmQh_zWpOh07F_qpkGZu7-XjI9_nquOPnUv2GNXC0Fix3KxedECbSogOKaoG-WIqFBEfYPGo8yBy4rgZyjsK2TufdZz0UFE7bqwF
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 26 Oct 2023 11:32:23 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 29D6 70 B
149 B 114ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAxZjpI8VtbNOWrgfgCNNKA&google_cver=1&google_push=AXcoOmRcaSDqJi3MAONYTCODHJrd2Y9fQ6R_LBsgcfuRosv-QBCUBLG9Y1sNQPLz8C-xnt6nm-mJ3oBWxqcV-uba7Ni1mij1mQAML9Yz
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=4183556756&pi=t.aa~a.3832280647~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280%2C535x280&nras=4&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qV3vXKXlYE&p=https%3A//www.habseyesontheprize.com&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 29D6 0
187 B 71ms
14ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEEUh0UO7DP9l_KS4lFZyCrM&google_cver=1&google_push=AXcoOmR7KGNwHjFKpatalwrXaKnYb3Ng-yA9jZLQGXvnKZdQcmJGUjchIcy9PxoNX8tdWkMjr1pG6-nCJIoTFrglxKAhYg38spH7Tf4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=4183556756&pi=t.aa~a.3832280647~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280%2C535x280&nras=4&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qV3vXKXlYE&p=https%3A//www.habseyesontheprize.com&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 27 Oct 2023 11:32:22 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 29D6
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGOCWA4q02qhUQ4JsXXDACU&google_cver=1&google_push=AXcoOmQZUFQPZ5xiXUcSDJk-Al8ZoZQtTx5IXeWqan0fa8kqq1pCdrkdFZA9tqeGdI9Kxdqgrlo5cKoua9Z...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQZUFQPZ5xiXUcSDJk-Al8ZoZQtTx5IXeWqan0fa8kqq1pCdrkdFZA9tqeGdI9Kxdqgrlo5cKoua9Zg8TsXde0jELxfnObynPk&google_hm=HmYG_iAhTNeIcEewr...

170 B
329 B

20ms
19ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQZUFQPZ5xiXUcSDJk-Al8ZoZQtTx5IXeWqan0fa8kqq1pCdrkdFZA9tqeGdI9Kxdqgrlo5cKoua9Zg8TsXde0jELxfnObynPk&google_hm=HmYG_iAhTNeIcEewr9rBhio

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 11:32:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 Oct 2023 11:32:22 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQZUFQPZ5xiXUcSDJk-Al8ZoZQtTx5IXeWqan0fa8kqq1pCdrkdFZA9tqeGdI9Kxdqgrlo5cKoua9Zg8TsXde0jELxfnObynPk&google_hm=HmYG_iAhTNeIcEewr9rBhio
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 29D6
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESENXDZ5GauCiBzQ9fteGMfrQ&google_cver=1&google_push=AXcoOmR3MosXwxjaIsVo_vlSofDVHj3Q1QgRtn9ybzJTn2SGMT48LxSXGES0u-F7NoQNwV3zhK7XOqzTr-1TIy5IjKPGUsg...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESENXDZ5GauCiBzQ9fteGMfrQ&google_cver=1&google_push=AXcoOmR3MosXwxjaIsVo_vlSofDVHj3Q1QgRtn9ybzJTn2SGMT48LxSXGES0u-F7NoQNwV3zhK7XOqzTr-1TIy5IjKPGU...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR3MosXwxjaIsVo_vlSofDVHj3Q1QgRtn9ybzJTn2SGMT48LxSXGES0u-F7NoQNwV3zhK7XOqzTr-1TIy5IjKPGUsghkMGtI3gt

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR3MosXwxjaIsVo_vlSofDVHj3Q1QgRtn9ybzJTn2SGMT48LxSXGES0u-F7NoQNwV3zhK7XOqzTr-1TIy5IjKPGUsghkMGtI3gt

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 11:32:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR3MosXwxjaIsVo_vlSofDVHj3Q1QgRtn9ybzJTn2SGMT48LxSXGES0u-F7NoQNwV3zhK7XOqzTr-1TIy5IjKPGUsghkMGtI3gt
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 29D6 43 B
363 B 52ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQyqABbKRa2QTfQ2-xgGKBIxjc3j9M6OX4mgTl1p4fpNLQZypT75V22hSo2AIf_4XOTQu8G0p4MBktnTeaml6oboWhmJ7e2SE6R&google_gid=CAESEBV_bmNjMS9OyPD4DYAd_5g&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 11:32:22 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 197031
expires: Fri, 27 Oct 2023 00:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 29D6 42 B
213 B 50ms
17ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEA2mla-pCbHUpCW8FU2fHTM&google_push=AXcoOmQ6WiV-MmQPnC3eXGUnpoOQw1PI-3eVcfTrOzC0Mq-cjLGyXANG0fw-rAjhuyKKdVDTkxNLaG5zhmz-FGX2iGGRo_kquX4ajl6Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=4183556756&pi=t.aa~a.3832280647~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280%2C535x280&nras=4&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qV3vXKXlYE&p=https%3A//www.habseyesontheprize.com&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 29D6 0
139 B 55ms
15ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K6qPOe2rCwPd4GygLYgZmaHnP4w5ZaZob8d7Ba9MtnJ_oW_ziXR6GaLzSzc-mKrco4XxUq

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 13AE 2 KB
1 KB 53ms
51ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kw8mhab6516qgmrw7bjjhw804h9yzq19pyd47sybsh9q6q2wga067p9jbhkh77rkzdvyt6gpr9yc3sgywdt30vr1ac7w3h3vwfxxxt881nr7c8kgdrhm37crwvd6g0hwspy9yr3v6cxyfk0xs4ptf8egdkbbv2hr09qpda8tn2ev8w1wzd0pgec0yjykpkkn1jm57ezvaxbzk1v1jwzxg55jss103tpvfx2fbt2nrgf5pkjf43tg2g430xhgp6d4qjktf1mdydx2bvhw0apr0brksj0ce72gtvf6b540cttthm1d0qg0adf1vjph9ww3b7da4gyvfvrgpkv8wcn44nhwkw76ym4vj2zf3xv9spbrx08sgza5a8n190xdwf3yndvsv2actencvm1fv5arz9tvehkm35gkm6br6z5ngh63edp860wr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpw70xp87ZdaHI4a97gTX1KewB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9BhxQm0MMEFJSvs2WN3UC6Jcg5aDuMwKD5mte0fySaEG8DPT6BfUmSTI5BFdRA4W-tormxBXkFYYbJSvt9PenBFDi-IgOwwklJfouIRBdBnradwd5zTqCopPYg1UHaz2Zxj1RNgzgAlY4XAa-jT_XN8pHyeqI8lVoq0QxcO_2AZGUL56V4kHWuAphd261rNWyL11cv03mWSr3msICyjsU7yuKY0cFqY8x7GRiFTBZJHoetZh2z2iUuV6Y5hyMpjyLAtU8UUGhYEp05nYgRKXVWnrv1G5yR0gRRhLuy357ZPB5bbT9fkcE-CSMnWKR89nI5aCOblqPGnQAsiWuls_kLLKrf4L9eABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32CiART-WNyOqdCjL2INramiTOCQ%26client%3Dca-pub-9011305505618306%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2338424597&pi=t.aa~a.3462012197~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280&nras=3&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7I68LMkGhF&p=https%3A//www.habseyesontheprize.com&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bf0da0dace03ecb974eb98e1384d3bedbfc809193db0cc52197f9964cc862fa

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 81ca9e3baf9f2c4b-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 11:32:23 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 5CF4 3 KB
1 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2338424597&pi=t.aa~a.3462012197~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280&nras=3&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7I68LMkGhF&p=https%3A//www.habseyesontheprize.com&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:14:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:14:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F5EF 1 KB
643 B 10ms
8ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2338424597&pi=t.aa~a.3462012197~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280&nras=3&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7I68LMkGhF&p=https%3A//www.habseyesontheprize.com&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 02:22:07 GMT
etag: 48472445140208031
expires: Sat, 28 Oct 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 5CF4 20 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2338424597&pi=t.aa~a.3462012197~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280&nras=3&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7I68LMkGhF&p=https%3A//www.habseyesontheprize.com&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:14:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:14:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5CF4 0
0 17ms
16ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTd9_p45l3oHL5LH2utpJX5Rbw9f3UvdMmafOLvDxNVmWTPaxctjb9UG43hOO_3xPyMpZyH4n4YRxb1jvAayXBvuP0EDw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2338424597&pi=t.aa~a.3462012197~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280&nras=3&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7I68LMkGhF&p=https%3A//www.habseyesontheprize.com&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5CF4 187 KB
59 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2338424597&pi=t.aa~a.3462012197~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280&nras=3&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7I68LMkGhF&p=https%3A//www.habseyesontheprize.com&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 11:32:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8FA4 0
19 B 51ms
50ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CROHZxp87ZenII4XK6gSw_L7wCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCtNCCGX-5sT6oAwHIAwKqBIQCT9B-ZmKZXeyy1EzwMawzcCmoJPwu_qMUAyBTRy0WZYOg53mDYn40uCixNDAYTyqdl7iS_G4jA7V2RzDktIozolcmQol47Si_-TBubrNFVuNeaGaeDtri5axG50FjTc8Qr36optuokzgazmpZTzXdCYyRgHLX0SdwN6B4Gqmu1u7QkLRBqyGFCTxOLRbrBf0A3AtAol6uDAKcSe09z97W1hjTSoPQBPZpFiBhQc3n7pNPqTR91d3jw_S5EWNe4hauNOAZ0N_LOqPPrldvw6McFs7x1OG2rAH7IQ2xGb5mVeC68HHns8ZExGijYvkh6vj6zmCeTfZWcwC5cCPATkZB-ZGQKKWABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05MDExMzA1NTA1NjE4MzA2GAA&sigh=iT-FFbPXh4A&uach_m=[UACH]&cid=CAQSOwDICaaNHWD9XYnFju64F2d_gm9aB8TxnIzCnkjy_8MlxGwxUmNKuvlr6FWsUUfKa0AKr-HY6bssOdzaGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=4183556756&pi=t.aa~a.3832280647~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280%2C535x280&nras=4&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qV3vXKXlYE&p=https%3A//www.habseyesontheprize.com&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 27 Oct 2023 11:32:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 8FA4 0
103 B 55ms
17ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jf8cdg6hh93m4zt36jg47jt1wh8s9jg9w1qjrqx007ks7z4qmasrr6fb3y5cgg0dz1jcp1mg8rnppdvqf971m4835tn75vmg579mt480wtv7cb09aesy0rzk2k45b1b4ewhvph3fnf03szhenp655ypjg8gp4sr9qd5c7kgj23y6r0bn7pnw6ev7bb02wrjm54sh97e5p59f3n24sw4ef2tvzffr2dqn45yy8c9exed2e76epxvvpnjpw23pmy7w2s32jdnk8ew1gmr3vffkn4k94hwdbsg085nb5dmf34t3hkatxa6x0j7y409xte9pzgxrqc3097nqz09203q2yw7c4bydqht3wywp351jrzndqtvsdp2rqgpgn5f5n9m9xgj6z9jqw&b=ZTufxgAI5GkKmqUFAA--MO-1aEGq1u3BAbbMlA&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=4183556756&pi=t.aa~a.3832280647~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280%2C535x280&nras=4&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qV3vXKXlYE&p=https%3A//www.habseyesontheprize.com&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 27 Oct 2023 11:32:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 25ms
24ms Image
text/html 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-5TP7XEK014&v=3&t=t&pid=1479276831&cv=1&rv=3ap0&tc=15&es=1&e=gtm.load&eid=15&u=AgAAAAAAAAAAACA&h=Ag&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame F5EF
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESECMRoHqQ0Fdyn3CzdxoZQt0&google_cver=1&google_push=AXcoOmS3cajFQZ3RwUITngE9nRshg8Li_OfKpGr5--ns-11OGd4dQUEzzkhu5h_zL6uR1aIhJSU8ZFw4ykiWKVbvpZVJIzHYqK-37...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECMRoHqQ0Fdyn3CzdxoZQt0&google_cver=1&google_push=AXcoOmS3cajFQZ3RwUITngE9nRshg8Li_OfKpGr5--ns-11OGd4dQUEzzkhu5h_zL6uR1aIhJSU8ZFw4ykiWKVbvpZVJIzHYqK-...

43 B
428 B

183ms
172ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECMRoHqQ0Fdyn3CzdxoZQt0&google_cver=1&google_push=AXcoOmS3cajFQZ3RwUITngE9nRshg8Li_OfKpGr5--ns-11OGd4dQUEzzkhu5h_zL6uR1aIhJSU8ZFw4ykiWKVbvpZVJIzHYqK-37mM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS3cajFQZ3RwUITngE9nRshg8Li_OfKpGr5--ns-11OGd4dQUEzzkhu5h_zL6uR1aIhJSU8ZFw4ykiWKVbvpZVJIzHYqK-37mM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 11:32:23 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81ca9e3d581e4d64-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 Oct 2023 11:32:23 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 72
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECMRoHqQ0Fdyn3CzdxoZQt0&google_cver=1&google_push=AXcoOmS3cajFQZ3RwUITngE9nRshg8Li_OfKpGr5--ns-11OGd4dQUEzzkhu5h_zL6uR1aIhJSU8ZFw4ykiWKVbvpZVJIzHYqK-37mM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS3cajFQZ3RwUITngE9nRshg8Li_OfKpGr5--ns-11OGd4dQUEzzkhu5h_zL6uR1aIhJSU8ZFw4ykiWKVbvpZVJIzHYqK-37mM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81ca9e3c1e964d64-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F5EF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKGZ-3iiN_e-3MYa4hoqFZ0&google_push=AXcoOmSeK6zOcvD5lh_AVtbzWgEWNcqqdjitWpq_T6I2Egxe-30h0Xo5d3...

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKGZ-3iiN_e-3MYa4hoqFZ0&google_push=AXcoOmSeK6zOcvD5lh_AVtbzWgEWNcqqdjitWpq_T6I2Egxe-30h0Xo5d32SSArGCo0e1FQzFo95-mEXxPKI6UN2c5SNG1W4eL_uLGw

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 11:32:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230044-FRA
pragma: no-cache
date: Fri, 27 Oct 2023 11:32:23 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1698406343.099088,VS0,VE96
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKGZ-3iiN_e-3MYa4hoqFZ0&google_push=AXcoOmSeK6zOcvD5lh_AVtbzWgEWNcqqdjitWpq_T6I2Egxe-30h0Xo5d32SSArGCo0e1FQzFo95-mEXxPKI6UN2c5SNG1W4eL_uLGw
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame F5EF 70 B
148 B 56ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJnIExTRK7lTv2nHJNg48s4&google_cver=1&google_push=AXcoOmRl807CB8lsqWCLBH6kB4hMWrieEphAQOkHjrH-P5YfWGiXegU0GKHZbXL_TWvNwu3BoqQWXF8pZFwNrLiTGhzH6TQOfmYnQg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2338424597&pi=t.aa~a.3462012197~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280&nras=3&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7I68LMkGhF&p=https%3A//www.habseyesontheprize.com&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 451 466606.gif
id.rlcdn.com/ Frame F5EF 0
98 B 48ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmRAwAPJ6MQVLVt6B4kyTPkPi4liFNHzIGG64iLiP9rPE8Xj11Hl6ShEuFy9GDKRl-FSIun8-rFjpqCy7WfRUh9vMJD8N0z0XU4&google_gid=CAESEBhOtzdq_g1Hcxi2lWekZ4A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2338424597&pi=t.aa~a.3462012197~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280&nras=3&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7I68LMkGhF&p=https%3A//www.habseyesontheprize.com&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F5EF
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECqzAJJt8SwEhfflF1GhyWo&google_cver=1&google_push=AXcoOmRQ436P8uAuONZcbrk4BIrI8pgCD6VvMb0huCOHPbOWjDXfq_jT_mvPpB4-5Beu-5lQFVQ0x_seBeVFiN--PFOJxRz...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRQ436P8uAuONZcbrk4BIrI8pgCD6VvMb0huCOHPbOWjDXfq_jT_mvPpB4-5Beu-5lQFVQ0x_seBeVFiN--PFOJxRzlSVjAu7A&google_hm=eS10U21qOXVoRTJwRjd...

170 B
188 B

21ms
21ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRQ436P8uAuONZcbrk4BIrI8pgCD6VvMb0huCOHPbOWjDXfq_jT_mvPpB4-5Beu-5lQFVQ0x_seBeVFiN--PFOJxRzlSVjAu7A&google_hm=eS10U21qOXVoRTJwRjdUTXJmSjBhR1ZMTVNrY0NFVERuM35B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2338424597&pi=t.aa~a.3462012197~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280&nras=3&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7I68LMkGhF&p=https%3A//www.habseyesontheprize.com&dtd=12

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 11:32:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 27 Oct 2023 11:32:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRQ436P8uAuONZcbrk4BIrI8pgCD6VvMb0huCOHPbOWjDXfq_jT_mvPpB4-5Beu-5lQFVQ0x_seBeVFiN--PFOJxRzlSVjAu7A&google_hm=eS10U21qOXVoRTJwRjdUTXJmSjBhR1ZMTVNrY0NFVERuM35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F5EF
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA5Z4DxHU3EtQfSg-z6JqvU&google_cver=1&google_push=AXcoOmR1KKglg5GMJmrml-JVUlWnteMYglsZiLS8DW8HoY0zGyQM8nQivT6eOH44g4GEcpASIdJCH-bK...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEA5Z4DxHU3EtQfSg-z6JqvU&google_cver=1&google_push=AXcoOmR1KKglg5GMJmrml-JVUlWnteMYglsZiLS8DW8HoY0zGyQM8nQivT6eOH44g4GEcpASIdJ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjAxNjUzMzI5NDMyNTgzOTAwMA&google_push=AXcoOmR1KKglg5GMJmrml-JVUlWnteMYglsZiLS8DW8HoY0zGyQM8nQivT6eOH44g4GEcpASIdJCH-...

170 B
188 B

24ms
23ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjAxNjUzMzI5NDMyNTgzOTAwMA&google_push=AXcoOmR1KKglg5GMJmrml-JVUlWnteMYglsZiLS8DW8HoY0zGyQM8nQivT6eOH44g4GEcpASIdJCH-bKyZPldwXEKr98swiN8FNtNyg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2338424597&pi=t.aa~a.3462012197~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280&nras=3&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7I68LMkGhF&p=https%3A//www.habseyesontheprize.com&dtd=12

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 11:32:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 Oct 2023 11:32:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjAxNjUzMzI5NDMyNTgzOTAwMA&google_push=AXcoOmR1KKglg5GMJmrml-JVUlWnteMYglsZiLS8DW8HoY0zGyQM8nQivT6eOH44g4GEcpASIdJCH-bKyZPldwXEKr98swiN8FNtNyg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F5EF
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKS0WT6MGy4GAr7rGlNCjRA&google_cver=1&google_push=AXcoOmQCJzfzCFhIOZcQqmKhVazmCiwM9IvTTPThfk9vuHGDFFdMUJd1RwKHtyjD0SsZXSovSM6OlSa4bPlg...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQCJzfzCFhIOZcQqmKhVazmCiwM9IvTTPThfk9vuHGDFFdMUJd1RwKHtyjD0SsZXSovSM6OlSa4bPlgbXhBQKeIIkEf_TEMx_o

170 B
188 B

24ms
23ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQCJzfzCFhIOZcQqmKhVazmCiwM9IvTTPThfk9vuHGDFFdMUJd1RwKHtyjD0SsZXSovSM6OlSa4bPlgbXhBQKeIIkEf_TEMx_o

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2338424597&pi=t.aa~a.3462012197~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280&nras=3&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7I68LMkGhF&p=https%3A//www.habseyesontheprize.com&dtd=12

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 11:32:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQCJzfzCFhIOZcQqmKhVazmCiwM9IvTTPThfk9vuHGDFFdMUJd1RwKHtyjD0SsZXSovSM6OlSa4bPlgbXhBQKeIIkEf_TEMx_o
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F5EF 0
49 B 27ms
26ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J5lgRby2RzR0U9cJ7W5LJrZvS5PtEXFV4Zij-_j4F2xv1oipvA4ns5WLoN_5XXiW10f9ql

