nets4.com Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nets4.com/domain/evilmark.com
Submission: On March 07 via api (March 7th 2022, 2:57:06 pm UTC) from US — Scanned from DE

Summary HTTP 405 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 52 IPs in 8 countries across 48 domains to perform 405 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is nets4.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 29th 2021. Valid for: a year.

This is the only time nets4.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.224.89.8 13.224.89.8	16509 (AMAZON-02) (AMAZON-02)
1 18	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:27::... 2620:1ec:27::cafe:1389	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	20.96.88.162 20.96.88.162	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
28	34.227.128.233 34.227.128.233	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:10:... 2606:4700:10::6816:47c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
3	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
42	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638::18 2a02:2638::18	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
14	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
36	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 22	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:1ccc:1602:f60c:87b8	16509 (AMAZON-02) (AMAZON-02)
4 4	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
2 2	2600:9000:219... 2600:9000:2190:600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	52.59.160.6 52.59.160.6	16509 (AMAZON-02) (AMAZON-02)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 3	213.155.156.166 213.155.156.166	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
6	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	84.200.5.215 84.200.5.215	31400 (ACCELERAT...) (ACCELERATED-IT)
1	46.4.62.19 46.4.62.19	24940 (HETZNER-AS) (HETZNER-AS)
1	46.4.41.145 46.4.41.145	24940 (HETZNER-AS) (HETZNER-AS)
4	46.236.13.147 46.236.13.147	12703 (PULSANT-AS) (PULSANT-AS)
1 3	104.92.94.3 104.92.94.3	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2600:9000:225... 2600:9000:225f:7600:12:7deb:8f00:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2620:116:800d... 2620:116:800d:21:3175:5196:e3fd:8c1d	16509 (AMAZON-02) (AMAZON-02)
2 2	52.58.249.203 52.58.249.203	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	13.224.89.12 13.224.89.12	16509 (AMAZON-02) (AMAZON-02)
4	52.30.107.253 52.30.107.253	16509 (AMAZON-02) (AMAZON-02)
405	52

35 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

nets4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.nets4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s0.nets4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.89.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-8.zrh50.r.cloudfront.net

cdn.purpleads.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1389 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 34.227.128.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-128-233.compute-1.amazonaws.com

api.purpleads.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

c.tile.openstreetmap.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.tile.openstreetmap.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

b.tile.openstreetmap.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

69d990d1c25b46320b5ce3d8629e4413.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e57834d9ef776e4e43a5a379137cd70c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.185.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:1ccc:1602:f60c:87b8 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.29 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2190:600:1b:5138:8a40:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.160.6 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-160-6.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.166 (Uppsala, Sweden) 3 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN31400 (ACCELERATED-IT, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.62.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads4.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.41.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads2.sunbonet.de

partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.92.94.3 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-94-3.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225f:7600:12:7deb:8f00:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