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2338424597&pi=t.aa~a.3462012197~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280&nras=3&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7I68LMkGhF&p=https%3A//www.habseyesontheprize.com&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame 1EAA 115 KB
14 KB 30ms
26ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ghvbk832q471evphczn42ghzz3kcggwxp33k7f15bpt3bvrw6b2askzpmx99fg87w1t62rkkhc8eq8yej6daq1cgwtme1tq71m391zr6hq6rq5n39ct9nfexfv1t3ztzt6trd9vc0ps9et0d5hhx65p5yftd2jr75egea4vxec2ptja4fzw324vs346agrdsshfgyrgq7ahhk59w92evw1v3k1sw2dm4xsd97sa3q3z43zp0jb8pn1xqkzpc3fxndj8wvy3hgbyda8g55qa8nkqh5s3qev91m2083dmh5bays4keez1q1dcxg5c4abv4azzqwtpqb91prz4ct2y88bc3wszv6dfezfv6rpemsnnhg17hwx69vjy5ab4v3mmjqywg3rkr5xtk3et37gwykq2j7a4gp84txwc11knwfxfe3kn8chfa&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSUGxxp87ZenII4XK6gSw_L7wCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCtNCCGX-5sT6oAwHIAwKqBIcCT9B-ZmKZXeyy1EzwMawzcCmoJPwu_qMUAyBTRy0WZYOg53mDYn40uCixNDAYTyqdl7iS_G4jA7V2RzDktIozolcmQol47Si_-TBubrNFVuNeaGaeDtri5axG50FjTc8Qr36optuokzgazmpZTzXdCYyRgHLX0SdwN6B4Gqmu1u7QkLRBqyGFCTxOLRbrBf0A3AtAol6uDAKcSe09z97W1hjTSoPQBPZpFiBhQc3n7pNPqTR91d3jw_S5EWNe4hauNOAZ0N_LOqPPrldvw6McFs7x1OG2rAH7IQ2xGb5mF-KbYqYeNIaMQyA1uLCzGMHuxM2UY-6L88Lw4ttUUGpZLE0PaG0bCyuABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_009JdYl7-E1h3hkpkG5wLRaQ2QaA%26client%3Dca-pub-9011305505618306%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1ghvbk832q471evphczn42ghzz3kcggwxp33k7f15bpt3bvrw6b2askzpmx99fg87w1t62rkkhc8eq8yej6daq1cgwtme1tq71m391zr6hq6rq5n39ct9nfexfv1t3ztzt6trd9vc0ps9et0d5hhx65p5yftd2jr75egea4vxec2ptja4fzw324vs346agrdsshfgyrgq7ahhk59w92evw1v3k1sw2dm4xsd97sa3q3z43zp0jb8pn1xqkzpc3fxndj8wvy3hgbyda8g55qa8nkqh5s3qev91m2083dmh5bays4keez1q1dcxg5c4abv4azzqwtpqb91prz4ct2y88bc3wszv6dfezfv6rpemsnnhg17hwx69vjy5ab4v3mmjqywg3rkr5xtk3et37gwykq2j7a4gp84txwc11knwfxfe3kn8chfa&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSUGxxp87ZenII4XK6gSw_L7wCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCtNCCGX-5sT6oAwHIAwKqBIcCT9B-ZmKZXeyy1EzwMawzcCmoJPwu_qMUAyBTRy0WZYOg53mDYn40uCixNDAYTyqdl7iS_G4jA7V2RzDktIozolcmQol47Si_-TBubrNFVuNeaGaeDtri5axG50FjTc8Qr36optuokzgazmpZTzXdCYyRgHLX0SdwN6B4Gqmu1u7QkLRBqyGFCTxOLRbrBf0A3AtAol6uDAKcSe09z97W1hjTSoPQBPZpFiBhQc3n7pNPqTR91d3jw_S5EWNe4hauNOAZ0N_LOqPPrldvw6McFs7x1OG2rAH7IQ2xGb5mF-KbYqYeNIaMQyA1uLCzGMHuxM2UY-6L88Lw4ttUUGpZLE0PaG0bCyuABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_009JdYl7-E1h3hkpkG5wLRaQ2QaA%26client%3Dca-pub-9011305505618306%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18303
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Sep 2023 09:43:56 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUs9MOGwIlyK7tzLtk7EQ4fIkFZszeu7fNW5hT%2FcYCDpeiJBE67Gh3EhwmO20sZXkq3DUIJnnASmSLGhJesj02bxhpPqYGHM13W%2FmalrFsCo48gYmyzNe01BCfoxdhfT%2BXBuCOvG0vs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 81ca9e3bf8382c4b-FRA
expires: Fri, 27 Oct 2023 12:32:23 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 1EAA 25 KB
10 KB 44ms
26ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ghvbk832q471evphczn42ghzz3kcggwxp33k7f15bpt3bvrw6b2askzpmx99fg87w1t62rkkhc8eq8yej6daq1cgwtme1tq71m391zr6hq6rq5n39ct9nfexfv1t3ztzt6trd9vc0ps9et0d5hhx65p5yftd2jr75egea4vxec2ptja4fzw324vs346agrdsshfgyrgq7ahhk59w92evw1v3k1sw2dm4xsd97sa3q3z43zp0jb8pn1xqkzpc3fxndj8wvy3hgbyda8g55qa8nkqh5s3qev91m2083dmh5bays4keez1q1dcxg5c4abv4azzqwtpqb91prz4ct2y88bc3wszv6dfezfv6rpemsnnhg17hwx69vjy5ab4v3mmjqywg3rkr5xtk3et37gwykq2j7a4gp84txwc11knwfxfe3kn8chfa&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSUGxxp87ZenII4XK6gSw_L7wCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCtNCCGX-5sT6oAwHIAwKqBIcCT9B-ZmKZXeyy1EzwMawzcCmoJPwu_qMUAyBTRy0WZYOg53mDYn40uCixNDAYTyqdl7iS_G4jA7V2RzDktIozolcmQol47Si_-TBubrNFVuNeaGaeDtri5axG50FjTc8Qr36optuokzgazmpZTzXdCYyRgHLX0SdwN6B4Gqmu1u7QkLRBqyGFCTxOLRbrBf0A3AtAol6uDAKcSe09z97W1hjTSoPQBPZpFiBhQc3n7pNPqTR91d3jw_S5EWNe4hauNOAZ0N_LOqPPrldvw6McFs7x1OG2rAH7IQ2xGb5mF-KbYqYeNIaMQyA1uLCzGMHuxM2UY-6L88Lw4ttUUGpZLE0PaG0bCyuABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_009JdYl7-E1h3hkpkG5wLRaQ2QaA%26client%3Dca-pub-9011305505618306%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 18302
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZP3WIxQpn6tLlKMPIriLYdAgwYwYhvEBZIdi%2FrlIjN46LZwk45yQ2AO1vwogxYsruVxb7WQgIq7EvUPfv7zjIRQvqopO70pmDSRiWKd9NKUoRgBGkq4WhHlraX3NVkOLKtrvYI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 81ca9e3c08592c4b-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 27 Oct 2023 06:27:21 GMT

GET
DATA 200
OK truncated
/ Frame 5CF4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b9a58b4a66a16f2ab633c3fab7cf1df77293cb2b5f6761fb5f8d88906e74287

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame 13AE 115 KB
13 KB 22ms
22ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kw8mhab6516qgmrw7bjjhw804h9yzq19pyd47sybsh9q6q2wga067p9jbhkh77rkzdvyt6gpr9yc3sgywdt30vr1ac7w3h3vwfxxxt881nr7c8kgdrhm37crwvd6g0hwspy9yr3v6cxyfk0xs4ptf8egdkbbv2hr09qpda8tn2ev8w1wzd0pgec0yjykpkkn1jm57ezvaxbzk1v1jwzxg55jss103tpvfx2fbt2nrgf5pkjf43tg2g430xhgp6d4qjktf1mdydx2bvhw0apr0brksj0ce72gtvf6b540cttthm1d0qg0adf1vjph9ww3b7da4gyvfvrgpkv8wcn44nhwkw76ym4vj2zf3xv9spbrx08sgza5a8n190xdwf3yndvsv2actencvm1fv5arz9tvehkm35gkm6br6z5ngh63edp860wr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpw70xp87ZdaHI4a97gTX1KewB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9BhxQm0MMEFJSvs2WN3UC6Jcg5aDuMwKD5mte0fySaEG8DPT6BfUmSTI5BFdRA4W-tormxBXkFYYbJSvt9PenBFDi-IgOwwklJfouIRBdBnradwd5zTqCopPYg1UHaz2Zxj1RNgzgAlY4XAa-jT_XN8pHyeqI8lVoq0QxcO_2AZGUL56V4kHWuAphd261rNWyL11cv03mWSr3msICyjsU7yuKY0cFqY8x7GRiFTBZJHoetZh2z2iUuV6Y5hyMpjyLAtU8UUGhYEp05nYgRKXVWnrv1G5yR0gRRhLuy357ZPB5bbT9fkcE-CSMnWKR89nI5aCOblqPGnQAsiWuls_kLLKrf4L9eABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32CiART-WNyOqdCjL2INramiTOCQ%26client%3Dca-pub-9011305505618306%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kw8mhab6516qgmrw7bjjhw804h9yzq19pyd47sybsh9q6q2wga067p9jbhkh77rkzdvyt6gpr9yc3sgywdt30vr1ac7w3h3vwfxxxt881nr7c8kgdrhm37crwvd6g0hwspy9yr3v6cxyfk0xs4ptf8egdkbbv2hr09qpda8tn2ev8w1wzd0pgec0yjykpkkn1jm57ezvaxbzk1v1jwzxg55jss103tpvfx2fbt2nrgf5pkjf43tg2g430xhgp6d4qjktf1mdydx2bvhw0apr0brksj0ce72gtvf6b540cttthm1d0qg0adf1vjph9ww3b7da4gyvfvrgpkv8wcn44nhwkw76ym4vj2zf3xv9spbrx08sgza5a8n190xdwf3yndvsv2actencvm1fv5arz9tvehkm35gkm6br6z5ngh63edp860wr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpw70xp87ZdaHI4a97gTX1KewB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9BhxQm0MMEFJSvs2WN3UC6Jcg5aDuMwKD5mte0fySaEG8DPT6BfUmSTI5BFdRA4W-tormxBXkFYYbJSvt9PenBFDi-IgOwwklJfouIRBdBnradwd5zTqCopPYg1UHaz2Zxj1RNgzgAlY4XAa-jT_XN8pHyeqI8lVoq0QxcO_2AZGUL56V4kHWuAphd261rNWyL11cv03mWSr3msICyjsU7yuKY0cFqY8x7GRiFTBZJHoetZh2z2iUuV6Y5hyMpjyLAtU8UUGhYEp05nYgRKXVWnrv1G5yR0gRRhLuy357ZPB5bbT9fkcE-CSMnWKR89nI5aCOblqPGnQAsiWuls_kLLKrf4L9eABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32CiART-WNyOqdCjL2INramiTOCQ%26client%3Dca-pub-9011305505618306%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18303
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Sep 2023 09:43:56 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hkysKChVl66vRVqSamMFBKMi%2FhRN%2FsyLX24BMOLlmhRTxPdubkMLKZ28SIroPWBM0Eg7el5hJuANhYbly68%2B%2F60Kr4HxRSvChyoOqb3%2Bv4%2FVuqVeJJTfARRUbXVSd%2BFfRDyOk8lgBs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 81ca9e3c08432c4b-FRA
expires: Fri, 27 Oct 2023 12:32:23 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 13AE 25 KB
10 KB 44ms
37ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kw8mhab6516qgmrw7bjjhw804h9yzq19pyd47sybsh9q6q2wga067p9jbhkh77rkzdvyt6gpr9yc3sgywdt30vr1ac7w3h3vwfxxxt881nr7c8kgdrhm37crwvd6g0hwspy9yr3v6cxyfk0xs4ptf8egdkbbv2hr09qpda8tn2ev8w1wzd0pgec0yjykpkkn1jm57ezvaxbzk1v1jwzxg55jss103tpvfx2fbt2nrgf5pkjf43tg2g430xhgp6d4qjktf1mdydx2bvhw0apr0brksj0ce72gtvf6b540cttthm1d0qg0adf1vjph9ww3b7da4gyvfvrgpkv8wcn44nhwkw76ym4vj2zf3xv9spbrx08sgza5a8n190xdwf3yndvsv2actencvm1fv5arz9tvehkm35gkm6br6z5ngh63edp860wr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpw70xp87ZdaHI4a97gTX1KewB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9BhxQm0MMEFJSvs2WN3UC6Jcg5aDuMwKD5mte0fySaEG8DPT6BfUmSTI5BFdRA4W-tormxBXkFYYbJSvt9PenBFDi-IgOwwklJfouIRBdBnradwd5zTqCopPYg1UHaz2Zxj1RNgzgAlY4XAa-jT_XN8pHyeqI8lVoq0QxcO_2AZGUL56V4kHWuAphd261rNWyL11cv03mWSr3msICyjsU7yuKY0cFqY8x7GRiFTBZJHoetZh2z2iUuV6Y5hyMpjyLAtU8UUGhYEp05nYgRKXVWnrv1G5yR0gRRhLuy357ZPB5bbT9fkcE-CSMnWKR89nI5aCOblqPGnQAsiWuls_kLLKrf4L9eABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32CiART-WNyOqdCjL2INramiTOCQ%26client%3Dca-pub-9011305505618306%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 18302
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVXy0yI2y6AHxT85hPxAnG7hEleenX8wDaiVG8OQLu%2FyvhQigbs%2FqTl3E8kDYeqA4%2FH%2Bn%2FFMlz5jj30q7OQ%2FFVw1WDcxFUsX0wmWCATt0wI2iizaWuKKIYxfAo6RogpXpOeiffk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 81ca9e3c08552c4b-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 27 Oct 2023 06:27:21 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1EAA 3 KB
3 KB 60ms
24ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3495
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cl5MpmnVw%2FIyBTRvZe71A3ZpnCHpz8vD5JjvoKMvsJk9grFS82uZnfN4zlVJH%2Besmq7QYqZMs8ZmbA7XB%2FF6Hjs6Nl4AN%2FZS6bodTY0IA2X%2FHPFZtlWkFUSOcdxG%2FX2JoprGeiKmS%2Bu1ZeIr%2FDoeX3t8"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 81ca9e3c8ed2bbec-FRA
expires: Fri, 27 Oct 2023 11:21:17 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 0A12 2 KB
2 KB 20ms
19ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 858514
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 81ca9e3c5a1e1cbd-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 27 Oct 2023 11:32:23 GMT
expires: Tue, 17 Oct 2023 13:36:06 GMT
last-modified: Tue, 17 Oct 2023 09:43:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lI%2BL4hzva996DOJ36V8BMGekmXGxddy%2Fhx1roT5%2F3ELPwNBi7GSNoxFitq6JV%2FGJDH0l%2B6kS%2BSWAmm2n0hzOI28xaVLCKFTRHBVww88HtphqidgvGC7MRssakWVAVmPK55WkVu4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 13AE 3 KB
4 KB 48ms
21ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3495
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfT6fHo0KwlAfHSMomkHwWgqYcomAuRMbeFZQLifoqikl03ry9A5H03HwH%2FzNtypvIZ5BrrZXpB5mCtKDXXQox5Ly1j%2BQ%2FdkyQIcBxjDvHskfWIw9BusKVrnnELN4e5VWb2mHpKRyzE8JrWjnQi4V1By"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 81ca9e3c8ed1bbec-FRA
expires: Fri, 27 Oct 2023 11:21:17 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 1478 2 KB
2 KB 32ms
32ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 858514
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 81ca9e3c6a2f1cbd-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 27 Oct 2023 11:32:23 GMT
expires: Tue, 17 Oct 2023 13:36:06 GMT
last-modified: Tue, 17 Oct 2023 09:43:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVqjUzEqHupr%2BKJRYYeliVRLQxQZqlRJbS23Uq9%2BlPRcUyTa7PnfaiVYcqU%2F6XVbaenYHJROqyFiwvcSsZHIqXpausBJEvLxA7mBfkyd88lNSSHmvczEN2NK3%2F%2FS1wzasxwKmlc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 1EAA 2 KB
2 KB 33ms
32ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc50ddd505ed71257591be0b7ffa37b3b3bb0890f9dbf66aeebd23512f3bc1a1

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CdMT6F7gBIZeoTqhczYynBpQIfqeyG1mmdd8Ph%2BXXKHIx2uvs3q70QtAD2n%2FiGel9sPpVl9G4D46gaY0qGzzlq%2BAcZs1nzsahXD83djdjTktzEeAcUHFcU0KHJpBh65Iaik38go%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 81ca9e3cda374d85-FRA
x-backend-server: aa-reachservice-group-europe-west1-fwqs
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 48ms
34ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81ca9e3c99e64d85-FRA
content-length: 24
content-type: text/plain
date: Fri, 27 Oct 2023 11:32:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sY8DYSwYA%2BcorvBMeCgdF42JmSkPyYmzUzJtRpUqEPmLNod7PRMHiJXgaaKe1bVmHyNudm7P9c8Sd%2BrzwdTZHWLSLQzpg2PcmCAWPaYqstRa6NmXTgARowJ5S3Eaa20gGfztwVk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-fwqs

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5CF4 0
19 B 52ms
51ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Czy28xp87ZdaHI4a97gTX1KewB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIQCT9BhxQm0MMEFJSvs2WN3UC6Jcg5aDuMwKD5mte0fySaEG8DPT6BfUmSTI5BFdRA4W-tormxBXkFYYbJSvt9PenBFDi-IgOwwklJfouIRBdBnradwd5zTqCopPYg1UHaz2Zxj1RNgzgAlY4XAa-jT_XN8pHyeqI8lVoq0QxcO_2AZGUL56V4kHWuAphd261rNWyL11cv03mWSr3msICyjsU7yuKY0cFqY8x7GRiFTBZJHoetZh2z2iUuV6Y5hyMpjyLAtU8UUGhYEp05nYgRKXVWnrv1G5yR0gRRhLuy3pbRulUEiyJcs9wcUkoBE2yYpliNQJv44KDPu0vO2RMV0K55Uan-ABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05MDExMzA1NTA1NjE4MzA2GAA&sigh=MxuLsw8fXbA&uach_m=[UACH]&cid=CAQSOwDICaaNO_taAWGXHmiIUdxZsi5E-cFjAFUB23tTUbfMdHjzAF0nljAO7bChVa8S-k0gEjs_NultiPD2GAE&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2338424597&pi=t.aa~a.3462012197~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280&nras=3&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7I68LMkGhF&p=https%3A//www.habseyesontheprize.com&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2338424597&pi=t.aa~a.3462012197~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280&nras=3&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7I68LMkGhF&p=https%3A//www.habseyesontheprize.com&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 27 Oct 2023 11:32:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 5CF4 0
39 B 22ms
20ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kc7cv3b81jhw8wkq2k52a6m5hqbhwzxzpw48bckegdxhv72bcjsy4f6vk7s2wfj17am1d3d0gr4vm95tm2fmej27dv8ed1nxgprypkby3r6ap5ecnpgb11e5q8q71aqqmmsqa6c159ctgfezay41b0c8qm1v68b4jfwc0j0803q9n82ajkha95c2sjyw247ea9jq78ctv9p066h2aqb3wvarhc3kj51wz2jpe440mdx04m2fshpe4xy80rw9xm8rby7y7s6s08t9qcmsdd110b7zxg9wmzjcdxa6j81g7a90sztyxgy1n5b629p05e5nb7pqcf73dcsvaytf29yd1jned1e3gzsnq7ksyk0ng51t0c5wndk5ns1d5r4aka4e1gtnt9p6r&b=ZTufxgAIw9YKm56GAAnqVwZ4_wgLp8GFTeeQyw&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2338424597&pi=t.aa~a.3462012197~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1361&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0%2C535x280&nras=3&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7I68LMkGhF&p=https%3A//www.habseyesontheprize.com&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 27 Oct 2023 11:32:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

POST
H3 200 rs Show response
ad4m.at/ Frame 13AE 2 KB
2 KB 46ms
46ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2d4b0db399288ff3c1d1dbeaaafe5c2517a94e645e57db4b34cb0840c678e8f

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5oefT6tETZORU4eraM0ubgvoel7fF8BT2xZyRCfX5%2BvUZ9BFREXMvV6X2LulN9uwjSq0jVaEd6jeYHb6wWp5vc7tzldHRyc0Gfwy1m7%2BVfRO%2FYnuo8vZZzE%2BPIZPuV0KkqTZq8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 81ca9e3cda3d4d85-FRA
x-backend-server: aa-reachservice-group-europe-west1-fwqs
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 30ms
30ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81ca9e3ca9f34d85-FRA
content-length: 24
content-type: text/plain
date: Fri, 27 Oct 2023 11:32:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNu%2FTY0JXaZdeYz5SGUUnRh4tTnFvX8VZ2WPnXsXWYzGFF8ivFf1ZkZM1ArML0dylN%2BBabNaSbyW80lk2MeLRxiIc2%2F40uvDX9GTHtj2usV7GTdvvdkpaJ%2BNu0Tc0buc1XsIyUI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-fwqs

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 24E2 2 KB
3 KB 48ms
45ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kj4wk0da2nhnhngjyzgk2ehegg30nq0zq4xfzdqmf5htw3za02rxfmmgpf33z8fjw3tkqj5d7hm41thfcfsgsvr2sjg8fw8qj8t7tswex3d47vwk0hzs71n09rpxyd0vat969r786nsvmawhrcra26mrag7w6g0z261ykh6p7s45wpzgghy1063prcnqtz8dfet214p0fy36zqz2my66dacc8qgp8da0b3v61fgbdn6x7jesjgdqg8pzyrf66wevxh9tnzeqkzv4xvwv81cjmf1cd4w02mckgw0de2h704e1ac4wwqg673fvg159mzthfkpkx287z9cc2mb7qnf8jcwp4rm72rk8ryxrask68e10n14bb2vc02vc8abkzccb61m3djf7vraav56p5rhsag9fq0nyx375qb42h0p8aa022qwsc70m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_Ufnxp87ZbS1IsXImQbZ2Kj4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9Cr1tPAkojV5na2UM28FuvWnk_ujNTERBca0vD-aVYc_KJOzS7PDC3Gxqgo9o7ovBg0CU7XaacdP5oe0qgPIkM1EbPw2L17EUW3AdukIVjaga0HA4aAwoPtr8dtMz7i-rOxQFBWcq6ZLhM9pARXle9pxrhCzA5RjXbVGoiWz58Mfz0n6A5mpnANc6uBwFL6Jh0Xj9ZKkWsk_0ZPZUeG5NsOKiMNDw-zYHZuAjHPShQO6JiYlGXUSh1wxN0f8em8r9kVmjyCXBGRoRwLbeoDSuJADQKPBbWXpa7iSYRG7Yw21y20VJKHmPKU_4z-_s9dRhtTysZtqCDU6pPY460zJu6j1EQ6VMOABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_13-q6sM1VA-0KmHVNnyqyX2z5fnQ%26client%3Dca-pub-9011305505618306%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2137320495&pi=t.aa~a.2318999906~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1360&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0&nras=2&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=L1igCWK7Jc&p=https%3A//www.habseyesontheprize.com&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

913b24397729b3f5c5b980c60dc1d28681e6045b6e1ba98908f726f49e63d716

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 81ca9e3ceace1cbd-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 11:32:23 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 6DEC 3 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2137320495&pi=t.aa~a.2318999906~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1360&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0&nras=2&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=L1igCWK7Jc&p=https%3A//www.habseyesontheprize.com&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:14:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69465
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:14:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AB00 1 KB
643 B 10ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2137320495&pi=t.aa~a.2318999906~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1360&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0&nras=2&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=L1igCWK7Jc&p=https%3A//www.habseyesontheprize.com&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 02:22:07 GMT
etag: 48472445140208031
expires: Sat, 28 Oct 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 6DEC 20 KB
8 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2137320495&pi=t.aa~a.2318999906~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1360&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0&nras=2&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=L1igCWK7Jc&p=https%3A//www.habseyesontheprize.com&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:14:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69465
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 16:14:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6DEC 187 KB
59 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2137320495&pi=t.aa~a.2318999906~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1360&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0&nras=2&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=L1igCWK7Jc&p=https%3A//www.habseyesontheprize.com&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 11:32:23 GMT

GET
DATA 200
OK truncated
/ Frame 6DEC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7dd8333bcb93efab37875ac56da1c78e8ab95e2ffdc67bc5b2b58a6bb08e8c62

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame AB00 35 B
464 B 80ms
9ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC0GSn0N1tgn3xxOBlacs7U&google_cver=1&google_push=AXcoOmRQdsOR0CHl9cSG-mN7rrAqB83IHXOYfsCJnEvkRuCc3fY4O04EChRoG0muZvkR_kjLzYcYQJcGZa14Bb6Y50W0KbjTxDRxRA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2137320495&pi=t.aa~a.2318999906~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1360&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0&nras=2&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=L1igCWK7Jc&p=https%3A//www.habseyesontheprize.com&dtd=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 11:32:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB00
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK1pKzKohEAMSw3Ldfm-Usk&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK1pKzKohEAMSw3Ldfm-Usk&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cWhLN01IOFAxUVdsNEg1&google_gid=CAESEK1pKzKohEAMSw3Ldfm-Usk&google_cver=1&google_push=AXcoOmRYC4O-LMyNCjiKG0jQgj7jBw6HpolRckljeQhfqOf...

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cWhLN01IOFAxUVdsNEg1&google_gid=CAESEK1pKzKohEAMSw3Ldfm-Usk&google_cver=1&google_push=AXcoOmRYC4O-LMyNCjiKG0jQgj7jBw6HpolRckljeQhfqOfPe3dX-PGcH1ghB7lM6JZdNdY8dMtrx3dZkXEXL5uKCzuwCzT28IypYg4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2137320495&pi=t.aa~a.2318999906~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1360&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0&nras=2&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=L1igCWK7Jc&p=https%3A//www.habseyesontheprize.com&dtd=3

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 11:32:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 27 Oct 2023 11:32:22 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-791-gff05a1f#rel-ec2-master i-0237fe7a9d585a71c@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cWhLN01IOFAxUVdsNEg1&google_gid=CAESEK1pKzKohEAMSw3Ldfm-Usk&google_cver=1&google_push=AXcoOmRYC4O-LMyNCjiKG0jQgj7jBw6HpolRckljeQhfqOfPe3dX-PGcH1ghB7lM6JZdNdY8dMtrx3dZkXEXL5uKCzuwCzT28IypYg4
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB00
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESENQNqJk88XCZdtCLXBKU1mY&google_cver=1&google_push=AXcoOmSBT5FdVKgtS03ykWy0N2F-SdvJLjiG532t56c4sZVyrX6loBGXRXvxNI5PrCJ6p2b3T5EzeW5tG94QpnAJcG6gLZE4PS9lzqM
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=73A910ED26CF44AEBD3EEC4AC84EFCE5&google_push=AXcoOmSBT5FdVKgtS03ykWy0N2F-SdvJLjiG532t56c4sZVyrX6loBGXRXvxNI5PrCJ6p2b3T5EzeW5tG94QpnA...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=73A910ED26CF44AEBD3EEC4AC84EFCE5&google_push=AXcoOmSBT5FdVKgtS03ykWy0N2F-SdvJLjiG532t56c4sZVyrX6loBGXRXvxNI5PrCJ6p2b3T5EzeW5tG94QpnAJcG6gLZE4PS9lzqM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2137320495&pi=t.aa~a.2318999906~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1360&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0&nras=2&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=L1igCWK7Jc&p=https%3A//www.habseyesontheprize.com&dtd=3

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 11:32:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 27 Oct 2023 11:32:23 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=73A910ED26CF44AEBD3EEC4AC84EFCE5&google_push=AXcoOmSBT5FdVKgtS03ykWy0N2F-SdvJLjiG532t56c4sZVyrX6loBGXRXvxNI5PrCJ6p2b3T5EzeW5tG94QpnAJcG6gLZE4PS9lzqM
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 26 Oct 2023 11:32:23 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB00
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELSJfEl4FgiQ6o5Q9-pBOXw&google_cver=1&google_push=AXcoOmRRKyDvrTHmlf7CU471jaazdmIyLDukFDj6xIC_7G5I8GjjNFYHuM5QkJSPsBl3R3E8v1pudQYjXnQ...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRRKyDvrTHmlf7CU471jaazdmIyLDukFDj6xIC_7G5I8GjjNFYHuM5QkJSPsBl3R3E8v1pudQYjXnQL_Ksvg0DBlreGKWn_JL0&google_hm=HmYG_iAhTNeIcEewr...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRRKyDvrTHmlf7CU471jaazdmIyLDukFDj6xIC_7G5I8GjjNFYHuM5QkJSPsBl3R3E8v1pudQYjXnQL_Ksvg0DBlreGKWn_JL0&google_hm=HmYG_iAhTNeIcEewr9rBhio

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2137320495&pi=t.aa~a.2318999906~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1360&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0&nras=2&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=L1igCWK7Jc&p=https%3A//www.habseyesontheprize.com&dtd=3

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 11:32:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 Oct 2023 11:32:22 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRRKyDvrTHmlf7CU471jaazdmIyLDukFDj6xIC_7G5I8GjjNFYHuM5QkJSPsBl3R3E8v1pudQYjXnQL_Ksvg0DBlreGKWn_JL0&google_hm=HmYG_iAhTNeIcEewr9rBhio
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB00
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBMhPRhBxEuUo_p0wAZmQzg&google_cver=1&google_push=AXcoOmRCZWp97m8EeegGs_SulOA4Zs7qjEIfd1MsdYJU8LkeMTajN2fLyrqTo0sDtaUVKEU34rqPcfjqqp6zv167...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=aiMtrPJ_RxA8eG5A9XXGgA&google_push=AXcoOmRCZWp97m8EeegGs_SulOA4Zs7qjEIfd1MsdYJU8LkeMTajN2fLyrqTo0sDtaUVKEU34rqPcfjqqp6zv167yOV8xvHsbaUC8A

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=aiMtrPJ_RxA8eG5A9XXGgA&google_push=AXcoOmRCZWp97m8EeegGs_SulOA4Zs7qjEIfd1MsdYJU8LkeMTajN2fLyrqTo0sDtaUVKEU34rqPcfjqqp6zv167yOV8xvHsbaUC8A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2137320495&pi=t.aa~a.2318999906~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1360&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0&nras=2&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=L1igCWK7Jc&p=https%3A//www.habseyesontheprize.com&dtd=3

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 11:32:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 27 Oct 2023 11:32:23 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=aiMtrPJ_RxA8eG5A9XXGgA&google_push=AXcoOmRCZWp97m8EeegGs_SulOA4Zs7qjEIfd1MsdYJU8LkeMTajN2fLyrqTo0sDtaUVKEU34rqPcfjqqp6zv167yOV8xvHsbaUC8A
x-host: tde-deliveryengine-production-5bf79cd4ff-22f6d
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame AB00 43 B
362 B 15ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSk86CkhtwKprbdUvCdJSPIJSd1ph_u-0R_ZIJMXcgAbnHu6KpTBGVZCP4JXOj7oXsQsUxogUT-9DveR9czaGjqaIfzfDnuavQ&google_gid=CAESEGPFnXtPjjuGJRr09CZSskY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2137320495&pi=t.aa~a.2318999906~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1360&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0&nras=2&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=L1igCWK7Jc&p=https%3A//www.habseyesontheprize.com&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 11:32:22 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 219169
expires: Fri, 27 Oct 2023 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame AB00
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFLa7qBPOi0Z...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRgrwswe3ecSzo6rjANo8p0h9rAbLQb2XitdCMtBd9qC5OyK8WEsMSikvb_wTyJMlEd-K1S5QNIen9VCXDXevNvuUUynQfc5GY
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

34ms
33ms

Image
image/gif

23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2137320495&pi=t.aa~a.2318999906~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1360&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0&nras=2&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=L1igCWK7Jc&p=https%3A//www.habseyesontheprize.com&dtd=3
Protocol: H2
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Fri, 27 Oct 2023 11:32:23 GMT
pragma: no-cache
date: Fri, 27 Oct 2023 11:32:23 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 27 Oct 2023 11:32:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AB00 0
12 B 16ms
14ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I4sEs5V_CTtjiu-lyRmzhA0HmT7zCkiZcMjt4GIRWAkL4E0bVaOEzmA-FGv-X67Sw0B30E5A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2137320495&pi=t.aa~a.2318999906~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1360&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0&nras=2&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=L1igCWK7Jc&p=https%3A//www.habseyesontheprize.com&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6DEC 0
19 B 51ms
50ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ClICcxp87ZbS1IsXImQbZ2Kj4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIQCT9Cr1tPAkojV5na2UM28FuvWnk_ujNTERBca0vD-aVYc_KJOzS7PDC3Gxqgo9o7ovBg0CU7XaacdP5oe0qgPIkM1EbPw2L17EUW3AdukIVjaga0HA4aAwoPtr8dtMz7i-rOxQFBWcq6ZLhM9pARXle9pxrhCzA5RjXbVGoiWz58Mfz0n6A5mpnANc6uBwFL6Jh0Xj9ZKkWsk_0ZPZUeG5NsOKiMNDw-zYHZuAjHPShQO6JiYlGXUSh1wxN0f8em8r9kVmjyCXBGRoRwLbeoDSuJADQKPBbWXpa7iSYRGr44XRfpN09JPH7oCJcVsDPZJTLZZ5N6wKOKdeGtM_YEr8zI8lIyABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05MDExMzA1NTA1NjE4MzA2GAA&sigh=xW2b2drG0Wg&uach_m=[UACH]&cid=CAQSOwDICaaNULNCfisO32RlshArCxFA81sr_jf2Opews-Jba5VcJzVf-skbU3w6BijRAKespsECdTWNVwITGAE&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2137320495&pi=t.aa~a.2318999906~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1360&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0&nras=2&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=L1igCWK7Jc&p=https%3A//www.habseyesontheprize.com&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2137320495&pi=t.aa~a.2318999906~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1360&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0&nras=2&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=L1igCWK7Jc&p=https%3A//www.habseyesontheprize.com&dtd=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 27 Oct 2023 11:32:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame 6DEC 0
11 B 18ms
18ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g037mw88g8r64w8gphpy6nj5a1ts7zq79rjvty2r6055p69y083rxh79hppxdw5psb7m4de9bn80qtgjdq4ntczq03fnry9nb9ezxrvwcfjpzrhzp4s4g1vg0td9zmagjykrryvv95jt0mqrmjndb4vy4k46b3yr5bj2g7khq74sgdnmf9bhnm4zqan91k0c3c9zb0ckw4dc0a3nfprafcafya0zxv7580ehm67t0hwg98jsrwxf3499tam3f96qmxswwjf5w7h23vyxjqzr1rnh1jf94p74jk559gzc5tybptagkz1pfpxnwtqtxsg71c2t8g7ek9s451jwym14h0pgv3w0p84eq80995qvt1w9ppapqep01kr079ds1ysj80t0mgg08&b=ZTufxgAImrQKxmRFAAosWR_5shie-rqPnPijXQ&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9011305505618306&output=html&h=280&adk=1972770278&adf=2137320495&pi=t.aa~a.2318999906~i.2~rp.4&w=535&fwrn=4&fwrnh=100&lmt=1698399142&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8203761774&ad_type=text_image&format=535x280&url=https%3A%2F%2Fwww.habseyesontheprize.com%2F&fwr=0&pra=3&rh=134&rw=535&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698406342526&bpp=1&bdt=1360&idt=-M&shv=r20231025&mjsv=m202310260102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3b603b7608671654-22d158d015e300c0%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZ4Q-vYsfwcuaLA29SNeqzjOoDDyw&gpic=UID%3D00000caa1dd2eb65%3AT%3D1698406341%3ART%3D1698406341%3AS%3DALNI_MZGxh6N4lGarzk4oKqJeybgn236uw&prev_fmts=0x0&nras=2&correlator=5725263893245&frm=20&pv=1&ga_vid=641861502.1698406341&ga_sid=1698406342&ga_hid=1635788178&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=460&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44805934%2C44806738%2C31078297%2C31079248%2C31079155%2C44806141&oid=2&pvsid=1060563691961383&tmod=1009480064&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=L1igCWK7Jc&p=https%3A//www.habseyesontheprize.com&dtd=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 27 Oct 2023 11:32:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame F422 9 KB
5 KB 38ms
37ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=537178%2C23576%2C19491&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=ee367f44e9ed3ac4cd5ed7381ff40a42%2F17095224808383307496&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343184&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzwrtkt7vjmfnec8khpd0y3kn1yvttwn5d2y2083k1hfvy1h87fd7akrdw9tyn66ve8w2cbeprgc1sqk6wtjdppbrmjn80j4zxye0s7zzbaqhhby6gmk8y68vz9xqrznf93k3xz3wyqgwmy0h8rhvzmw5646j1rrr8fs4zwkscdq31t6bqd99fs9z04n8spsh1t2vjkxxc96zx2pzd5336ydfgy0b5q8et3ep3q63zy9mypva06p46tbq1ygj7d61apwrsq9jjztd8jqvp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSUGxxp87ZenII4XK6gSw_L7wCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCtNCCGX-5sT6oAwHIAwKqBIcCT9B-ZmKZXeyy1EzwMawzcCmoJPwu_qMUAyBTRy0WZYOg53mDYn40uCixNDAYTyqdl7iS_G4jA7V2RzDktIozolcmQol47Si_-TBubrNFVuNeaGaeDtri5axG50FjTc8Qr36optuokzgazmpZTzXdCYyRgHLX0SdwN6B4Gqmu1u7QkLRBqyGFCTxOLRbrBf0A3AtAol6uDAKcSe09z97W1hjTSoPQBPZpFiBhQc3n7pNPqTR91d3jw_S5EWNe4hauNOAZ0N_LOqPPrldvw6McFs7x1OG2rAH7IQ2xGb5mF-KbYqYeNIaMQyA1uLCzGMHuxM2UY-6L88Lw4ttUUGpZLE0PaG0bCyuABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_009JdYl7-E1h3hkpkG5wLRaQ2QaA%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9b1089305adfc4c3a39f2af056bbf54a9e28a647f8bd037eb78a838d92b30b9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1ghvbk832q471evphczn42ghzz3kcggwxp33k7f15bpt3bvrw6b2askzpmx99fg87w1t62rkkhc8eq8yej6daq1cgwtme1tq71m391zr6hq6rq5n39ct9nfexfv1t3ztzt6trd9vc0ps9et0d5hhx65p5yftd2jr75egea4vxec2ptja4fzw324vs346agrdsshfgyrgq7ahhk59w92evw1v3k1sw2dm4xsd97sa3q3z43zp0jb8pn1xqkzpc3fxndj8wvy3hgbyda8g55qa8nkqh5s3qev91m2083dmh5bays4keez1q1dcxg5c4abv4azzqwtpqb91prz4ct2y88bc3wszv6dfezfv6rpemsnnhg17hwx69vjy5ab4v3mmjqywg3rkr5xtk3et37gwykq2j7a4gp84txwc11knwfxfe3kn8chfa&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSUGxxp87ZenII4XK6gSw_L7wCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCtNCCGX-5sT6oAwHIAwKqBIcCT9B-ZmKZXeyy1EzwMawzcCmoJPwu_qMUAyBTRy0WZYOg53mDYn40uCixNDAYTyqdl7iS_G4jA7V2RzDktIozolcmQol47Si_-TBubrNFVuNeaGaeDtri5axG50FjTc8Qr36optuokzgazmpZTzXdCYyRgHLX0SdwN6B4Gqmu1u7QkLRBqyGFCTxOLRbrBf0A3AtAol6uDAKcSe09z97W1hjTSoPQBPZpFiBhQc3n7pNPqTR91d3jw_S5EWNe4hauNOAZ0N_LOqPPrldvw6McFs7x1OG2rAH7IQ2xGb5mF-KbYqYeNIaMQyA1uLCzGMHuxM2UY-6L88Lw4ttUUGpZLE0PaG0bCyuABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_009JdYl7-E1h3hkpkG5wLRaQ2QaA%26client%3Dca-pub-9011305505618306%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 81ca9e3d3b701cbd-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 11:32:23 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame A884 13 KB
5 KB 45ms
45ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=3fae36ae061d446c5b2ccde96e22107a%2F9172787288021173686&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz0623mkeny9hdfqsq87d2g41v3m132h16mvg46fza77j01sp71xczkby0zcnscajc6m39dqn9trb5cwg7e6nvbdp4n5afmn83se490yfmdm0pw9k7nq3zpnaxw4hnz09exhqef9azhw3tq0hkbrq4n9t0x3t7exvwgt1bdt52an6fe7bdvqv3mjs2zr5mrzrdhqmra1rrr4zghtr48tcm11sf2eb8jxq3ks3ej7bfg14q9d8mbh9c21d6wpgpea76a9pjvatdrwxzt525g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpw70xp87ZdaHI4a97gTX1KewB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9BhxQm0MMEFJSvs2WN3UC6Jcg5aDuMwKD5mte0fySaEG8DPT6BfUmSTI5BFdRA4W-tormxBXkFYYbJSvt9PenBFDi-IgOwwklJfouIRBdBnradwd5zTqCopPYg1UHaz2Zxj1RNgzgAlY4XAa-jT_XN8pHyeqI8lVoq0QxcO_2AZGUL56V4kHWuAphd261rNWyL11cv03mWSr3msICyjsU7yuKY0cFqY8x7GRiFTBZJHoetZh2z2iUuV6Y5hyMpjyLAtU8UUGhYEp05nYgRKXVWnrv1G5yR0gRRhLuy357ZPB5bbT9fkcE-CSMnWKR89nI5aCOblqPGnQAsiWuls_kLLKrf4L9eABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_32CiART-WNyOqdCjL2INramiTOCQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3349eae7e6f5525c2cbe437f6364c049f0c6be024191e542a808d9c2e2f3a56b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kw8mhab6516qgmrw7bjjhw804h9yzq19pyd47sybsh9q6q2wga067p9jbhkh77rkzdvyt6gpr9yc3sgywdt30vr1ac7w3h3vwfxxxt881nr7c8kgdrhm37crwvd6g0hwspy9yr3v6cxyfk0xs4ptf8egdkbbv2hr09qpda8tn2ev8w1wzd0pgec0yjykpkkn1jm57ezvaxbzk1v1jwzxg55jss103tpvfx2fbt2nrgf5pkjf43tg2g430xhgp6d4qjktf1mdydx2bvhw0apr0brksj0ce72gtvf6b540cttthm1d0qg0adf1vjph9ww3b7da4gyvfvrgpkv8wcn44nhwkw76ym4vj2zf3xv9spbrx08sgza5a8n190xdwf3yndvsv2actencvm1fv5arz9tvehkm35gkm6br6z5ngh63edp860wr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpw70xp87ZdaHI4a97gTX1KewB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9BhxQm0MMEFJSvs2WN3UC6Jcg5aDuMwKD5mte0fySaEG8DPT6BfUmSTI5BFdRA4W-tormxBXkFYYbJSvt9PenBFDi-IgOwwklJfouIRBdBnradwd5zTqCopPYg1UHaz2Zxj1RNgzgAlY4XAa-jT_XN8pHyeqI8lVoq0QxcO_2AZGUL56V4kHWuAphd261rNWyL11cv03mWSr3msICyjsU7yuKY0cFqY8x7GRiFTBZJHoetZh2z2iUuV6Y5hyMpjyLAtU8UUGhYEp05nYgRKXVWnrv1G5yR0gRRhLuy357ZPB5bbT9fkcE-CSMnWKR89nI5aCOblqPGnQAsiWuls_kLLKrf4L9eABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32CiART-WNyOqdCjL2INramiTOCQ%26client%3Dca-pub-9011305505618306%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 81ca9e3d4b7c1cbd-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 11:32:23 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame 24E2 115 KB
14 KB 26ms
26ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kj4wk0da2nhnhngjyzgk2ehegg30nq0zq4xfzdqmf5htw3za02rxfmmgpf33z8fjw3tkqj5d7hm41thfcfsgsvr2sjg8fw8qj8t7tswex3d47vwk0hzs71n09rpxyd0vat969r786nsvmawhrcra26mrag7w6g0z261ykh6p7s45wpzgghy1063prcnqtz8dfet214p0fy36zqz2my66dacc8qgp8da0b3v61fgbdn6x7jesjgdqg8pzyrf66wevxh9tnzeqkzv4xvwv81cjmf1cd4w02mckgw0de2h704e1ac4wwqg673fvg159mzthfkpkx287z9cc2mb7qnf8jcwp4rm72rk8ryxrask68e10n14bb2vc02vc8abkzccb61m3djf7vraav56p5rhsag9fq0nyx375qb42h0p8aa022qwsc70m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_Ufnxp87ZbS1IsXImQbZ2Kj4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9Cr1tPAkojV5na2UM28FuvWnk_ujNTERBca0vD-aVYc_KJOzS7PDC3Gxqgo9o7ovBg0CU7XaacdP5oe0qgPIkM1EbPw2L17EUW3AdukIVjaga0HA4aAwoPtr8dtMz7i-rOxQFBWcq6ZLhM9pARXle9pxrhCzA5RjXbVGoiWz58Mfz0n6A5mpnANc6uBwFL6Jh0Xj9ZKkWsk_0ZPZUeG5NsOKiMNDw-zYHZuAjHPShQO6JiYlGXUSh1wxN0f8em8r9kVmjyCXBGRoRwLbeoDSuJADQKPBbWXpa7iSYRG7Yw21y20VJKHmPKU_4z-_s9dRhtTysZtqCDU6pPY460zJu6j1EQ6VMOABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_13-q6sM1VA-0KmHVNnyqyX2z5fnQ%26client%3Dca-pub-9011305505618306%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kj4wk0da2nhnhngjyzgk2ehegg30nq0zq4xfzdqmf5htw3za02rxfmmgpf33z8fjw3tkqj5d7hm41thfcfsgsvr2sjg8fw8qj8t7tswex3d47vwk0hzs71n09rpxyd0vat969r786nsvmawhrcra26mrag7w6g0z261ykh6p7s45wpzgghy1063prcnqtz8dfet214p0fy36zqz2my66dacc8qgp8da0b3v61fgbdn6x7jesjgdqg8pzyrf66wevxh9tnzeqkzv4xvwv81cjmf1cd4w02mckgw0de2h704e1ac4wwqg673fvg159mzthfkpkx287z9cc2mb7qnf8jcwp4rm72rk8ryxrask68e10n14bb2vc02vc8abkzccb61m3djf7vraav56p5rhsag9fq0nyx375qb42h0p8aa022qwsc70m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_Ufnxp87ZbS1IsXImQbZ2Kj4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9Cr1tPAkojV5na2UM28FuvWnk_ujNTERBca0vD-aVYc_KJOzS7PDC3Gxqgo9o7ovBg0CU7XaacdP5oe0qgPIkM1EbPw2L17EUW3AdukIVjaga0HA4aAwoPtr8dtMz7i-rOxQFBWcq6ZLhM9pARXle9pxrhCzA5RjXbVGoiWz58Mfz0n6A5mpnANc6uBwFL6Jh0Xj9ZKkWsk_0ZPZUeG5NsOKiMNDw-zYHZuAjHPShQO6JiYlGXUSh1wxN0f8em8r9kVmjyCXBGRoRwLbeoDSuJADQKPBbWXpa7iSYRG7Yw21y20VJKHmPKU_4z-_s9dRhtTysZtqCDU6pPY460zJu6j1EQ6VMOABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_13-q6sM1VA-0KmHVNnyqyX2z5fnQ%26client%3Dca-pub-9011305505618306%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18304
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Sep 2023 09:43:56 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lO4dNuMPC3cV2KRdFAJktdMfI2b94ApzuEZv1klbxyCiX2M68l3lHuShfw8e1W1v4q%2FELKX5eKelQt8w%2FKeKjX%2FthxMjRzV1lFskLdEhrSY6c29gv3YwP7P03SJB8fv47%2B2Leii1W5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 81ca9e3d4b831cbd-FRA
expires: Fri, 27 Oct 2023 12:32:23 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 24E2 25 KB
10 KB 24ms
23ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kj4wk0da2nhnhngjyzgk2ehegg30nq0zq4xfzdqmf5htw3za02rxfmmgpf33z8fjw3tkqj5d7hm41thfcfsgsvr2sjg8fw8qj8t7tswex3d47vwk0hzs71n09rpxyd0vat969r786nsvmawhrcra26mrag7w6g0z261ykh6p7s45wpzgghy1063prcnqtz8dfet214p0fy36zqz2my66dacc8qgp8da0b3v61fgbdn6x7jesjgdqg8pzyrf66wevxh9tnzeqkzv4xvwv81cjmf1cd4w02mckgw0de2h704e1ac4wwqg673fvg159mzthfkpkx287z9cc2mb7qnf8jcwp4rm72rk8ryxrask68e10n14bb2vc02vc8abkzccb61m3djf7vraav56p5rhsag9fq0nyx375qb42h0p8aa022qwsc70m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_Ufnxp87ZbS1IsXImQbZ2Kj4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9Cr1tPAkojV5na2UM28FuvWnk_ujNTERBca0vD-aVYc_KJOzS7PDC3Gxqgo9o7ovBg0CU7XaacdP5oe0qgPIkM1EbPw2L17EUW3AdukIVjaga0HA4aAwoPtr8dtMz7i-rOxQFBWcq6ZLhM9pARXle9pxrhCzA5RjXbVGoiWz58Mfz0n6A5mpnANc6uBwFL6Jh0Xj9ZKkWsk_0ZPZUeG5NsOKiMNDw-zYHZuAjHPShQO6JiYlGXUSh1wxN0f8em8r9kVmjyCXBGRoRwLbeoDSuJADQKPBbWXpa7iSYRG7Yw21y20VJKHmPKU_4z-_s9dRhtTysZtqCDU6pPY460zJu6j1EQ6VMOABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_13-q6sM1VA-0KmHVNnyqyX2z5fnQ%26client%3Dca-pub-9011305505618306%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 18302
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JE10RaYIg8ED%2BGrIQZNl4Lw3j8yvsthtdjzMCSocepFr19RSoWlRSDguGjzxjzOWqHAPjMNECAiQQtYADxkoPbsVGEf5wrE5ISN%2F5ElWum8znpwbwoCxFDgEG8rvr1u9kkLH6gA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 81ca9e3d4b881cbd-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 27 Oct 2023 06:27:21 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame F422 115 KB
14 KB 33ms
32ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C19491&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=ee367f44e9ed3ac4cd5ed7381ff40a42%2F17095224808383307496&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343184&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzwrtkt7vjmfnec8khpd0y3kn1yvttwn5d2y2083k1hfvy1h87fd7akrdw9tyn66ve8w2cbeprgc1sqk6wtjdppbrmjn80j4zxye0s7zzbaqhhby6gmk8y68vz9xqrznf93k3xz3wyqgwmy0h8rhvzmw5646j1rrr8fs4zwkscdq31t6bqd99fs9z04n8spsh1t2vjkxxc96zx2pzd5336ydfgy0b5q8et3ep3q63zy9mypva06p46tbq1ygj7d61apwrsq9jjztd8jqvp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSUGxxp87ZenII4XK6gSw_L7wCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCtNCCGX-5sT6oAwHIAwKqBIcCT9B-ZmKZXeyy1EzwMawzcCmoJPwu_qMUAyBTRy0WZYOg53mDYn40uCixNDAYTyqdl7iS_G4jA7V2RzDktIozolcmQol47Si_-TBubrNFVuNeaGaeDtri5axG50FjTc8Qr36optuokzgazmpZTzXdCYyRgHLX0SdwN6B4Gqmu1u7QkLRBqyGFCTxOLRbrBf0A3AtAol6uDAKcSe09z97W1hjTSoPQBPZpFiBhQc3n7pNPqTR91d3jw_S5EWNe4hauNOAZ0N_LOqPPrldvw6McFs7x1OG2rAH7IQ2xGb5mF-KbYqYeNIaMQyA1uLCzGMHuxM2UY-6L88Lw4ttUUGpZLE0PaG0bCyuABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_009JdYl7-E1h3hkpkG5wLRaQ2QaA%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C19491&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=ee367f44e9ed3ac4cd5ed7381ff40a42%2F17095224808383307496&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343184&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzwrtkt7vjmfnec8khpd0y3kn1yvttwn5d2y2083k1hfvy1h87fd7akrdw9tyn66ve8w2cbeprgc1sqk6wtjdppbrmjn80j4zxye0s7zzbaqhhby6gmk8y68vz9xqrznf93k3xz3wyqgwmy0h8rhvzmw5646j1rrr8fs4zwkscdq31t6bqd99fs9z04n8spsh1t2vjkxxc96zx2pzd5336ydfgy0b5q8et3ep3q63zy9mypva06p46tbq1ygj7d61apwrsq9jjztd8jqvp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSUGxxp87ZenII4XK6gSw_L7wCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCtNCCGX-5sT6oAwHIAwKqBIcCT9B-ZmKZXeyy1EzwMawzcCmoJPwu_qMUAyBTRy0WZYOg53mDYn40uCixNDAYTyqdl7iS_G4jA7V2RzDktIozolcmQol47Si_-TBubrNFVuNeaGaeDtri5axG50FjTc8Qr36optuokzgazmpZTzXdCYyRgHLX0SdwN6B4Gqmu1u7QkLRBqyGFCTxOLRbrBf0A3AtAol6uDAKcSe09z97W1hjTSoPQBPZpFiBhQc3n7pNPqTR91d3jw_S5EWNe4hauNOAZ0N_LOqPPrldvw6McFs7x1OG2rAH7IQ2xGb5mF-KbYqYeNIaMQyA1uLCzGMHuxM2UY-6L88Lw4ttUUGpZLE0PaG0bCyuABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_009JdYl7-E1h3hkpkG5wLRaQ2QaA%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18304
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Sep 2023 09:43:56 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Efoi68iiGu8OlxuV5YCJPhIsz18qnBfF57IqESQLqbdeCGsQZaQB5L6%2F%2BlsVEoMnC2AWN7IzZ0clGAqbmaPK4BNY%2FfczAB5vpcoDKhyEd6mKNz069EjaH0ed7VtCxk8O4zl%2FeXGAUCo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 81ca9e3d8bdd1cbd-FRA
expires: Fri, 27 Oct 2023 12:32:23 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame F422 44 KB
44 KB 46ms
28ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C19491&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=ee367f44e9ed3ac4cd5ed7381ff40a42%2F17095224808383307496&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343184&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzwrtkt7vjmfnec8khpd0y3kn1yvttwn5d2y2083k1hfvy1h87fd7akrdw9tyn66ve8w2cbeprgc1sqk6wtjdppbrmjn80j4zxye0s7zzbaqhhby6gmk8y68vz9xqrznf93k3xz3wyqgwmy0h8rhvzmw5646j1rrr8fs4zwkscdq31t6bqd99fs9z04n8spsh1t2vjkxxc96zx2pzd5336ydfgy0b5q8et3ep3q63zy9mypva06p46tbq1ygj7d61apwrsq9jjztd8jqvp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSUGxxp87ZenII4XK6gSw_L7wCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCtNCCGX-5sT6oAwHIAwKqBIcCT9B-ZmKZXeyy1EzwMawzcCmoJPwu_qMUAyBTRy0WZYOg53mDYn40uCixNDAYTyqdl7iS_G4jA7V2RzDktIozolcmQol47Si_-TBubrNFVuNeaGaeDtri5axG50FjTc8Qr36optuokzgazmpZTzXdCYyRgHLX0SdwN6B4Gqmu1u7QkLRBqyGFCTxOLRbrBf0A3AtAol6uDAKcSe09z97W1hjTSoPQBPZpFiBhQc3n7pNPqTR91d3jw_S5EWNe4hauNOAZ0N_LOqPPrldvw6McFs7x1OG2rAH7IQ2xGb5mF-KbYqYeNIaMQyA1uLCzGMHuxM2UY-6L88Lw4ttUUGpZLE0PaG0bCyuABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_009JdYl7-E1h3hkpkG5wLRaQ2QaA%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 645687
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Oct 2023 15:49:04 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqEKH4zvsXoW5ZS2e573UaOvfEX3U3L0SjR8Jpzef9m%2FMUh0Ie%2BDUqB92lZ8HpSqmDXqAe1ZSRcQEfCzL9Wcm%2Ffr1QsBSJVn0KEItpW84x61jtLwDZkzTnmfD0%2FoKCII8HioX07rT1r5NAmp"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 81ca9e3daa772c4b-FRA

GET
H2 200 809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
assets.ad4m.at/ Frame F422 153 KB
153 KB 58ms
41ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C19491&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=ee367f44e9ed3ac4cd5ed7381ff40a42%2F17095224808383307496&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343184&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzwrtkt7vjmfnec8khpd0y3kn1yvttwn5d2y2083k1hfvy1h87fd7akrdw9tyn66ve8w2cbeprgc1sqk6wtjdppbrmjn80j4zxye0s7zzbaqhhby6gmk8y68vz9xqrznf93k3xz3wyqgwmy0h8rhvzmw5646j1rrr8fs4zwkscdq31t6bqd99fs9z04n8spsh1t2vjkxxc96zx2pzd5336ydfgy0b5q8et3ep3q63zy9mypva06p46tbq1ygj7d61apwrsq9jjztd8jqvp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSUGxxp87ZenII4XK6gSw_L7wCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCtNCCGX-5sT6oAwHIAwKqBIcCT9B-ZmKZXeyy1EzwMawzcCmoJPwu_qMUAyBTRy0WZYOg53mDYn40uCixNDAYTyqdl7iS_G4jA7V2RzDktIozolcmQol47Si_-TBubrNFVuNeaGaeDtri5axG50FjTc8Qr36optuokzgazmpZTzXdCYyRgHLX0SdwN6B4Gqmu1u7QkLRBqyGFCTxOLRbrBf0A3AtAol6uDAKcSe09z97W1hjTSoPQBPZpFiBhQc3n7pNPqTR91d3jw_S5EWNe4hauNOAZ0N_LOqPPrldvw6McFs7x1OG2rAH7IQ2xGb5mF-KbYqYeNIaMQyA1uLCzGMHuxM2UY-6L88Lw4ttUUGpZLE0PaG0bCyuABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_009JdYl7-E1h3hkpkG5wLRaQ2QaA%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5511fc0a41b649423fbfa7a2738fb9fc47c5fd4669ccc5fd14186069db3295e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 711398
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 156513
cf-bgj: imgq:100,h2pri
last-modified: Thu, 19 Oct 2023 05:55:14 GMT
server: cloudflare
etag: "eae3b251b1fdff23215fbbe825ac0889"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLpbERojNH5p8W%2FJdiAdPJd%2FbPyBCoz8%2BRBqnKnmWxcOKew2kvGnh8pAZKiivInhbfyL7MOq%2BgJ5a8JXphBd%2F4TkojjMd%2BpUV3IvVOJupjpL1AB%2BoUhnZ4p%2FMzl%2FRJ5ydPx%2Bw5rmSPHKnt9n"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 81ca9e3daa952c4b-FRA

GET
H2

200

ztpv.php
www.conrad.de/ Frame F422
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1698406343_7f5032a0-74bc-11ee-84cc-223908f3a6a6&insert=AW&&gdpr=0&gdpr_consent=

0
492 B

52ms
27ms

Image
text/html

2606:4700::6810:c0cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1698406343_7f5032a0-74bc-11ee-84cc-223908f3a6a6&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C19491&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=ee367f44e9ed3ac4cd5ed7381ff40a42%2F17095224808383307496&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343184&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzwrtkt7vjmfnec8khpd0y3kn1yvttwn5d2y2083k1hfvy1h87fd7akrdw9tyn66ve8w2cbeprgc1sqk6wtjdppbrmjn80j4zxye0s7zzbaqhhby6gmk8y68vz9xqrznf93k3xz3wyqgwmy0h8rhvzmw5646j1rrr8fs4zwkscdq31t6bqd99fs9z04n8spsh1t2vjkxxc96zx2pzd5336ydfgy0b5q8et3ep3q63zy9mypva06p46tbq1ygj7d61apwrsq9jjztd8jqvp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSUGxxp87ZenII4XK6gSw_L7wCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCtNCCGX-5sT6oAwHIAwKqBIcCT9B-ZmKZXeyy1EzwMawzcCmoJPwu_qMUAyBTRy0WZYOg53mDYn40uCixNDAYTyqdl7iS_G4jA7V2RzDktIozolcmQol47Si_-TBubrNFVuNeaGaeDtri5axG50FjTc8Qr36optuokzgazmpZTzXdCYyRgHLX0SdwN6B4Gqmu1u7QkLRBqyGFCTxOLRbrBf0A3AtAol6uDAKcSe09z97W1hjTSoPQBPZpFiBhQc3n7pNPqTR91d3jw_S5EWNe4hauNOAZ0N_LOqPPrldvw6McFs7x1OG2rAH7IQ2xGb5mF-KbYqYeNIaMQyA1uLCzGMHuxM2UY-6L88Lw4ttUUGpZLE0PaG0bCyuABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_009JdYl7-E1h3hkpkG5wLRaQ2QaA%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6810:c0cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 81ca9e3e5c98373c-FRA
content-length: 0
expires: -1

Redirect headers

Date: Fri, 27 Oct 2023 11:32:23 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1698406343_7f5032a0-74bc-11ee-84cc-223908f3a6a6&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame F422 13 KB
13 KB 54ms
39ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C19491&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=ee367f44e9ed3ac4cd5ed7381ff40a42%2F17095224808383307496&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343184&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzwrtkt7vjmfnec8khpd0y3kn1yvttwn5d2y2083k1hfvy1h87fd7akrdw9tyn66ve8w2cbeprgc1sqk6wtjdppbrmjn80j4zxye0s7zzbaqhhby6gmk8y68vz9xqrznf93k3xz3wyqgwmy0h8rhvzmw5646j1rrr8fs4zwkscdq31t6bqd99fs9z04n8spsh1t2vjkxxc96zx2pzd5336ydfgy0b5q8et3ep3q63zy9mypva06p46tbq1ygj7d61apwrsq9jjztd8jqvp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSUGxxp87ZenII4XK6gSw_L7wCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCtNCCGX-5sT6oAwHIAwKqBIcCT9B-ZmKZXeyy1EzwMawzcCmoJPwu_qMUAyBTRy0WZYOg53mDYn40uCixNDAYTyqdl7iS_G4jA7V2RzDktIozolcmQol47Si_-TBubrNFVuNeaGaeDtri5axG50FjTc8Qr36optuokzgazmpZTzXdCYyRgHLX0SdwN6B4Gqmu1u7QkLRBqyGFCTxOLRbrBf0A3AtAol6uDAKcSe09z97W1hjTSoPQBPZpFiBhQc3n7pNPqTR91d3jw_S5EWNe4hauNOAZ0N_LOqPPrldvw6McFs7x1OG2rAH7IQ2xGb5mF-KbYqYeNIaMQyA1uLCzGMHuxM2UY-6L88Lw4ttUUGpZLE0PaG0bCyuABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_009JdYl7-E1h3hkpkG5wLRaQ2QaA%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec41c6c63b2da0d7b75102ec05c8dd6e480ec8357e67cd1af43199764f0e903c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 565805
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 12951
cf-bgj: imgq:100,h2pri
last-modified: Fri, 20 Oct 2023 22:22:01 GMT
server: cloudflare
etag: "12e3523b35b31c7ddfe7c77dcdb14a34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fg24VaAfOBcX5N8U7HwulXG1z4kFbbP0u4JFaWf7Q609vBrYb3hNGJ7GVz8SV6o1TyXAyQFf15McHXop1lXrpON6u42Kj78NAneOhrV%2B36szDhYR1smGxqIZE6T60gtZpmlbcD6C72idzc%2BD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 81ca9e3daa812c4b-FRA

GET
H2 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame F422 121 KB
122 KB 56ms
41ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C19491&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=ee367f44e9ed3ac4cd5ed7381ff40a42%2F17095224808383307496&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343184&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzwrtkt7vjmfnec8khpd0y3kn1yvttwn5d2y2083k1hfvy1h87fd7akrdw9tyn66ve8w2cbeprgc1sqk6wtjdppbrmjn80j4zxye0s7zzbaqhhby6gmk8y68vz9xqrznf93k3xz3wyqgwmy0h8rhvzmw5646j1rrr8fs4zwkscdq31t6bqd99fs9z04n8spsh1t2vjkxxc96zx2pzd5336ydfgy0b5q8et3ep3q63zy9mypva06p46tbq1ygj7d61apwrsq9jjztd8jqvp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSUGxxp87ZenII4XK6gSw_L7wCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCtNCCGX-5sT6oAwHIAwKqBIcCT9B-ZmKZXeyy1EzwMawzcCmoJPwu_qMUAyBTRy0WZYOg53mDYn40uCixNDAYTyqdl7iS_G4jA7V2RzDktIozolcmQol47Si_-TBubrNFVuNeaGaeDtri5axG50FjTc8Qr36optuokzgazmpZTzXdCYyRgHLX0SdwN6B4Gqmu1u7QkLRBqyGFCTxOLRbrBf0A3AtAol6uDAKcSe09z97W1hjTSoPQBPZpFiBhQc3n7pNPqTR91d3jw_S5EWNe4hauNOAZ0N_LOqPPrldvw6McFs7x1OG2rAH7IQ2xGb5mF-KbYqYeNIaMQyA1uLCzGMHuxM2UY-6L88Lw4ttUUGpZLE0PaG0bCyuABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_009JdYl7-E1h3hkpkG5wLRaQ2QaA%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b3b8d497a37a08513b7a3069ca43ad12755983eda42c4bc34364c74337f6287

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1227905
cf-polished: origSize=132437
alt-svc: h3=":443"; ma=86400
content-length: 124245
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Oct 2023 17:19:17 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pEFcZtNB2%2FWG16GG0O%2BhU%2FKWwqmNHp8D7vp9%2Bqm5eioWjr%2F6sU11HRr02%2BaUuvKm5sGNg7j01OPqWY6VFBnlF0F%2BIgDroOvluedQmEHJrWhkvi1flv%2BdJJEcy0lVS2%2B%2BFbs67VNpmFaYwuLC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 81ca9e3daa912c4b-FRA

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame F422
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=COLhndaQloIDFaeJ_Qcd65EB4g;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023102713322390048505163X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Ne...

49 B
1 KB

134ms
24ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023102713322390048505163X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023102713322390048505163X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C19491&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=ee367f44e9ed3ac4cd5ed7381ff40a42%2F17095224808383307496&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343184&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzwrtkt7vjmfnec8khpd0y3kn1yvttwn5d2y2083k1hfvy1h87fd7akrdw9tyn66ve8w2cbeprgc1sqk6wtjdppbrmjn80j4zxye0s7zzbaqhhby6gmk8y68vz9xqrznf93k3xz3wyqgwmy0h8rhvzmw5646j1rrr8fs4zwkscdq31t6bqd99fs9z04n8spsh1t2vjkxxc96zx2pzd5336ydfgy0b5q8et3ep3q63zy9mypva06p46tbq1ygj7d61apwrsq9jjztd8jqvp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSUGxxp87ZenII4XK6gSw_L7wCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCtNCCGX-5sT6oAwHIAwKqBIcCT9B-ZmKZXeyy1EzwMawzcCmoJPwu_qMUAyBTRy0WZYOg53mDYn40uCixNDAYTyqdl7iS_G4jA7V2RzDktIozolcmQol47Si_-TBubrNFVuNeaGaeDtri5axG50FjTc8Qr36optuokzgazmpZTzXdCYyRgHLX0SdwN6B4Gqmu1u7QkLRBqyGFCTxOLRbrBf0A3AtAol6uDAKcSe09z97W1hjTSoPQBPZpFiBhQc3n7pNPqTR91d3jw_S5EWNe4hauNOAZ0N_LOqPPrldvw6McFs7x1OG2rAH7IQ2xGb5mF-KbYqYeNIaMQyA1uLCzGMHuxM2UY-6L88Lw4ttUUGpZLE0PaG0bCyuABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_009JdYl7-E1h3hkpkG5wLRaQ2QaA%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 11:32:23 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023102713322390048505163X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023102713322390048505163X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
date: Fri, 27 Oct 2023 11:32:23 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame F422 9 KB
9 KB 54ms
40ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C19491&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=ee367f44e9ed3ac4cd5ed7381ff40a42%2F17095224808383307496&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343184&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzwrtkt7vjmfnec8khpd0y3kn1yvttwn5d2y2083k1hfvy1h87fd7akrdw9tyn66ve8w2cbeprgc1sqk6wtjdppbrmjn80j4zxye0s7zzbaqhhby6gmk8y68vz9xqrznf93k3xz3wyqgwmy0h8rhvzmw5646j1rrr8fs4zwkscdq31t6bqd99fs9z04n8spsh1t2vjkxxc96zx2pzd5336ydfgy0b5q8et3ep3q63zy9mypva06p46tbq1ygj7d61apwrsq9jjztd8jqvp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSUGxxp87ZenII4XK6gSw_L7wCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCtNCCGX-5sT6oAwHIAwKqBIcCT9B-ZmKZXeyy1EzwMawzcCmoJPwu_qMUAyBTRy0WZYOg53mDYn40uCixNDAYTyqdl7iS_G4jA7V2RzDktIozolcmQol47Si_-TBubrNFVuNeaGaeDtri5axG50FjTc8Qr36optuokzgazmpZTzXdCYyRgHLX0SdwN6B4Gqmu1u7QkLRBqyGFCTxOLRbrBf0A3AtAol6uDAKcSe09z97W1hjTSoPQBPZpFiBhQc3n7pNPqTR91d3jw_S5EWNe4hauNOAZ0N_LOqPPrldvw6McFs7x1OG2rAH7IQ2xGb5mF-KbYqYeNIaMQyA1uLCzGMHuxM2UY-6L88Lw4ttUUGpZLE0PaG0bCyuABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_009JdYl7-E1h3hkpkG5wLRaQ2QaA%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 229731
cf-polished: origFmt=png, origSize=24833
alt-svc: h3=":443"; ma=86400
content-length: 9258
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Oct 2023 15:37:50 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEUOU6R2dVta%2B54zm04LdNdmK7%2BnAsP4gExJujBR78DCX%2FL%2BKUkAixV9%2FlEyY8fTXu5GuKXlODTWK3GLu79dXNoUyMRNMwwTn%2FpgFqZs7DNsST3tRQa4z5P2%2Fnr7glyhRmk1t5Gt0Q%2F6wuty"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 81ca9e3daa922c4b-FRA

GET
H2 200 51ECFC013A5F4D4C3D4DC1C255BF8F138C8B8A67556A0A34EA7C631900B254A0EB5547C19BAB6B3133A765FC8201B8BDAD0A142C2E2304A3FBDC1210CDE43179
assets.ad4m.at/ Frame F422 21 KB
22 KB 60ms
46ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/51ECFC013A5F4D4C3D4DC1C255BF8F138C8B8A67556A0A34EA7C631900B254A0EB5547C19BAB6B3133A765FC8201B8BDAD0A142C2E2304A3FBDC1210CDE43179
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C19491&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=ee367f44e9ed3ac4cd5ed7381ff40a42%2F17095224808383307496&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343184&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzwrtkt7vjmfnec8khpd0y3kn1yvttwn5d2y2083k1hfvy1h87fd7akrdw9tyn66ve8w2cbeprgc1sqk6wtjdppbrmjn80j4zxye0s7zzbaqhhby6gmk8y68vz9xqrznf93k3xz3wyqgwmy0h8rhvzmw5646j1rrr8fs4zwkscdq31t6bqd99fs9z04n8spsh1t2vjkxxc96zx2pzd5336ydfgy0b5q8et3ep3q63zy9mypva06p46tbq1ygj7d61apwrsq9jjztd8jqvp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSUGxxp87ZenII4XK6gSw_L7wCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCtNCCGX-5sT6oAwHIAwKqBIcCT9B-ZmKZXeyy1EzwMawzcCmoJPwu_qMUAyBTRy0WZYOg53mDYn40uCixNDAYTyqdl7iS_G4jA7V2RzDktIozolcmQol47Si_-TBubrNFVuNeaGaeDtri5axG50FjTc8Qr36optuokzgazmpZTzXdCYyRgHLX0SdwN6B4Gqmu1u7QkLRBqyGFCTxOLRbrBf0A3AtAol6uDAKcSe09z97W1hjTSoPQBPZpFiBhQc3n7pNPqTR91d3jw_S5EWNe4hauNOAZ0N_LOqPPrldvw6McFs7x1OG2rAH7IQ2xGb5mF-KbYqYeNIaMQyA1uLCzGMHuxM2UY-6L88Lw4ttUUGpZLE0PaG0bCyuABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_009JdYl7-E1h3hkpkG5wLRaQ2QaA%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 898cc34145b02cc0c7d1133d0e3c67ff1f21ac368259a738ac97fb9b957831d8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1227903
cf-polished: origSize=24400
alt-svc: h3=":443"; ma=86400
content-length: 21702
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Oct 2023 13:43:37 GMT
server: cloudflare
etag: "e134bc76c0143a9a962b7159f7d67151"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hl5FkGFbomjJqyj29k%2FFxkAd1%2FLq0n3aAJqK4L%2B6J4E7CYAxwP33YIhiZRXA6kh%2FCpM5d1r3gYPJpM1IvXyOOUKEN9s3NP40xJGpBya01hau%2BCnls5IOK21OFRR6uFl6ZIYOBKopKuJhk0y6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 81ca9e3dba9e2c4b-FRA

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame F422
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CMTindaQloIDFdmh_QcdOWQJ8g;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023102713322390048505165X113752V1225131106MSviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netm...

49 B
1 KB

132ms
23ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023102713322390048505165X113752V1225131106MSviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C19491&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=ee367f44e9ed3ac4cd5ed7381ff40a42%2F17095224808383307496&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343184&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzwrtkt7vjmfnec8khpd0y3kn1yvttwn5d2y2083k1hfvy1h87fd7akrdw9tyn66ve8w2cbeprgc1sqk6wtjdppbrmjn80j4zxye0s7zzbaqhhby6gmk8y68vz9xqrznf93k3xz3wyqgwmy0h8rhvzmw5646j1rrr8fs4zwkscdq31t6bqd99fs9z04n8spsh1t2vjkxxc96zx2pzd5336ydfgy0b5q8et3ep3q63zy9mypva06p46tbq1ygj7d61apwrsq9jjztd8jqvp0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSUGxxp87ZenII4XK6gSw_L7wCpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCtNCCGX-5sT6oAwHIAwKqBIcCT9B-ZmKZXeyy1EzwMawzcCmoJPwu_qMUAyBTRy0WZYOg53mDYn40uCixNDAYTyqdl7iS_G4jA7V2RzDktIozolcmQol47Si_-TBubrNFVuNeaGaeDtri5axG50FjTc8Qr36optuokzgazmpZTzXdCYyRgHLX0SdwN6B4Gqmu1u7QkLRBqyGFCTxOLRbrBf0A3AtAol6uDAKcSe09z97W1hjTSoPQBPZpFiBhQc3n7pNPqTR91d3jw_S5EWNe4hauNOAZ0N_LOqPPrldvw6McFs7x1OG2rAH7IQ2xGb5mF-KbYqYeNIaMQyA1uLCzGMHuxM2UY-6L88Lw4ttUUGpZLE0PaG0bCyuABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_009JdYl7-E1h3hkpkG5wLRaQ2QaA%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Fri, 27 Oct 2023 11:32:23 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023102713322390048505165X113752V1225131106MSviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
date: Fri, 27 Oct 2023 11:32:23 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 48ms
47ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231025&jk=1060563691961383&bg=!ODulO3TNAAbo5yKYyOc7ADQBe5WfOJP7pqlVvcMiiCBhXrPKYxdcg4_g50O5qIvA1eodD1HMf4Qp5YekZinYIZUfIcbsAgAAAEhSAAAAAmgBBwoAL9tKHxQUP4CPsnFgZkto_LRwJBK6GYQpna60aoJAfq-Pul8ITrtvvtk23nLGdKd3mQLa6tvChBbOQ653gpEMnoO9CBWJfxXLrjvJJFejaatKLSjVuynkeriYPk65ukAjFvCAC7QZ9b8WdTsA-865PTpztHzqjh7EfyYv4yrU9OTAE1d0ABeK3gw0ROeUpC8z4W9z-6SldNosKDbkiQfxePMwpIBk46q3nMfZa__HQ65oXo006GEfBJzkJMcy_9Ruq0kprPQ-CgAL6OTF9rXROTF6z7gGeoClfc68oK17lJRwNbQyKxTCU3Ux6BjMX_IM40GVqna-Fwa8KrSlr6-uUmQ-YDPg4sZ0ZGUsWrHnMK73SkqBXmGNYodMnUede1rq5jJNu7jm91bbcoJMqqapoOzxwz9SW0ysH5cTpjPqIiQp_j4V-nk5Mcx0nK_b9cWPgsqcBjL4C8c34Ia0rDCiMfnAVxT3FVE5cza3r5Xgplsjrkd28wwuAb0oDmWg9e6AokwrZVXacQgem3dXAVCybOge6ACh4uEi8IKUIPqTONXYSBSUXROQfjU4STghyyFIkB-WqM3AoGupS9-n0foTy40a9MPK-7ImKiEINyMawqUnoJzQ3uxsPLHDA8bAnTgaxIzMoC2Edb0eR5Ana3m9euPfkXoV0spy3oZ1BI9aAHaoi5JcA-yqRDk4l2gJoqbfMpBTRtLplZpNGOKQ7N8xTny2C6F7fYJPMRlrON3mVqOpHWbXPwcugS7WA_McSAH68TuoiWlcczcxo3_U8m5NIlTb8zA-Of7vpxf9hLPMvuMqXZdyeExEG_jgMj-kTwoxwiJaf8MmE85Xyo9pb_OjYsHTphfO6ccp9HPiwsdgWLyyPk48S8_8-chPrhe0WMIeNKcHafOsWlKJlc2ViM0lSGfulFX9bVVx4YlQoQQYK6Fykib-gx6V6Xm_p_TVV1uB-ETvFXMvOQphuNv3H89groAH6F-yvMfTPpVzieGmB5Dx14M-mjjXabXZ1uMSWY5XxI7GHFF4v275Sqhxow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.habseyesontheprize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 24E2 3 KB
3 KB 24ms
23ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3495
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5AHwYCrhPvUc6996ZFsqAXLRRvzCFXh2mTVDF85upoZqzsz1MBe4wGO0fLHtwfZ6%2BwJWTIFX867pkNKD0k%2F55R%2BOXwEFnTQUJONss9r1ItkD9J%2BAZxnZyMG7bZpRJG1ddudFxiyWB%2BDQ%2B%2Bdw8VDUyVIn"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 81ca9e3d9831bbec-FRA
expires: Fri, 27 Oct 2023 11:21:17 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame F749 2 KB
2 KB 26ms
26ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 858514
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 81ca9e3d9bf11cbd-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 27 Oct 2023 11:32:23 GMT
expires: Tue, 17 Oct 2023 13:36:06 GMT
last-modified: Tue, 17 Oct 2023 09:43:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xOpJkKGk9rbzwREMFzelBpeNQ9JIulS1%2FtalSnGMC3LYX7ca7typbH6oE6votrLb40kY5zJTVr%2BIAr4hn9booeDf8pYzI62ZnvzK%2BM4u7Mxy5Lov8XpZmPdYsJA9co2E81SrbY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame A884 115 KB
14 KB 27ms
27ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=3fae36ae061d446c5b2ccde96e22107a%2F9172787288021173686&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz0623mkeny9hdfqsq87d2g41v3m132h16mvg46fza77j01sp71xczkby0zcnscajc6m39dqn9trb5cwg7e6nvbdp4n5afmn83se490yfmdm0pw9k7nq3zpnaxw4hnz09exhqef9azhw3tq0hkbrq4n9t0x3t7exvwgt1bdt52an6fe7bdvqv3mjs2zr5mrzrdhqmra1rrr4zghtr48tcm11sf2eb8jxq3ks3ej7bfg14q9d8mbh9c21d6wpgpea76a9pjvatdrwxzt525g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpw70xp87ZdaHI4a97gTX1KewB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9BhxQm0MMEFJSvs2WN3UC6Jcg5aDuMwKD5mte0fySaEG8DPT6BfUmSTI5BFdRA4W-tormxBXkFYYbJSvt9PenBFDi-IgOwwklJfouIRBdBnradwd5zTqCopPYg1UHaz2Zxj1RNgzgAlY4XAa-jT_XN8pHyeqI8lVoq0QxcO_2AZGUL56V4kHWuAphd261rNWyL11cv03mWSr3msICyjsU7yuKY0cFqY8x7GRiFTBZJHoetZh2z2iUuV6Y5hyMpjyLAtU8UUGhYEp05nYgRKXVWnrv1G5yR0gRRhLuy357ZPB5bbT9fkcE-CSMnWKR89nI5aCOblqPGnQAsiWuls_kLLKrf4L9eABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_32CiART-WNyOqdCjL2INramiTOCQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=3fae36ae061d446c5b2ccde96e22107a%2F9172787288021173686&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz0623mkeny9hdfqsq87d2g41v3m132h16mvg46fza77j01sp71xczkby0zcnscajc6m39dqn9trb5cwg7e6nvbdp4n5afmn83se490yfmdm0pw9k7nq3zpnaxw4hnz09exhqef9azhw3tq0hkbrq4n9t0x3t7exvwgt1bdt52an6fe7bdvqv3mjs2zr5mrzrdhqmra1rrr4zghtr48tcm11sf2eb8jxq3ks3ej7bfg14q9d8mbh9c21d6wpgpea76a9pjvatdrwxzt525g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpw70xp87ZdaHI4a97gTX1KewB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9BhxQm0MMEFJSvs2WN3UC6Jcg5aDuMwKD5mte0fySaEG8DPT6BfUmSTI5BFdRA4W-tormxBXkFYYbJSvt9PenBFDi-IgOwwklJfouIRBdBnradwd5zTqCopPYg1UHaz2Zxj1RNgzgAlY4XAa-jT_XN8pHyeqI8lVoq0QxcO_2AZGUL56V4kHWuAphd261rNWyL11cv03mWSr3msICyjsU7yuKY0cFqY8x7GRiFTBZJHoetZh2z2iUuV6Y5hyMpjyLAtU8UUGhYEp05nYgRKXVWnrv1G5yR0gRRhLuy357ZPB5bbT9fkcE-CSMnWKR89nI5aCOblqPGnQAsiWuls_kLLKrf4L9eABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_32CiART-WNyOqdCjL2INramiTOCQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18304
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Sep 2023 09:43:56 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMvDzEJsQ54Cb93ivsXSurjVBbpW1aiBYfZoDFB%2Blven%2Bn9O6jd0jTRvTodc%2FXuEZ2637uY1UXOFu9XUgaVD%2F7bveBoyUBTmI9bs4rHe9Q%2Fc2MzNDLSdoGZwu7%2BEoMockuIZipsgUns%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 81ca9e3d9bf41cbd-FRA
expires: Fri, 27 Oct 2023 12:32:23 GMT

GET
H2 200 63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
assets.ad4m.at/logo/ Frame A884 8 KB
8 KB 46ms
39ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=3fae36ae061d446c5b2ccde96e22107a%2F9172787288021173686&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz0623mkeny9hdfqsq87d2g41v3m132h16mvg46fza77j01sp71xczkby0zcnscajc6m39dqn9trb5cwg7e6nvbdp4n5afmn83se490yfmdm0pw9k7nq3zpnaxw4hnz09exhqef9azhw3tq0hkbrq4n9t0x3t7exvwgt1bdt52an6fe7bdvqv3mjs2zr5mrzrdhqmra1rrr4zghtr48tcm11sf2eb8jxq3ks3ej7bfg14q9d8mbh9c21d6wpgpea76a9pjvatdrwxzt525g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpw70xp87ZdaHI4a97gTX1KewB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9BhxQm0MMEFJSvs2WN3UC6Jcg5aDuMwKD5mte0fySaEG8DPT6BfUmSTI5BFdRA4W-tormxBXkFYYbJSvt9PenBFDi-IgOwwklJfouIRBdBnradwd5zTqCopPYg1UHaz2Zxj1RNgzgAlY4XAa-jT_XN8pHyeqI8lVoq0QxcO_2AZGUL56V4kHWuAphd261rNWyL11cv03mWSr3msICyjsU7yuKY0cFqY8x7GRiFTBZJHoetZh2z2iUuV6Y5hyMpjyLAtU8UUGhYEp05nYgRKXVWnrv1G5yR0gRRhLuy357ZPB5bbT9fkcE-CSMnWKR89nI5aCOblqPGnQAsiWuls_kLLKrf4L9eABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_32CiART-WNyOqdCjL2INramiTOCQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15cc42ec2a3a08dc0566d2f71a13e462fa764a4390c7d96870b71fd2cf6ff513

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 234391
cf-polished: origFmt=png, origSize=12956
alt-svc: h3=":443"; ma=86400
content-length: 7692
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Oct 2023 15:47:47 GMT
server: cloudflare
etag: "c6c297b07f296b60586b8613b6e9b5cd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QxrYJBosqSmLdZsIQNwbFwz0ih6L2VIW1vnjTuRSMdBjO8N6lS2k98O820Vvh1EEXyTu7DRSjpGeAF5miD8dsHgxe5FhRw3GzvBhiDeTWUN22tLJSbyp0VjwTOD%2BaL6d3AuMQ0H47M1TiWk"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 81ca9e3daa872c4b-FRA

GET
H2 200 A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
assets.ad4m.at/product_image/ Frame A884 173 KB
174 KB 46ms
40ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=3fae36ae061d446c5b2ccde96e22107a%2F9172787288021173686&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz0623mkeny9hdfqsq87d2g41v3m132h16mvg46fza77j01sp71xczkby0zcnscajc6m39dqn9trb5cwg7e6nvbdp4n5afmn83se490yfmdm0pw9k7nq3zpnaxw4hnz09exhqef9azhw3tq0hkbrq4n9t0x3t7exvwgt1bdt52an6fe7bdvqv3mjs2zr5mrzrdhqmra1rrr4zghtr48tcm11sf2eb8jxq3ks3ej7bfg14q9d8mbh9c21d6wpgpea76a9pjvatdrwxzt525g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpw70xp87ZdaHI4a97gTX1KewB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9BhxQm0MMEFJSvs2WN3UC6Jcg5aDuMwKD5mte0fySaEG8DPT6BfUmSTI5BFdRA4W-tormxBXkFYYbJSvt9PenBFDi-IgOwwklJfouIRBdBnradwd5zTqCopPYg1UHaz2Zxj1RNgzgAlY4XAa-jT_XN8pHyeqI8lVoq0QxcO_2AZGUL56V4kHWuAphd261rNWyL11cv03mWSr3msICyjsU7yuKY0cFqY8x7GRiFTBZJHoetZh2z2iUuV6Y5hyMpjyLAtU8UUGhYEp05nYgRKXVWnrv1G5yR0gRRhLuy357ZPB5bbT9fkcE-CSMnWKR89nI5aCOblqPGnQAsiWuls_kLLKrf4L9eABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_32CiART-WNyOqdCjL2INramiTOCQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afa87a08f3b85e7008e6c3b6e5303b729731867e2a9791874672ec419ab04060

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 238227
cf-polished: origFmt=png, origSize=200124
alt-svc: h3=":443"; ma=86400
content-length: 177422
cf-bgj: imgq:100,h2pri
last-modified: Mon, 16 Oct 2023 08:45:07 GMT
server: cloudflare
etag: "98f42590c0963c6bfe055b7da3e47f1d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2oEdGhtRwBKVUfB7U99inwIzGv9qeTCyDvTtdu%2F82jNpAyo0lQ6c84NuBnktIkRZ4a8cj%2BkQY0N1tYA7eAJJM%2B9%2FsLwgMJp6Y4r9KlszqmsT29%2FEaf3UPadYGpujOIriNpryXWr70sgOzl6s"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 81ca9e3daa882c4b-FRA

GET
H2 200 63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
assets.ad4m.at/logo/ Frame A884 6 KB
6 KB 46ms
40ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=3fae36ae061d446c5b2ccde96e22107a%2F9172787288021173686&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz0623mkeny9hdfqsq87d2g41v3m132h16mvg46fza77j01sp71xczkby0zcnscajc6m39dqn9trb5cwg7e6nvbdp4n5afmn83se490yfmdm0pw9k7nq3zpnaxw4hnz09exhqef9azhw3tq0hkbrq4n9t0x3t7exvwgt1bdt52an6fe7bdvqv3mjs2zr5mrzrdhqmra1rrr4zghtr48tcm11sf2eb8jxq3ks3ej7bfg14q9d8mbh9c21d6wpgpea76a9pjvatdrwxzt525g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpw70xp87ZdaHI4a97gTX1KewB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9BhxQm0MMEFJSvs2WN3UC6Jcg5aDuMwKD5mte0fySaEG8DPT6BfUmSTI5BFdRA4W-tormxBXkFYYbJSvt9PenBFDi-IgOwwklJfouIRBdBnradwd5zTqCopPYg1UHaz2Zxj1RNgzgAlY4XAa-jT_XN8pHyeqI8lVoq0QxcO_2AZGUL56V4kHWuAphd261rNWyL11cv03mWSr3msICyjsU7yuKY0cFqY8x7GRiFTBZJHoetZh2z2iUuV6Y5hyMpjyLAtU8UUGhYEp05nYgRKXVWnrv1G5yR0gRRhLuy357ZPB5bbT9fkcE-CSMnWKR89nI5aCOblqPGnQAsiWuls_kLLKrf4L9eABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_32CiART-WNyOqdCjL2INramiTOCQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 236961
cf-polished: origFmt=png, origSize=15890
alt-svc: h3=":443"; ma=86400
content-length: 6208
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Oct 2023 15:47:47 GMT
server: cloudflare
etag: "be722651a81e6407bdfd83394a59e232"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSTUm7g9FoYv6O0T5t7NG5cAsQCmQZa1WKkmeEyIepDT8sUgmAxhyU%2B9ScFlh8Dlw4ZODzwEpw%2FSovyr4Nbj1RyIwD0TDHRUlKdBJp0G9pKRlzEBiJeC9EcLSBaVeaz2pz4qEe1yYOxQoZc2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 81ca9e3daa8a2c4b-FRA

GET
H2 200 1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
assets.ad4m.at/product_image/ Frame A884 23 KB
23 KB 47ms
41ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=3fae36ae061d446c5b2ccde96e22107a%2F9172787288021173686&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz0623mkeny9hdfqsq87d2g41v3m132h16mvg46fza77j01sp71xczkby0zcnscajc6m39dqn9trb5cwg7e6nvbdp4n5afmn83se490yfmdm0pw9k7nq3zpnaxw4hnz09exhqef9azhw3tq0hkbrq4n9t0x3t7exvwgt1bdt52an6fe7bdvqv3mjs2zr5mrzrdhqmra1rrr4zghtr48tcm11sf2eb8jxq3ks3ej7bfg14q9d8mbh9c21d6wpgpea76a9pjvatdrwxzt525g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpw70xp87ZdaHI4a97gTX1KewB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9BhxQm0MMEFJSvs2WN3UC6Jcg5aDuMwKD5mte0fySaEG8DPT6BfUmSTI5BFdRA4W-tormxBXkFYYbJSvt9PenBFDi-IgOwwklJfouIRBdBnradwd5zTqCopPYg1UHaz2Zxj1RNgzgAlY4XAa-jT_XN8pHyeqI8lVoq0QxcO_2AZGUL56V4kHWuAphd261rNWyL11cv03mWSr3msICyjsU7yuKY0cFqY8x7GRiFTBZJHoetZh2z2iUuV6Y5hyMpjyLAtU8UUGhYEp05nYgRKXVWnrv1G5yR0gRRhLuy357ZPB5bbT9fkcE-CSMnWKR89nI5aCOblqPGnQAsiWuls_kLLKrf4L9eABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_32CiART-WNyOqdCjL2INramiTOCQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa0d188cc9b96562f21569f0405229c03c06bd4660f18865af4ccb71c8b8f3ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1227902
cf-polished: origSize=25987
alt-svc: h3=":443"; ma=86400
content-length: 23588
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Oct 2023 15:50:08 GMT
server: cloudflare
etag: "d40ef49dd0a29ca0e7601d1b405d4d78"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JyNzejMDgnUEo3klBSkcFP%2FISloOnMzfVoWp%2FcZZC2sjbehi29I9e5ugYwmbfEoztmeyEsVKYSAPVvjXwlq8ve%2BVgGxmMZI6%2F6eIt5eEiZ5hAN%2BP19zX9QltJ5OoD2h7VnFUQQeCbn8yLE4M"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 81ca9e3daa8c2c4b-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame A884 43 B
702 B 103ms
53ms Image
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2629118&v=19228&q=388274&r=412871&pv=1&pref3=oneid2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcgoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=3fae36ae061d446c5b2ccde96e22107a%2F9172787288021173686&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz0623mkeny9hdfqsq87d2g41v3m132h16mvg46fza77j01sp71xczkby0zcnscajc6m39dqn9trb5cwg7e6nvbdp4n5afmn83se490yfmdm0pw9k7nq3zpnaxw4hnz09exhqef9azhw3tq0hkbrq4n9t0x3t7exvwgt1bdt52an6fe7bdvqv3mjs2zr5mrzrdhqmra1rrr4zghtr48tcm11sf2eb8jxq3ks3ej7bfg14q9d8mbh9c21d6wpgpea76a9pjvatdrwxzt525g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpw70xp87ZdaHI4a97gTX1KewB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9BhxQm0MMEFJSvs2WN3UC6Jcg5aDuMwKD5mte0fySaEG8DPT6BfUmSTI5BFdRA4W-tormxBXkFYYbJSvt9PenBFDi-IgOwwklJfouIRBdBnradwd5zTqCopPYg1UHaz2Zxj1RNgzgAlY4XAa-jT_XN8pHyeqI8lVoq0QxcO_2AZGUL56V4kHWuAphd261rNWyL11cv03mWSr3msICyjsU7yuKY0cFqY8x7GRiFTBZJHoetZh2z2iUuV6Y5hyMpjyLAtU8UUGhYEp05nYgRKXVWnrv1G5yR0gRRhLuy357ZPB5bbT9fkcE-CSMnWKR89nI5aCOblqPGnQAsiWuls_kLLKrf4L9eABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_32CiART-WNyOqdCjL2INramiTOCQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Oct 2023 11:32:23 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
assets.ad4m.at/logo/ Frame A884 10 KB
10 KB 46ms
40ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=3fae36ae061d446c5b2ccde96e22107a%2F9172787288021173686&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz0623mkeny9hdfqsq87d2g41v3m132h16mvg46fza77j01sp71xczkby0zcnscajc6m39dqn9trb5cwg7e6nvbdp4n5afmn83se490yfmdm0pw9k7nq3zpnaxw4hnz09exhqef9azhw3tq0hkbrq4n9t0x3t7exvwgt1bdt52an6fe7bdvqv3mjs2zr5mrzrdhqmra1rrr4zghtr48tcm11sf2eb8jxq3ks3ej7bfg14q9d8mbh9c21d6wpgpea76a9pjvatdrwxzt525g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpw70xp87ZdaHI4a97gTX1KewB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9BhxQm0MMEFJSvs2WN3UC6Jcg5aDuMwKD5mte0fySaEG8DPT6BfUmSTI5BFdRA4W-tormxBXkFYYbJSvt9PenBFDi-IgOwwklJfouIRBdBnradwd5zTqCopPYg1UHaz2Zxj1RNgzgAlY4XAa-jT_XN8pHyeqI8lVoq0QxcO_2AZGUL56V4kHWuAphd261rNWyL11cv03mWSr3msICyjsU7yuKY0cFqY8x7GRiFTBZJHoetZh2z2iUuV6Y5hyMpjyLAtU8UUGhYEp05nYgRKXVWnrv1G5yR0gRRhLuy357ZPB5bbT9fkcE-CSMnWKR89nI5aCOblqPGnQAsiWuls_kLLKrf4L9eABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_32CiART-WNyOqdCjL2INramiTOCQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242168
cf-polished: origFmt=png, origSize=16618
alt-svc: h3=":443"; ma=86400
content-length: 9924
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Oct 2023 15:48:46 GMT
server: cloudflare
etag: "4cd9dc474d501ed5668738ba6819e1e6"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xk9OnU%2BqaN5qJli3%2BelL1ehzRC509LX8E2jzkAQKyMoFaCBBSXZfgoEM%2Bm1RXg1GpVqGDldJJmz0l0EJMHShZ8V7doeTc3aOz833j2Npby%2BsDvY%2Fb9y7vjQH%2FIs4Plt7WP3Kl0t96YF6K167"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 81ca9e3daa8e2c4b-FRA

GET
H2 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame A884 76 KB
76 KB 46ms
41ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=3fae36ae061d446c5b2ccde96e22107a%2F9172787288021173686&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz0623mkeny9hdfqsq87d2g41v3m132h16mvg46fza77j01sp71xczkby0zcnscajc6m39dqn9trb5cwg7e6nvbdp4n5afmn83se490yfmdm0pw9k7nq3zpnaxw4hnz09exhqef9azhw3tq0hkbrq4n9t0x3t7exvwgt1bdt52an6fe7bdvqv3mjs2zr5mrzrdhqmra1rrr4zghtr48tcm11sf2eb8jxq3ks3ej7bfg14q9d8mbh9c21d6wpgpea76a9pjvatdrwxzt525g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpw70xp87ZdaHI4a97gTX1KewB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9BhxQm0MMEFJSvs2WN3UC6Jcg5aDuMwKD5mte0fySaEG8DPT6BfUmSTI5BFdRA4W-tormxBXkFYYbJSvt9PenBFDi-IgOwwklJfouIRBdBnradwd5zTqCopPYg1UHaz2Zxj1RNgzgAlY4XAa-jT_XN8pHyeqI8lVoq0QxcO_2AZGUL56V4kHWuAphd261rNWyL11cv03mWSr3msICyjsU7yuKY0cFqY8x7GRiFTBZJHoetZh2z2iUuV6Y5hyMpjyLAtU8UUGhYEp05nYgRKXVWnrv1G5yR0gRRhLuy357ZPB5bbT9fkcE-CSMnWKR89nI5aCOblqPGnQAsiWuls_kLLKrf4L9eABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_32CiART-WNyOqdCjL2INramiTOCQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24991e95e1cb00322aaeb7537f47b0137d9ea239ea28c3a365971fd8a19a93d8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 566362
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 77801
cf-bgj: imgq:100,h2pri
last-modified: Fri, 20 Oct 2023 22:12:42 GMT
server: cloudflare
etag: "38731a64375456a133440b0e806c3f9e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTb7u%2Fs8%2BrwvGQBJdRrFkXtDXE0Y0%2Bxah%2F3LBNfn63AmElM1%2FNoUUPsRq9nkrrYXcxd0L40tQd65ZuF%2FVs7M3Xi83Z1goo%2FP4NGudurSdi9JHsbkGlszvARoWHVpYxM7jfKH4%2BF80tnhDhQY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 81ca9e3dbaa02c4b-FRA

POST
H3 200 rs Show response
ad4m.at/ Frame 24E2 2 KB
2 KB 38ms
37ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01183ef45750d92a2838d6b62094427a3d019bc12c6a65737ef92385ba123f26

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxZGgUaqd%2BGW3UTVDIwWUcWFt1DmmF0aSWOBfmBxgXGO92rh0%2FGoMapcz55NdNQzjF%2FIP%2Fni%2BW6vB7AS%2BHjYJByZCS%2FHRbuzLz1otKwshyob7q1iYuKdYljy%2FBtEec9RuDJWpVU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 81ca9e3e1bed4d85-FRA
x-backend-server: aa-reachservice-group-europe-west1-fwqs
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 37ms
37ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81ca9e3ddb8f4d85-FRA
content-length: 24
content-type: text/plain
date: Fri, 27 Oct 2023 11:32:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3QnZjSKFFnjmtK5gm1cWBn75Rggj6J7zWepxEMnNss4wtFJ%2BDuSqRh8hsP19%2B4%2BZ1gorA4aG6kU66g8tNJCZZFkdKlsR361UpeP7ntFsJ1XnT6iP%2B5Q0r3xJZ%2BtygZTM6ogQuY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-fwqs

GET
H2 429 link.html
track.webgains.com/ Frame A884 0
0 120ms
29ms Script
text/html 18.135.30.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ht7y0hqg97f7xz71kwczttgdhztwwd0a7bqkgeba6cs2hd0xhta568ecdte21qfp3s8xmjtvs6agh3ejztct0nhz9sgs1b9ajrz0b3tzbkkrtc3cqyqrvma8wbzghbx8z50x1vamefsdw82v3e0qyz85h4w26j8hxdsrfamw3j3x3w5tdht48051gtawhvjtamja5tgt5j4n7bad9qk9vhd8z8xx2f4dypq9s5c3vvbe2aa1zx7t0d1fx9598stnvk0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hz0623mkeny9hdfqsq87d2g41v3m132h16mvg46fza77j01sp71xczkby0zcnscajc6m39dqn9trb5cwg7e6nvbdp4n5afmn83se490yfmdm0pw9k7nq3zpnaxw4hnz09exhqef9azhw3tq0hkbrq4n9t0x3t7exvwgt1bdt52an6fe7bdvqv3mjs2zr5mrzrdhqmra1rrr4zghtr48tcm11sf2eb8jxq3ks3ej7bfg14q9d8mbh9c21d6wpgpea76a9pjvatdrwxzt525g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpw70xp87ZdaHI4a97gTX1KewB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9BhxQm0MMEFJSvs2WN3UC6Jcg5aDuMwKD5mte0fySaEG8DPT6BfUmSTI5BFdRA4W-tormxBXkFYYbJSvt9PenBFDi-IgOwwklJfouIRBdBnradwd5zTqCopPYg1UHaz2Zxj1RNgzgAlY4XAa-jT_XN8pHyeqI8lVoq0QxcO_2AZGUL56V4kHWuAphd261rNWyL11cv03mWSr3msICyjsU7yuKY0cFqY8x7GRiFTBZJHoetZh2z2iUuV6Y5hyMpjyLAtU8UUGhYEp05nYgRKXVWnrv1G5yR0gRRhLuy357ZPB5bbT9fkcE-CSMnWKR89nI5aCOblqPGnQAsiWuls_kLLKrf4L9eABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_32CiART-WNyOqdCjL2INramiTOCQ%252526client%25253Dca-pub-9011305505618306%252526adurl%25253D&clickref=oneidApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9oneid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7oneid__suite_Netmix_Reach13_BlackFridayPush
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=3fae36ae061d446c5b2ccde96e22107a%2F9172787288021173686&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz0623mkeny9hdfqsq87d2g41v3m132h16mvg46fza77j01sp71xczkby0zcnscajc6m39dqn9trb5cwg7e6nvbdp4n5afmn83se490yfmdm0pw9k7nq3zpnaxw4hnz09exhqef9azhw3tq0hkbrq4n9t0x3t7exvwgt1bdt52an6fe7bdvqv3mjs2zr5mrzrdhqmra1rrr4zghtr48tcm11sf2eb8jxq3ks3ej7bfg14q9d8mbh9c21d6wpgpea76a9pjvatdrwxzt525g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpw70xp87ZdaHI4a97gTX1KewB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9BhxQm0MMEFJSvs2WN3UC6Jcg5aDuMwKD5mte0fySaEG8DPT6BfUmSTI5BFdRA4W-tormxBXkFYYbJSvt9PenBFDi-IgOwwklJfouIRBdBnradwd5zTqCopPYg1UHaz2Zxj1RNgzgAlY4XAa-jT_XN8pHyeqI8lVoq0QxcO_2AZGUL56V4kHWuAphd261rNWyL11cv03mWSr3msICyjsU7yuKY0cFqY8x7GRiFTBZJHoetZh2z2iUuV6Y5hyMpjyLAtU8UUGhYEp05nYgRKXVWnrv1G5yR0gRRhLuy357ZPB5bbT9fkcE-CSMnWKR89nI5aCOblqPGnQAsiWuls_kLLKrf4L9eABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_32CiART-WNyOqdCjL2INramiTOCQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.30.228 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-135-30-228.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H2 429 link.html
track.webgains.com/ Frame A884 0
0 122ms
35ms Script
text/html 18.135.30.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&js=1&nw=1&viewref=oneidj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=3fae36ae061d446c5b2ccde96e22107a%2F9172787288021173686&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hz0623mkeny9hdfqsq87d2g41v3m132h16mvg46fza77j01sp71xczkby0zcnscajc6m39dqn9trb5cwg7e6nvbdp4n5afmn83se490yfmdm0pw9k7nq3zpnaxw4hnz09exhqef9azhw3tq0hkbrq4n9t0x3t7exvwgt1bdt52an6fe7bdvqv3mjs2zr5mrzrdhqmra1rrr4zghtr48tcm11sf2eb8jxq3ks3ej7bfg14q9d8mbh9c21d6wpgpea76a9pjvatdrwxzt525g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpw70xp87ZdaHI4a97gTX1KewB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9BhxQm0MMEFJSvs2WN3UC6Jcg5aDuMwKD5mte0fySaEG8DPT6BfUmSTI5BFdRA4W-tormxBXkFYYbJSvt9PenBFDi-IgOwwklJfouIRBdBnradwd5zTqCopPYg1UHaz2Zxj1RNgzgAlY4XAa-jT_XN8pHyeqI8lVoq0QxcO_2AZGUL56V4kHWuAphd261rNWyL11cv03mWSr3msICyjsU7yuKY0cFqY8x7GRiFTBZJHoetZh2z2iUuV6Y5hyMpjyLAtU8UUGhYEp05nYgRKXVWnrv1G5yR0gRRhLuy357ZPB5bbT9fkcE-CSMnWKR89nI5aCOblqPGnQAsiWuls_kLLKrf4L9eABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_32CiART-WNyOqdCjL2INramiTOCQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.30.228 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-135-30-228.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 6EEB 11 KB
5 KB 58ms
58ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=24723%2C305597%2C14019&b=2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9%2CV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ&f=4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA%2Cm8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA&c=300&d=250&e=&g=b86b57b7c9a6d1f190fb9ad4feb883a3%2F2198910366992176183&i=22473%2C83339%2C21596&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343384&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1krpn56n4tea223kgsvpabnzyknty5bcxtq765j5kh5x0hq27v94g1hahv4x6k8zwz7t703v5kks6r5t85906cdxydsfh876t92ey9zd58msmd3a7cqhgrex8vdc289f31dy3st560ps8bksmckvvj84j227q2jddxv7td0jzzt1e5z4jr1s5k21bgmssmtcqxkw5j2a6cn2v2jxkes7s5wr6fxrx3qas8zd6hgnz9t3z6jw8dy1mk3v6fjpja211aqk3j7pw1rkh7khz9eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Ufnxp87ZbS1IsXImQbZ2Kj4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9Cr1tPAkojV5na2UM28FuvWnk_ujNTERBca0vD-aVYc_KJOzS7PDC3Gxqgo9o7ovBg0CU7XaacdP5oe0qgPIkM1EbPw2L17EUW3AdukIVjaga0HA4aAwoPtr8dtMz7i-rOxQFBWcq6ZLhM9pARXle9pxrhCzA5RjXbVGoiWz58Mfz0n6A5mpnANc6uBwFL6Jh0Xj9ZKkWsk_0ZPZUeG5NsOKiMNDw-zYHZuAjHPShQO6JiYlGXUSh1wxN0f8em8r9kVmjyCXBGRoRwLbeoDSuJADQKPBbWXpa7iSYRG7Yw21y20VJKHmPKU_4z-_s9dRhtTysZtqCDU6pPY460zJu6j1EQ6VMOABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_13-q6sM1VA-0KmHVNnyqyX2z5fnQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fd2970335e8dd47a81e881d202d7933455bf54e8f7b69e56bfa73294639e39f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kj4wk0da2nhnhngjyzgk2ehegg30nq0zq4xfzdqmf5htw3za02rxfmmgpf33z8fjw3tkqj5d7hm41thfcfsgsvr2sjg8fw8qj8t7tswex3d47vwk0hzs71n09rpxyd0vat969r786nsvmawhrcra26mrag7w6g0z261ykh6p7s45wpzgghy1063prcnqtz8dfet214p0fy36zqz2my66dacc8qgp8da0b3v61fgbdn6x7jesjgdqg8pzyrf66wevxh9tnzeqkzv4xvwv81cjmf1cd4w02mckgw0de2h704e1ac4wwqg673fvg159mzthfkpkx287z9cc2mb7qnf8jcwp4rm72rk8ryxrask68e10n14bb2vc02vc8abkzccb61m3djf7vraav56p5rhsag9fq0nyx375qb42h0p8aa022qwsc70m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_Ufnxp87ZbS1IsXImQbZ2Kj4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9Cr1tPAkojV5na2UM28FuvWnk_ujNTERBca0vD-aVYc_KJOzS7PDC3Gxqgo9o7ovBg0CU7XaacdP5oe0qgPIkM1EbPw2L17EUW3AdukIVjaga0HA4aAwoPtr8dtMz7i-rOxQFBWcq6ZLhM9pARXle9pxrhCzA5RjXbVGoiWz58Mfz0n6A5mpnANc6uBwFL6Jh0Xj9ZKkWsk_0ZPZUeG5NsOKiMNDw-zYHZuAjHPShQO6JiYlGXUSh1wxN0f8em8r9kVmjyCXBGRoRwLbeoDSuJADQKPBbWXpa7iSYRG7Yw21y20VJKHmPKU_4z-_s9dRhtTysZtqCDU6pPY460zJu6j1EQ6VMOABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_13-q6sM1VA-0KmHVNnyqyX2z5fnQ%26client%3Dca-pub-9011305505618306%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 81ca9e3e5cf81cbd-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 11:32:23 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame 6EEB 115 KB
14 KB 28ms
27ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24723%2C305597%2C14019&b=2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9%2CV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ&f=4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA%2Cm8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA&c=300&d=250&e=&g=b86b57b7c9a6d1f190fb9ad4feb883a3%2F2198910366992176183&i=22473%2C83339%2C21596&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343384&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1krpn56n4tea223kgsvpabnzyknty5bcxtq765j5kh5x0hq27v94g1hahv4x6k8zwz7t703v5kks6r5t85906cdxydsfh876t92ey9zd58msmd3a7cqhgrex8vdc289f31dy3st560ps8bksmckvvj84j227q2jddxv7td0jzzt1e5z4jr1s5k21bgmssmtcqxkw5j2a6cn2v2jxkes7s5wr6fxrx3qas8zd6hgnz9t3z6jw8dy1mk3v6fjpja211aqk3j7pw1rkh7khz9eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Ufnxp87ZbS1IsXImQbZ2Kj4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9Cr1tPAkojV5na2UM28FuvWnk_ujNTERBca0vD-aVYc_KJOzS7PDC3Gxqgo9o7ovBg0CU7XaacdP5oe0qgPIkM1EbPw2L17EUW3AdukIVjaga0HA4aAwoPtr8dtMz7i-rOxQFBWcq6ZLhM9pARXle9pxrhCzA5RjXbVGoiWz58Mfz0n6A5mpnANc6uBwFL6Jh0Xj9ZKkWsk_0ZPZUeG5NsOKiMNDw-zYHZuAjHPShQO6JiYlGXUSh1wxN0f8em8r9kVmjyCXBGRoRwLbeoDSuJADQKPBbWXpa7iSYRG7Yw21y20VJKHmPKU_4z-_s9dRhtTysZtqCDU6pPY460zJu6j1EQ6VMOABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_13-q6sM1VA-0KmHVNnyqyX2z5fnQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=24723%2C305597%2C14019&b=2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9%2CV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ&f=4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA%2Cm8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA&c=300&d=250&e=&g=b86b57b7c9a6d1f190fb9ad4feb883a3%2F2198910366992176183&i=22473%2C83339%2C21596&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343384&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1krpn56n4tea223kgsvpabnzyknty5bcxtq765j5kh5x0hq27v94g1hahv4x6k8zwz7t703v5kks6r5t85906cdxydsfh876t92ey9zd58msmd3a7cqhgrex8vdc289f31dy3st560ps8bksmckvvj84j227q2jddxv7td0jzzt1e5z4jr1s5k21bgmssmtcqxkw5j2a6cn2v2jxkes7s5wr6fxrx3qas8zd6hgnz9t3z6jw8dy1mk3v6fjpja211aqk3j7pw1rkh7khz9eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Ufnxp87ZbS1IsXImQbZ2Kj4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9Cr1tPAkojV5na2UM28FuvWnk_ujNTERBca0vD-aVYc_KJOzS7PDC3Gxqgo9o7ovBg0CU7XaacdP5oe0qgPIkM1EbPw2L17EUW3AdukIVjaga0HA4aAwoPtr8dtMz7i-rOxQFBWcq6ZLhM9pARXle9pxrhCzA5RjXbVGoiWz58Mfz0n6A5mpnANc6uBwFL6Jh0Xj9ZKkWsk_0ZPZUeG5NsOKiMNDw-zYHZuAjHPShQO6JiYlGXUSh1wxN0f8em8r9kVmjyCXBGRoRwLbeoDSuJADQKPBbWXpa7iSYRG7Yw21y20VJKHmPKU_4z-_s9dRhtTysZtqCDU6pPY460zJu6j1EQ6VMOABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_13-q6sM1VA-0KmHVNnyqyX2z5fnQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18304
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Sep 2023 09:43:56 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iEh8d7uMARBkO97DfWHuWK7LpwLS8%2BzrTIF7A7aByO9hUxeoiMW8O12sdPNP0wepreEkKKTt7df1Cro4qk5cqm71wJcAwpMghLHyAovUGurW%2F5PSxXO%2BYzaSGDBA6Y0MSDlQU8bv4wE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 81ca9e3f5e5c1cbd-FRA
expires: Fri, 27 Oct 2023 12:32:23 GMT

GET
H3 200 DD764190D6CE80910BC7AF0AB42A0D01A58B48D68E5B29FB01F10153A3070E664C184E4393DFE49B8B93C06F8C00EC83A0ED0915E62BC1292EC3D266B795FB4D
assets.ad4m.at/logo/ Frame 6EEB 15 KB
16 KB 25ms
23ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DD764190D6CE80910BC7AF0AB42A0D01A58B48D68E5B29FB01F10153A3070E664C184E4393DFE49B8B93C06F8C00EC83A0ED0915E62BC1292EC3D266B795FB4D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24723%2C305597%2C14019&b=2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9%2CV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ&f=4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA%2Cm8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA&c=300&d=250&e=&g=b86b57b7c9a6d1f190fb9ad4feb883a3%2F2198910366992176183&i=22473%2C83339%2C21596&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343384&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1krpn56n4tea223kgsvpabnzyknty5bcxtq765j5kh5x0hq27v94g1hahv4x6k8zwz7t703v5kks6r5t85906cdxydsfh876t92ey9zd58msmd3a7cqhgrex8vdc289f31dy3st560ps8bksmckvvj84j227q2jddxv7td0jzzt1e5z4jr1s5k21bgmssmtcqxkw5j2a6cn2v2jxkes7s5wr6fxrx3qas8zd6hgnz9t3z6jw8dy1mk3v6fjpja211aqk3j7pw1rkh7khz9eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Ufnxp87ZbS1IsXImQbZ2Kj4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9Cr1tPAkojV5na2UM28FuvWnk_ujNTERBca0vD-aVYc_KJOzS7PDC3Gxqgo9o7ovBg0CU7XaacdP5oe0qgPIkM1EbPw2L17EUW3AdukIVjaga0HA4aAwoPtr8dtMz7i-rOxQFBWcq6ZLhM9pARXle9pxrhCzA5RjXbVGoiWz58Mfz0n6A5mpnANc6uBwFL6Jh0Xj9ZKkWsk_0ZPZUeG5NsOKiMNDw-zYHZuAjHPShQO6JiYlGXUSh1wxN0f8em8r9kVmjyCXBGRoRwLbeoDSuJADQKPBbWXpa7iSYRG7Yw21y20VJKHmPKU_4z-_s9dRhtTysZtqCDU6pPY460zJu6j1EQ6VMOABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_13-q6sM1VA-0KmHVNnyqyX2z5fnQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a8c55e2a65ab16a22b95904c1e8853cc86c6794f55bb398b58b0cdb42f7d7e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233433
cf-polished: origFmt=png, origSize=37262
alt-svc: h3=":443"; ma=86400
content-length: 15752
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Oct 2023 15:37:35 GMT
server: cloudflare
etag: "a89fa17c218240e5a9f82c47ff6f59a4"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8nTVD34XBnASBgjn4xd%2BMnBvukRO8qgOtO4ghVzvGSqzJaTVL8rBLOMzOvLJQa6IUNwArUI%2BsYYvvHn2sgLdIyumHAQ3qtqBrH8bfMTyOAuwWYqjUjGCp1K8VhBc6Tyg1TYZAc0QhwJmGSM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 81ca9e3f5e621cbd-FRA

GET
H3 200 BFA660F4C579A67BFC4FEC1F0BE3FDC649D3AE4EFD32521BEE7E5D753BA8C7AFEF86E209C94227BB718C2AA92E9C7120DB942BD7F9D9EC000E243B6917E8EAFE
assets.ad4m.at/product_image/ Frame 6EEB 105 KB
105 KB 33ms
30ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/BFA660F4C579A67BFC4FEC1F0BE3FDC649D3AE4EFD32521BEE7E5D753BA8C7AFEF86E209C94227BB718C2AA92E9C7120DB942BD7F9D9EC000E243B6917E8EAFE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24723%2C305597%2C14019&b=2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9%2CV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ&f=4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA%2Cm8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA&c=300&d=250&e=&g=b86b57b7c9a6d1f190fb9ad4feb883a3%2F2198910366992176183&i=22473%2C83339%2C21596&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343384&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1krpn56n4tea223kgsvpabnzyknty5bcxtq765j5kh5x0hq27v94g1hahv4x6k8zwz7t703v5kks6r5t85906cdxydsfh876t92ey9zd58msmd3a7cqhgrex8vdc289f31dy3st560ps8bksmckvvj84j227q2jddxv7td0jzzt1e5z4jr1s5k21bgmssmtcqxkw5j2a6cn2v2jxkes7s5wr6fxrx3qas8zd6hgnz9t3z6jw8dy1mk3v6fjpja211aqk3j7pw1rkh7khz9eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Ufnxp87ZbS1IsXImQbZ2Kj4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9Cr1tPAkojV5na2UM28FuvWnk_ujNTERBca0vD-aVYc_KJOzS7PDC3Gxqgo9o7ovBg0CU7XaacdP5oe0qgPIkM1EbPw2L17EUW3AdukIVjaga0HA4aAwoPtr8dtMz7i-rOxQFBWcq6ZLhM9pARXle9pxrhCzA5RjXbVGoiWz58Mfz0n6A5mpnANc6uBwFL6Jh0Xj9ZKkWsk_0ZPZUeG5NsOKiMNDw-zYHZuAjHPShQO6JiYlGXUSh1wxN0f8em8r9kVmjyCXBGRoRwLbeoDSuJADQKPBbWXpa7iSYRG7Yw21y20VJKHmPKU_4z-_s9dRhtTysZtqCDU6pPY460zJu6j1EQ6VMOABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_13-q6sM1VA-0KmHVNnyqyX2z5fnQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b42f02500ac66f1bc7c5ec8038d9f488facf762af808ac6f4ab378c5a5fce7b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1227902
cf-polished: origSize=112842
alt-svc: h3=":443"; ma=86400
content-length: 107298
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Oct 2023 16:57:24 GMT
server: cloudflare
etag: "7778098ecd14772f2698109849e1c874"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRZqsYO1lgnX31Hv4IIk0Qh55a4wWNz%2FU8%2FtYIl8CTMPvMFDZvE1Y4VLV3LgE0jwFzz8Bp5U1e0Jvh1KaBjTcT5E43%2BcWVfZI%2FqrBn82bLq0lTEzTZ3aDRdOyjt3hgJkCFJpDRs%2BD9B4YcEM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 81ca9e3f5e641cbd-FRA

GET
H3 200 FE0B78D97BA1F2E5CD2154F6820A1AB9B86F5F439818DF46163CA56E8EE17513C3A0CE54E604EC24901F78DD798D13BAE97E0680454D3977BD86051E08913E70
assets.ad4m.at/logo/ Frame 6EEB 4 KB
5 KB 23ms
21ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/FE0B78D97BA1F2E5CD2154F6820A1AB9B86F5F439818DF46163CA56E8EE17513C3A0CE54E604EC24901F78DD798D13BAE97E0680454D3977BD86051E08913E70
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24723%2C305597%2C14019&b=2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9%2CV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ&f=4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA%2Cm8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA&c=300&d=250&e=&g=b86b57b7c9a6d1f190fb9ad4feb883a3%2F2198910366992176183&i=22473%2C83339%2C21596&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343384&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1krpn56n4tea223kgsvpabnzyknty5bcxtq765j5kh5x0hq27v94g1hahv4x6k8zwz7t703v5kks6r5t85906cdxydsfh876t92ey9zd58msmd3a7cqhgrex8vdc289f31dy3st560ps8bksmckvvj84j227q2jddxv7td0jzzt1e5z4jr1s5k21bgmssmtcqxkw5j2a6cn2v2jxkes7s5wr6fxrx3qas8zd6hgnz9t3z6jw8dy1mk3v6fjpja211aqk3j7pw1rkh7khz9eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Ufnxp87ZbS1IsXImQbZ2Kj4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9Cr1tPAkojV5na2UM28FuvWnk_ujNTERBca0vD-aVYc_KJOzS7PDC3Gxqgo9o7ovBg0CU7XaacdP5oe0qgPIkM1EbPw2L17EUW3AdukIVjaga0HA4aAwoPtr8dtMz7i-rOxQFBWcq6ZLhM9pARXle9pxrhCzA5RjXbVGoiWz58Mfz0n6A5mpnANc6uBwFL6Jh0Xj9ZKkWsk_0ZPZUeG5NsOKiMNDw-zYHZuAjHPShQO6JiYlGXUSh1wxN0f8em8r9kVmjyCXBGRoRwLbeoDSuJADQKPBbWXpa7iSYRG7Yw21y20VJKHmPKU_4z-_s9dRhtTysZtqCDU6pPY460zJu6j1EQ6VMOABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_13-q6sM1VA-0KmHVNnyqyX2z5fnQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76967d830f6aef06f336d8b7323d7d8a07e08b56080a1b3c8b9ada0b5e7ead26

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 241452
cf-polished: origFmt=png, origSize=16545
alt-svc: h3=":443"; ma=86400
content-length: 4432
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Oct 2023 15:41:09 GMT
server: cloudflare
etag: "a12a2ed1d853ee0e3231c93bd5bd45d2"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bV7b6fx1Ll3QfhNfa6VNnO77n6V7ovkn2qyJM%2FU0sb2TlYVOcnIGJpDeQfINYUihx2S0lpMO%2BTF2fkaQw%2Fa66ZNliR6YUIqm66v8%2BLDIU78nP5Mvpsj5keeSUH6zdjromfEzS7ISp09cML2h"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 81ca9e3f5e651cbd-FRA

GET
H3 200 24C97359018345C62B9D1E833CD308D0FC4079886968BB586800C5A8007C4B15B2D03544D9B4E0842C3C92E9ACC3FB0367D6FA9DB6881A7555CD9F473DC7363A
assets.ad4m.at/product_image/ Frame 6EEB 71 KB
71 KB 65ms
63ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/24C97359018345C62B9D1E833CD308D0FC4079886968BB586800C5A8007C4B15B2D03544D9B4E0842C3C92E9ACC3FB0367D6FA9DB6881A7555CD9F473DC7363A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24723%2C305597%2C14019&b=2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9%2CV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ&f=4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA%2Cm8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA&c=300&d=250&e=&g=b86b57b7c9a6d1f190fb9ad4feb883a3%2F2198910366992176183&i=22473%2C83339%2C21596&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343384&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1krpn56n4tea223kgsvpabnzyknty5bcxtq765j5kh5x0hq27v94g1hahv4x6k8zwz7t703v5kks6r5t85906cdxydsfh876t92ey9zd58msmd3a7cqhgrex8vdc289f31dy3st560ps8bksmckvvj84j227q2jddxv7td0jzzt1e5z4jr1s5k21bgmssmtcqxkw5j2a6cn2v2jxkes7s5wr6fxrx3qas8zd6hgnz9t3z6jw8dy1mk3v6fjpja211aqk3j7pw1rkh7khz9eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Ufnxp87ZbS1IsXImQbZ2Kj4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9Cr1tPAkojV5na2UM28FuvWnk_ujNTERBca0vD-aVYc_KJOzS7PDC3Gxqgo9o7ovBg0CU7XaacdP5oe0qgPIkM1EbPw2L17EUW3AdukIVjaga0HA4aAwoPtr8dtMz7i-rOxQFBWcq6ZLhM9pARXle9pxrhCzA5RjXbVGoiWz58Mfz0n6A5mpnANc6uBwFL6Jh0Xj9ZKkWsk_0ZPZUeG5NsOKiMNDw-zYHZuAjHPShQO6JiYlGXUSh1wxN0f8em8r9kVmjyCXBGRoRwLbeoDSuJADQKPBbWXpa7iSYRG7Yw21y20VJKHmPKU_4z-_s9dRhtTysZtqCDU6pPY460zJu6j1EQ6VMOABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_13-q6sM1VA-0KmHVNnyqyX2z5fnQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 748862be5a63e65577045f2d8295f85c0f2e041ee436c357b399490660c191f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1227898
cf-polished: origSize=92486
alt-svc: h3=":443"; ma=86400
content-length: 72489
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Oct 2023 15:55:41 GMT
server: cloudflare
etag: "9631adcd8ba4c1bf8d61fa68ef9b8f9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZtZHVWz6jXWiwpvLw5M9H51t02wyksG%2FlbH1FgX2Imor%2BVWNE9%2FL2uTjgkquKnT2qg9mnIFtX2Mujn54GgMRSRkypjfc9geB%2F5FKJTFyoLyU5o1nwy%2Bj9FpCBQ82I90icz1j%2FE6LF9qFBbR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 81ca9e3f5e661cbd-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 6EEB 43 B
702 B 70ms
69ms Image
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3247883&v=16798&q=361110&r=412871&pv=1&pref3=oneidj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24723%2C305597%2C14019&b=2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9%2CV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ&f=4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA%2Cm8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA&c=300&d=250&e=&g=b86b57b7c9a6d1f190fb9ad4feb883a3%2F2198910366992176183&i=22473%2C83339%2C21596&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343384&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1krpn56n4tea223kgsvpabnzyknty5bcxtq765j5kh5x0hq27v94g1hahv4x6k8zwz7t703v5kks6r5t85906cdxydsfh876t92ey9zd58msmd3a7cqhgrex8vdc289f31dy3st560ps8bksmckvvj84j227q2jddxv7td0jzzt1e5z4jr1s5k21bgmssmtcqxkw5j2a6cn2v2jxkes7s5wr6fxrx3qas8zd6hgnz9t3z6jw8dy1mk3v6fjpja211aqk3j7pw1rkh7khz9eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Ufnxp87ZbS1IsXImQbZ2Kj4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9Cr1tPAkojV5na2UM28FuvWnk_ujNTERBca0vD-aVYc_KJOzS7PDC3Gxqgo9o7ovBg0CU7XaacdP5oe0qgPIkM1EbPw2L17EUW3AdukIVjaga0HA4aAwoPtr8dtMz7i-rOxQFBWcq6ZLhM9pARXle9pxrhCzA5RjXbVGoiWz58Mfz0n6A5mpnANc6uBwFL6Jh0Xj9ZKkWsk_0ZPZUeG5NsOKiMNDw-zYHZuAjHPShQO6JiYlGXUSh1wxN0f8em8r9kVmjyCXBGRoRwLbeoDSuJADQKPBbWXpa7iSYRG7Yw21y20VJKHmPKU_4z-_s9dRhtTysZtqCDU6pPY460zJu6j1EQ6VMOABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_13-q6sM1VA-0KmHVNnyqyX2z5fnQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Oct 2023 11:32:23 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 6EEB 44 KB
44 KB 95ms
93ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24723%2C305597%2C14019&b=2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9%2CV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ&f=4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA%2Cm8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA&c=300&d=250&e=&g=b86b57b7c9a6d1f190fb9ad4feb883a3%2F2198910366992176183&i=22473%2C83339%2C21596&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343384&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1krpn56n4tea223kgsvpabnzyknty5bcxtq765j5kh5x0hq27v94g1hahv4x6k8zwz7t703v5kks6r5t85906cdxydsfh876t92ey9zd58msmd3a7cqhgrex8vdc289f31dy3st560ps8bksmckvvj84j227q2jddxv7td0jzzt1e5z4jr1s5k21bgmssmtcqxkw5j2a6cn2v2jxkes7s5wr6fxrx3qas8zd6hgnz9t3z6jw8dy1mk3v6fjpja211aqk3j7pw1rkh7khz9eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Ufnxp87ZbS1IsXImQbZ2Kj4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9Cr1tPAkojV5na2UM28FuvWnk_ujNTERBca0vD-aVYc_KJOzS7PDC3Gxqgo9o7ovBg0CU7XaacdP5oe0qgPIkM1EbPw2L17EUW3AdukIVjaga0HA4aAwoPtr8dtMz7i-rOxQFBWcq6ZLhM9pARXle9pxrhCzA5RjXbVGoiWz58Mfz0n6A5mpnANc6uBwFL6Jh0Xj9ZKkWsk_0ZPZUeG5NsOKiMNDw-zYHZuAjHPShQO6JiYlGXUSh1wxN0f8em8r9kVmjyCXBGRoRwLbeoDSuJADQKPBbWXpa7iSYRG7Yw21y20VJKHmPKU_4z-_s9dRhtTysZtqCDU6pPY460zJu6j1EQ6VMOABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_13-q6sM1VA-0KmHVNnyqyX2z5fnQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 231462
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Oct 2023 15:49:04 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kuck7U6S40M7R%2FCB64OthmvXcHNFILfuV7HNtj1%2FUsg9IQVMbC1N%2BBInUsx25mkWV%2F7MkqLyI5cblp92ZprzUdVmL%2Fw1ye78HEtgwsL7JD9Tj0cF%2BlEHECW9hVPjpjjw49hvmI5fh%2BZ7eguu"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 81ca9e3f5e671cbd-FRA

GET
H3 200 809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
assets.ad4m.at/ Frame 6EEB 153 KB
153 KB 103ms
102ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24723%2C305597%2C14019&b=2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9%2CV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ&f=4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA%2Cm8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA&c=300&d=250&e=&g=b86b57b7c9a6d1f190fb9ad4feb883a3%2F2198910366992176183&i=22473%2C83339%2C21596&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343384&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1krpn56n4tea223kgsvpabnzyknty5bcxtq765j5kh5x0hq27v94g1hahv4x6k8zwz7t703v5kks6r5t85906cdxydsfh876t92ey9zd58msmd3a7cqhgrex8vdc289f31dy3st560ps8bksmckvvj84j227q2jddxv7td0jzzt1e5z4jr1s5k21bgmssmtcqxkw5j2a6cn2v2jxkes7s5wr6fxrx3qas8zd6hgnz9t3z6jw8dy1mk3v6fjpja211aqk3j7pw1rkh7khz9eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Ufnxp87ZbS1IsXImQbZ2Kj4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9Cr1tPAkojV5na2UM28FuvWnk_ujNTERBca0vD-aVYc_KJOzS7PDC3Gxqgo9o7ovBg0CU7XaacdP5oe0qgPIkM1EbPw2L17EUW3AdukIVjaga0HA4aAwoPtr8dtMz7i-rOxQFBWcq6ZLhM9pARXle9pxrhCzA5RjXbVGoiWz58Mfz0n6A5mpnANc6uBwFL6Jh0Xj9ZKkWsk_0ZPZUeG5NsOKiMNDw-zYHZuAjHPShQO6JiYlGXUSh1wxN0f8em8r9kVmjyCXBGRoRwLbeoDSuJADQKPBbWXpa7iSYRG7Yw21y20VJKHmPKU_4z-_s9dRhtTysZtqCDU6pPY460zJu6j1EQ6VMOABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_13-q6sM1VA-0KmHVNnyqyX2z5fnQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5511fc0a41b649423fbfa7a2738fb9fc47c5fd4669ccc5fd14186069db3295e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 711398
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 156513
cf-bgj: imgq:100,h2pri
last-modified: Thu, 19 Oct 2023 05:55:14 GMT
server: cloudflare
etag: "eae3b251b1fdff23215fbbe825ac0889"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2326Iu2mC7qY33rLynCPaDTG5biMOfjcPFYNs8AvWSiYa6gqQe7j%2F4y4eq%2F4FJb2o%2BU0fdcQTY0Oc5xQs%2BBJ864UTRsMCpSgoKgbnHELIV39C3vCWSDSP72XPclj3%2Bklw4PoZrvgnMvoiMLg"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 81ca9e3f5e681cbd-FRA

GET
H2

200

ztpv.php
www.conrad.de/ Frame 6EEB
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1698406343_7f78f050-74bc-11ee-98d5-22653d8c0e4c&insert=AW&&gdpr=0&gdpr_consent=

0
113 B

20ms
19ms

Image
text/html

2606:4700::6810:c0cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1698406343_7f78f050-74bc-11ee-98d5-22653d8c0e4c&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

2606:4700::6810:c0cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 81ca9e3ffeba373c-FRA
content-length: 0
expires: -1

Redirect headers

Date: Fri, 27 Oct 2023 11:32:23 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1698406343_7f78f050-74bc-11ee-98d5-22653d8c0e4c&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 429 link.html
track.webgains.com/ Frame 6EEB 0
0 32ms
31ms Script
text/html 18.135.30.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2045165&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jn5nkfarvwp76wfafyq6ynywgc6zj5q5pd8wxdvqv0y1gqntg23bhn61k7hr5r3mtw3g5a9hv0bsjbaadv44atgbp06p57fv567z3j2wpbgcvfpj6d3zqjdw4sycra0xpb0pxpaxgwhtz830ap6wtx1qpqwyhwqggwen9zhvv7ykd5zn9pwadnmnrz718e73bf09frrvkcdmg1sqb4y5twyj6q26kgwtn5pyjf6jyppafj4ngwrnsncggwaymxn08%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1krpn56n4tea223kgsvpabnzyknty5bcxtq765j5kh5x0hq27v94g1hahv4x6k8zwz7t703v5kks6r5t85906cdxydsfh876t92ey9zd58msmd3a7cqhgrex8vdc289f31dy3st560ps8bksmckvvj84j227q2jddxv7td0jzzt1e5z4jr1s5k21bgmssmtcqxkw5j2a6cn2v2jxkes7s5wr6fxrx3qas8zd6hgnz9t3z6jw8dy1mk3v6fjpja211aqk3j7pw1rkh7khz9eg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_Ufnxp87ZbS1IsXImQbZ2Kj4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9Cr1tPAkojV5na2UM28FuvWnk_ujNTERBca0vD-aVYc_KJOzS7PDC3Gxqgo9o7ovBg0CU7XaacdP5oe0qgPIkM1EbPw2L17EUW3AdukIVjaga0HA4aAwoPtr8dtMz7i-rOxQFBWcq6ZLhM9pARXle9pxrhCzA5RjXbVGoiWz58Mfz0n6A5mpnANc6uBwFL6Jh0Xj9ZKkWsk_0ZPZUeG5NsOKiMNDw-zYHZuAjHPShQO6JiYlGXUSh1wxN0f8em8r9kVmjyCXBGRoRwLbeoDSuJADQKPBbWXpa7iSYRG7Yw21y20VJKHmPKU_4z-_s9dRhtTysZtqCDU6pPY460zJu6j1EQ6VMOABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_13-q6sM1VA-0KmHVNnyqyX2z5fnQ%252526client%25253Dca-pub-9011305505618306%252526adurl%25253D&clickref=oneid4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHKoneid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneid2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcgoneid__suite_Netmix_Reach13_BlackFridayPush
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24723%2C305597%2C14019&b=2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9%2CV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ&f=4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA%2Cm8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA&c=300&d=250&e=&g=b86b57b7c9a6d1f190fb9ad4feb883a3%2F2198910366992176183&i=22473%2C83339%2C21596&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1698406343384&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1krpn56n4tea223kgsvpabnzyknty5bcxtq765j5kh5x0hq27v94g1hahv4x6k8zwz7t703v5kks6r5t85906cdxydsfh876t92ey9zd58msmd3a7cqhgrex8vdc289f31dy3st560ps8bksmckvvj84j227q2jddxv7td0jzzt1e5z4jr1s5k21bgmssmtcqxkw5j2a6cn2v2jxkes7s5wr6fxrx3qas8zd6hgnz9t3z6jw8dy1mk3v6fjpja211aqk3j7pw1rkh7khz9eg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_Ufnxp87ZbS1IsXImQbZ2Kj4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9Cr1tPAkojV5na2UM28FuvWnk_ujNTERBca0vD-aVYc_KJOzS7PDC3Gxqgo9o7ovBg0CU7XaacdP5oe0qgPIkM1EbPw2L17EUW3AdukIVjaga0HA4aAwoPtr8dtMz7i-rOxQFBWcq6ZLhM9pARXle9pxrhCzA5RjXbVGoiWz58Mfz0n6A5mpnANc6uBwFL6Jh0Xj9ZKkWsk_0ZPZUeG5NsOKiMNDw-zYHZuAjHPShQO6JiYlGXUSh1wxN0f8em8r9kVmjyCXBGRoRwLbeoDSuJADQKPBbWXpa7iSYRG7Yw21y20VJKHmPKU_4z-_s9dRhtTysZtqCDU6pPY460zJu6j1EQ6VMOABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_13-q6sM1VA-0KmHVNnyqyX2z5fnQ%2526client%253Dca-pub-9011305505618306%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.30.228 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-135-30-228.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:32:23 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.habseyesontheprize.com/	1970-01-21 01:22:46	Name: _ga_LNVN58D3TT Value: GS1.1.1698406341.1.0.1698406341.0.0.0
.habseyesontheprize.com/	1970-01-21 01:22:46	Name: _ga Value: GA1.1.641861502.1698406341
.habseyesontheprize.com/	1970-01-21 01:22:46	Name: _ga_5TP7XEK014 Value: GS1.1.1698406341.1.0.1698406341.0.0.0
.habseyesontheprize.com/	1970-01-21 01:08:22	Name: __gads Value: ID=bcf560208674bd70:T=1698406341:RT=1698406341:S=ALNI_MatGRMk4PXpJDA3yApyaK4LYC8DhQ
.habseyesontheprize.com/	1970-01-21 01:08:22	Name: __gpi Value: UID=00000caa1e3128c2:T=1698406341:RT=1698406341:S=ALNI_MYnCYs2kQz2SyXyFJMIcYu0fKkL8w
.doubleclick.net/	1970-01-20 15:46:49	Name: DSID Value: NO_DATA
.ctnsnet.com/	1970-01-21 00:32:22	Name: gid_CAESEGOCWA4q02qhUQ4JsXXDACU Value: 1
.simpli.fi/	1970-01-21 00:33:48	Name: suid Value: 73A910ED26CF44AEBD3EEC4AC84EFCE5
.de17a.com/	1970-01-21 00:25:10	Name: guid Value: 1.2708276134605219545
.adform.net/	1970-01-20 16:31:24	Name: C Value: 1
.adform.net/	1970-01-20 17:13:10	Name: uid Value: 2016533294325839000
.doubleclick.net/	1970-01-21 01:08:22	Name: IDE Value: AHWqTUl71Rwj1vIdhxsc483yQRz_QDkkWlJT-v9b3TmXaf5OW9uM1me85qlmPWVktFo
.yahoo.com/	1970-01-21 00:32:43	Name: A3 Value: d=AQABBMefO2UCECC7sO7AvlRdpTaFnBz5YZ4FEgEBAQHxPGVFZQAAAAAA_eMAAA&S=AQAAAtqW_ao-dRV_VfR2LW6Gtd0
.everesttech.net/	1970-01-21 00:32:22	Name: everest_g_v2 Value: g_surferid~ZTufxwAa2gjrZQAN
.ctnsnet.com/	1970-01-21 00:32:22	Name: cid Value: 1e6606fe20214cd7887047b0afdac186
.ctnsnet.com/	1970-01-21 00:32:22	Name: gid_CAESELSJfEl4FgiQ6o5Q9-pBOXw Value: 1
.travelaudience.com/	1970-01-21 01:18:27	Name: _tracker Value: %7B%22UUID%22%3A%226A232DAC-F27F-4710-3C78-6E40F575C680%22%7D
.w55c.net/	1970-01-21 01:18:27	Name: wfivefivec Value: qhK7MH8P1QWl4H5
.w55c.net/	1970-01-20 16:29:58	Name: matchgoogle Value: 5
.quantserve.com/	1970-01-20 17:56:22	Name: d Value: EBYBCQGkKoEA
.quantserve.com/	1970-01-21 01:17:00	Name: mc Value: 653b9fc7-424b5-ba8d2-19836
.awin1.com/	1970-01-20 15:51:05	Name: awpv19228 Value: 412871\|1698406343\|7f514411-74bc-11ee-98d5-22653d8c0e4c
.doubleclick.net/	1970-01-20 20:05:58	Name: APC Value: AfxxVi5qXlaJCtXYLhDp4m1IKeztsJDFB8_mjsYNeo_tq8OylEasfg
.tribalfusion.com/	1970-01-20 17:56:22	Name: ANON_ID Value: aEntuJRZdySbAIUMnXUx7Jd3KBSfHbwJZc1bXlFnNHrxrFnCZcFIZdPdroWmZcHfoL4VLXjZbPAMJeYYVrd82WrJy6sKwE
www.conrad.de/	1970-01-20 15:51:05	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 15:46:48	Name: __cf_bm Value: 9UdpGT50iGYLMkR.8fs62DQbpF6k4hdBPPYALasOuo0-1698406343-0-Ae8jSQXHXoTC0HFdzVmIDL77aY5D8aHUl4YflwxT+oY9gc0FaL1j2GRtupcba1aI3GCOktJDFxiWUFCpr7xKreM=
.blau.de/	1970-01-20 15:56:51	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY5ODQwNjM0M3ZsZWExZGUyMDIzMTAyNzEzMzIyMzkwMDQ4NTA1MTY1WDExMzc1MlYxMjI1MTMxMTA2TVN2aWV3b25laWQ5TTFTTWZLTXR4RXBTS0hCSDJ0N3RycnFzd1RtVHhWY2RvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTNfQmxhY2tGcmlkYXlQdXNoMTEzNzUy
.blau.de/	1970-01-20 15:56:51	Name: nscQ486 Value: V
.blau.de/	1970-01-20 15:56:51	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2023102713322390048505165X113752V1225131106MSviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&wfid=113752&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY5ODQwNjM0M3ZsZWExZGUyMDIzMTAyNzEzMzIyMzkwMDQ4NTA1MTY1WDExMzc1MlYxMjI1MTMxMTA2T
.o2online.de/	1970-01-20 15:56:51	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY5ODQwNjM0M3ZsZWExZGUyMDIzMTAyNzEzMzIyMzkwMDQ4NTA1MTYzWDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWRZWDFIcmYxNXNwQnBIVkg5SGV0UXRSUjhjQVQxVDZtSHJvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTNfQmxhY2tGcmlkYXlQdXNoMTIwMjEx
.o2online.de/	1970-01-20 15:56:51	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 15:56:51	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023102713322390048505163X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY5ODQwNjM0M3ZsZWExZGUyMDIzMTAyNzEzMzIyMzkwMDQ4NTA1MTYzWDEyMDIxMVYxMjI2MTMyNzAyT
.awin1.com/	1970-01-20 15:49:39	Name: awpv16798 Value: 412871\|1698406343\|7f765841-74bc-11ee-98d5-22653d8c0e4c
.awin1.com/	1970-01-20 15:51:05	Name: awpv11354 Value: 412871\|1698406343\|7f78f050-74bc-11ee-98d5-22653d8c0e4c
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
www.conrad.de/	1970-01-20 15:51:05	Name: HTLP_timestamp Value: 1698406343690

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmRAwAPJ6MQVLVt6B4kyTPkPi4liFNHzIGG64iLiP9rPE8Xj11Hl6ShEuFy9GDKRl-FSIun8-rFjpqCy7WfRUh9vMJD8N0z0XU4&google_gid=CAESEBhOtzdq_g1Hcxi2lWekZ4A&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network	error	URL: https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ht7y0hqg97f7xz71kwczttgdhztwwd0a7bqkgeba6cs2hd0xhta568ecdte21qfp3s8xmjtvs6agh3ejztct0nhz9sgs1b9ajrz0b3tzbkkrtc3cqyqrvma8wbzghbx8z50x1vamefsdw82v3e0qyz85h4w26j8hxdsrfamw3j3x3w5tdht48051gtawhvjtamja5tgt5j4n7bad9qk9vhd8z8xx2f4dypq9s5c3vvbe2aa1zx7t0d1fx9598stnvk0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hz0623mkeny9hdfqsq87d2g41v3m132h16mvg46fza77j01sp71xczkby0zcnscajc6m39dqn9trb5cwg7e6nvbdp4n5afmn83se490yfmdm0pw9k7nq3zpnaxw4hnz09exhqef9azhw3tq0hkbrq4n9t0x3t7exvwgt1bdt52an6fe7bdvqv3mjs2zr5mrzrdhqmra1rrr4zghtr48tcm11sf2eb8jxq3ks3ej7bfg14q9d8mbh9c21d6wpgpea76a9pjvatdrwxzt525g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpw70xp87ZdaHI4a97gTX1KewB5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9BhxQm0MMEFJSvs2WN3UC6Jcg5aDuMwKD5mte0fySaEG8DPT6BfUmSTI5BFdRA4W-tormxBXkFYYbJSvt9PenBFDi-IgOwwklJfouIRBdBnradwd5zTqCopPYg1UHaz2Zxj1RNgzgAlY4XAa-jT_XN8pHyeqI8lVoq0QxcO_2AZGUL56V4kHWuAphd261rNWyL11cv03mWSr3msICyjsU7yuKY0cFqY8x7GRiFTBZJHoetZh2z2iUuV6Y5hyMpjyLAtU8UUGhYEp05nYgRKXVWnrv1G5yR0gRRhLuy357ZPB5bbT9fkcE-CSMnWKR89nI5aCOblqPGnQAsiWuls_kLLKrf4L9eABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_32CiART-WNyOqdCjL2INramiTOCQ%252526client%25253Dca-pub-9011305505618306%252526adurl%25253D&clickref=oneidApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9oneid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7oneid__suite_Netmix_Reach13_BlackFridayPush Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&js=1&nw=1&viewref=oneidj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush Message: Failed to load resource: the server responded with a status of 429 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network	error	URL: https://track.webgains.com/link.html?wglinkid=2045165&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jn5nkfarvwp76wfafyq6ynywgc6zj5q5pd8wxdvqv0y1gqntg23bhn61k7hr5r3mtw3g5a9hv0bsjbaadv44atgbp06p57fv567z3j2wpbgcvfpj6d3zqjdw4sycra0xpb0pxpaxgwhtz830ap6wtx1qpqwyhwqggwen9zhvv7ykd5zn9pwadnmnrz718e73bf09frrvkcdmg1sqb4y5twyj6q26kgwtn5pyjf6jyppafj4ngwrnsncggwaymxn08%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1krpn56n4tea223kgsvpabnzyknty5bcxtq765j5kh5x0hq27v94g1hahv4x6k8zwz7t703v5kks6r5t85906cdxydsfh876t92ey9zd58msmd3a7cqhgrex8vdc289f31dy3st560ps8bksmckvvj84j227q2jddxv7td0jzzt1e5z4jr1s5k21bgmssmtcqxkw5j2a6cn2v2jxkes7s5wr6fxrx3qas8zd6hgnz9t3z6jw8dy1mk3v6fjpja211aqk3j7pw1rkh7khz9eg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_Ufnxp87ZbS1IsXImQbZ2Kj4AZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTAxMTMwNTUwNTYxODMwNsgBCakCImbHX--6sT6oAwHIAwKqBIcCT9Cr1tPAkojV5na2UM28FuvWnk_ujNTERBca0vD-aVYc_KJOzS7PDC3Gxqgo9o7ovBg0CU7XaacdP5oe0qgPIkM1EbPw2L17EUW3AdukIVjaga0HA4aAwoPtr8dtMz7i-rOxQFBWcq6ZLhM9pARXle9pxrhCzA5RjXbVGoiWz58Mfz0n6A5mpnANc6uBwFL6Jh0Xj9ZKkWsk_0ZPZUeG5NsOKiMNDw-zYHZuAjHPShQO6JiYlGXUSh1wxN0f8em8r9kVmjyCXBGRoRwLbeoDSuJADQKPBbWXpa7iSYRG7Yw21y20VJKHmPKU_4z-_s9dRhtTysZtqCDU6pPY460zJu6j1EQ6VMOABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_13-q6sM1VA-0KmHVNnyqyX2z5fnQ%252526client%25253Dca-pub-9011305505618306%252526adurl%25253D&clickref=oneid4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHKoneid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneid2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcgoneid__suite_Netmix_Reach13_BlackFridayPush Message: Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad4m.at
ads.travelaudience.com
as.ad4m.at
assets.ad4m.at
c1.adform.net
cdn.jsdelivr.net
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
cprod.apps.forfansnetwork.com
d5p.de17a.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
i0.wp.com
id.rlcdn.com
match.adsrvr.org
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pixel-sync.sitescout.com
pixel.wp.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
region1.google-analytics.com
s.tribalfusion.com
static-de.ad4mat.net
stats.wp.com
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
use.fontawesome.com
www.awin1.com
www.conrad.de
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.habseyesontheprize.com
www.lead-alliance.net
www.telefonica-partner.de
104.248.51.254
138.197.227.182
142.250.185.98
142.250.186.134
151.101.130.49
167.233.13.224
178.250.1.9
18.135.30.228
192.0.76.3
192.0.77.2
2001:4860:4802:34::36
213.155.156.165
23.32.185.35
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700::6810:5714
2606:4700::6810:c0cb
2606:4700::6812:18ad
2606:4700:e0::ac40:660b
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:803::200a
2a00:1450:4001:806::2004
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2008
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2003
2a04:4e42:600::649
2a05:d018:d29:3605:290e:3f93:cc5a:81f7
34.160.236.64
35.186.193.173
35.190.0.66
35.204.158.49
35.244.174.68
35.71.131.137
37.157.2.229
51.75.86.98
52.57.124.150
84.200.5.215
92.123.148.9
98.98.134.241
01183ef45750d92a2838d6b62094427a3d019bc12c6a65737ef92385ba123f26
040bfc148967acabf788cdeeed5cb2533ccb209d70c4e899da5e40c678089dfe
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
0b309cd2d63cd4364b51cd82f01a94ae5e33b8b888c7387837005e133fe3a1cb
0b3ce3b296a1160391697d1abc9e4bec50f20a0fd53a402f0bf8ec767239e988
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e0a27c105caf20bd4cc76fe58f222d856ab8f626447846842dddca8ce7509ef
0e6dd2d19d5bafbfa50203aedbdb225291d4f762ded4b2f451478ef456304ebf
0eb874fb1c33c2eed3c8d3d1c521400714925f38427d11d7e259992e6935d0b0
0f794a07f80c949a36a85055d7e078fde235d13dc0ce01fc0f2061efe5c94d36
1027f6016a63bb8691e834944302656fb55befe2a8b73aaac3c22a0bbeda0fcc
11769dce4b087b41c1b7ee447129156fea48606333025d78c9902744e9251ee5
1352b869ce3f850407ecbdfab5b371dfd782c33a2780a9910540b46b2137733b
159f575dd9af8e522fc3a409dadda9bcbb1c1ad21f370186133ef46fe3a4c217
15cc42ec2a3a08dc0566d2f71a13e462fa764a4390c7d96870b71fd2cf6ff513
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c316bc34736acc1acac77a04de279d71fc043970bd00f40fa92cc5bbad6fef6
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
222f4d8f5c826fa8760d5eca2d9ddff071714c5680a99f3afbf405ea4dc59c8a
24991e95e1cb00322aaeb7537f47b0137d9ea239ea28c3a365971fd8a19a93d8
25bb559beb57a681fbcd6b749ea0c17ecf3939efc5127ac756520f819f0c8f9b
29697b182ec78c8a2c26bb7d2966bc01d7445c9954e63ad8a892cc3cb696b886
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ee8d5d7a782b00379cc354076f2e38e1bdca45271c79a94f905571ef2c62aa0
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3349eae7e6f5525c2cbe437f6364c049f0c6be024191e542a808d9c2e2f3a56b
3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0
40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92
41c4b63c72df5a8d1b84978e3d13b5435315d8da4e32956e40a47b8d0cd3f82b
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
46de8fef8b0d952cccf95aeab4f51c3f2c1306c2816014e6f51ade9cd1ebb0fd
475e8f240e689f58d71e08cc6ca95cdc6ebfae87deea992d868b234a8900a676
4a8c55e2a65ab16a22b95904c1e8853cc86c6794f55bb398b58b0cdb42f7d7e8
4b3b8d497a37a08513b7a3069ca43ad12755983eda42c4bc34364c74337f6287
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
4ec206375a28278a0d0fa5397ca63193f6f34702144529c194803304b65c0f84
4f73a5aefa435a61102f5413f9e5dc3b480c05be780f12e653e521ca4f70040d
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
51ad60372f13f4013991dc42a1f1d6565b28bf345d2b53b5cc060ad04ba0ebec
51e44f753d8c920154293ce7e45af5e81bfa01abe31b4f917f025de18a9fa16f
53845d8ea0260a90ed3a12941e423bba4ec0ffc71155353dffaa6e5a7c8ce596
5511fc0a41b649423fbfa7a2738fb9fc47c5fd4669ccc5fd14186069db3295e1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5834147fa545b7d548198ea6a4c5e856d8207fcab70dd4d3c806eb50babe27c1
5a8b48f7afa56d3af88fb60fd9d31ded04d917aefa363b2b4464b137b7034976
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5f55f7d61831516527c92983e18992658cd45f94407a2b426ce9e12d847b0939
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
5fbd5ae496292dbc98dced1784b850fd25db5f22f65866a9abf4cb9dce0212a0
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68b13ad654b2f1dbaa299f1b7d92f2b5e6a1ae275d6bb79e0f79199432329b9f
6ba4a8bfae608c3201b11856b8457a6cec714ef6f8067d3b1a06abad659f2d20
6bf0da0dace03ecb974eb98e1384d3bedbfc809193db0cc52197f9964cc862fa
6f80efe3fb8e7a80d38a9b6be176d3027ad1e34a73c6195a677ced8caee29400
748862be5a63e65577045f2d8295f85c0f2e041ee436c357b399490660c191f5
76967d830f6aef06f336d8b7323d7d8a07e08b56080a1b3c8b9ada0b5e7ead26
7787f986b5a577248681c155fd3a6facd1bd35c606b16a79a21d14b96df1372e
7dd6900939e384a29f7642d713b89d5d17d9e0efdec85bd6a341a79e40024266
7dd8333bcb93efab37875ac56da1c78e8ab95e2ffdc67bc5b2b58a6bb08e8c62
7fd2970335e8dd47a81e881d202d7933455bf54e8f7b69e56bfa73294639e39f
898cc34145b02cc0c7d1133d0e3c67ff1f21ac368259a738ac97fb9b957831d8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
913b24397729b3f5c5b980c60dc1d28681e6045b6e1ba98908f726f49e63d716
92801e772fce51a9f523d71c22153aab3c0d34767458c3eeb7ede2f7762c5f65
98a703c3bb6ac15c83cde15ad7920973b2e848c09e838cd6bf326637da5c977a
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b9a58b4a66a16f2ab633c3fab7cf1df77293cb2b5f6761fb5f8d88906e74287
9f5f275915b87fd05dfff4f44d6fdf7f2ed626b25b66fe819f37e8c5ea46d77a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
aa0d188cc9b96562f21569f0405229c03c06bd4660f18865af4ccb71c8b8f3ff
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac10e191c73bf52d253ffa48f0ba9ad351e4414d4b7ec103a6e85d24f980ddc3
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
afa87a08f3b85e7008e6c3b6e5303b729731867e2a9791874672ec419ab04060
b21a787b54d7ebbdd7d9f0ab8b0c44c2090c40969a0b26a7ba9de634ddc09622
b2d4b0db399288ff3c1d1dbeaaafe5c2517a94e645e57db4b34cb0840c678e8f
b42f02500ac66f1bc7c5ec8038d9f488facf762af808ac6f4ab378c5a5fce7b8
b901560d01b1a2ec1d793e5df73a42eef79feded8af9af8ae8f6d501c2e494ae
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bc2cb8f8cf74cccc3b4c914b1fd1a6bca25b109419f1cee45e264e0ef1450cbf
bc50ddd505ed71257591be0b7ffa37b3b3bb0890f9dbf66aeebd23512f3bc1a1
c2b648bc16ece8b9582dccbe8eeccc003a17953e89ae7964b60fc8ae7ca6bcd3
c53361818f3c189539ab7be63777d934d40f5026a524705c728e8b272b70338b
c6d2b738bd69f3e771a58c0fb82784ac5b2b9ba032bd3f91dcaba53ac3882ea3
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
ccf4d4dbf9839916ee3373edcddcc405eb5596f7b6a00b13a423f6088c450f95
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
cf75887ae76b99d4f3efaa8c83cfa5938619d8b649e9a47aea52156fa7f59b7d
d29e107bd14ea447ebdd2865fb4567534ac384fd7e16ac2703da851d96f5085b
d566f1cc231612758c9a4c6784c1c4a04599940e22a0785784572016b6f58d07
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
dfef7ce44b32a775fb27858aa6d69cfdaf08524ed28f14564ef104a5709b84f5
e0f8d9203a084855ec3252ed54409199f6610b7352b507d00d5a01b0b94c0c1b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8ca8283c01de3936abe3230466a4884be2e93bb64b033088ea2ddf518a5d92c
e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c
ec41c6c63b2da0d7b75102ec05c8dd6e480ec8357e67cd1af43199764f0e903c
f0efb545afdfeafbe403407a22e4edb225a64c75ddf72a993425e91db103b32e
f323934379a9755b43f906d21a54878a7c3e1f7db45b0ca73b9815005d47e317
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f441cd0957482aa1fca749d678691f7e9bc427613bd52d0c4ee746ba8f7ea500
f64e98064fc46903be3fcda60951aebf46c0876ac8609bb5686fbca23d47e124
f9b1089305adfc4c3a39f2af056bbf54a9e28a647f8bd037eb78a838d92b30b9
fa45f0cbf81974913a298a5bc9301039b553a65b5c0716fa0a5aac7f5ce0012e
fa4d01f2c9021152b91e8811d7078e2c05b6e789630845acc29410c1d086a459
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

www.habseyesontheprize.com Open in urlscan Pro 104.248.51.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

190 Requests

91 %HTTPS

47 %IPv6

41 Domains

51 Subdomains

35 IPs

8 Countries

2636 kBTransfer

5590 kBSize

36 Cookies

34 Outgoing links

Page URL History

Redirected requests

190 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.habseyesontheprize.com Open in urlscan Pro
104.248.51.254 Public Scan

Screenshot
Live screenshot

Full Image

190
Requests

91 %
HTTPS

47 %
IPv6

41
Domains

51
Subdomains

35
IPs

8
Countries

2636 kB
Transfer

5590 kB
Size

36
Cookies

190 HTTP transactions
3 data transactions