shop.euromaster.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.euromaster.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:3175:5196:e3fd:8c1d (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.249.203 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-249-203.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.89.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-12.zrh50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.30.107.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-107-253.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
87	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 69d990d1c25b46320b5ce3d8629e4413.safeframe.googlesyndication.com ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 122 e57834d9ef776e4e43a5a379137cd70c.safeframe.googlesyndication.com 454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com 1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com	365 KB
50	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 176	1 MB
42	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 2174 ad4m.at — Cisco Umbrella Rank: 1742 assets.ad4m.at — Cisco Umbrella Rank: 32740	1 MB
35	nets4.com nets4.com img.nets4.com s0.nets4.com	228 KB
32	criteo.net static.criteo.net — Cisco Umbrella Rank: 600 pix.eu.criteo.net — Cisco Umbrella Rank: 7328 csm.eu.criteo.net — Cisco Umbrella Rank: 7422	422 KB
31	purpleads.io cdn.purpleads.io — Cisco Umbrella Rank: 176762 api.purpleads.io — Cisco Umbrella Rank: 157725	46 KB
25	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 57	29 KB
12	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	276 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	556 KB
8	openstreetmap.org c.tile.openstreetmap.org — Cisco Umbrella Rank: 13588 a.tile.openstreetmap.org — Cisco Umbrella Rank: 13366 b.tile.openstreetmap.org — Cisco Umbrella Rank: 13554	40 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 916 k.clarity.ms — Cisco Umbrella Rank: 2851 c.clarity.ms — Cisco Umbrella Rank: 547	25 KB
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 343	139 KB
7	google.de adservice.google.de — Cisco Umbrella Rank: 8832	2 KB
6	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18655 api.webgains.io — Cisco Umbrella Rank: 47350	102 KB
6	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 91678 static-de.ad4mat.net — Cisco Umbrella Rank: 128562	12 KB
6	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11348 ads.eu.criteo.com — Cisco Umbrella Rank: 7435 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9702	92 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	191 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 690 r.turn.com — Cisco Umbrella Rank: 2672	2 KB
4	webgains.com track.webgains.com — Cisco Umbrella Rank: 35662	56 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 524	2 KB
4	yahoo.com 4 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416 ups.analytics.yahoo.com — Cisco Umbrella Rank: 268	3 KB
3	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 13937	2 KB
3	de17a.com 3 redirects d5p.de17a.com — Cisco Umbrella Rank: 4364	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
3	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1207 cloudflareinsights.com — Cisco Umbrella Rank: 1193	5 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 346	943 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 730	2 KB
2	euromaster.de 1 redirects shop.euromaster.de www.euromaster.de	528 B
2	lead-alliance.net 2 redirects www.lead-alliance.net — Cisco Umbrella Rank: 46354	768 B
2	telefonica-partner.de 2 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 48610	571 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 697 s.tribalfusion.com — Cisco Umbrella Rank: 1995	1 KB
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 307	935 B
2	smaato.net 2 redirects s.ad.smaato.net — Cisco Umbrella Rank: 698	881 B
2	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3666	34 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2666	104 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1359	351 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2593	173 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 929	464 B
1	blau.de partner.blau.de — Cisco Umbrella Rank: 58770	1 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 51158	2 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 289	460 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1438	583 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 384	862 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 37868	510 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 557	191 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 193	553 B
0	congstar.de Failed banner.congstar.de Failed
405	48

	Domain	Requested by
42	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com nets4.com ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com cdn.ampproject.org 454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com 1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com
33	pagead2.googlesyndication.com	securepubads.g.doubleclick.net nets4.com tpc.googlesyndication.com 454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com 1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com www.googletagservices.com
28	api.purpleads.io	cdn.purpleads.io
27	securepubads.g.doubleclick.net	cdn.purpleads.io securepubads.g.doubleclick.net nets4.com
22	cm.g.doubleclick.net	2 redirects 454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com 1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com
22	img.nets4.com	nets4.com
18	assets.ad4m.at	as.ad4m.at
18	www.google.com	1 redirects nets4.com www.gstatic.com www.google.com tpc.googlesyndication.com ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com 454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com 1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com
14	pix.eu.criteo.net	ads.eu.criteo.com
14	static.criteo.net	ads.eu.criteo.com
12	ad4m.at	as.ad4m.at ad4m.at
12	as.ad4m.at	454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com as.ad4m.at f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com ad4m.at c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com
12	cdnjs.cloudflare.com	nets4.com cdnjs.cloudflare.com ads.eu.criteo.com
10	nets4.com	nets4.com
7	cdn.ampproject.org	securepubads.g.doubleclick.net cdn.ampproject.org
7	adservice.google.com	securepubads.g.doubleclick.net
7	adservice.google.de	securepubads.g.doubleclick.net
5	www.googletagservices.com	ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com 454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com 1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com
5	www.gstatic.com	www.google.com
5	k.clarity.ms	www.clarity.ms k.clarity.ms
4	api.webgains.io	analytics.webgains.io
4	track.webgains.com	as.ad4m.at
4	c1.adform.net	4 redirects
4	csm.eu.criteo.net	ads.eu.criteo.com
4	fonts.gstatic.com	fonts.googleapis.com
3	www.awin1.com	1 redirects as.ad4m.at
3	d5p.de17a.com	3 redirects
3	static-de.ad4mat.net	as.ad4m.at
3	ups.analytics.yahoo.com	3 redirects
3	prod-rtb.ad4mat.net	nets4.com
3	fonts.googleapis.com	securepubads.g.doubleclick.net cdnjs.cloudflare.com cdn.purpleads.io
3	b.tile.openstreetmap.org
3	a.tile.openstreetmap.org
3	s0.nets4.com	nets4.com
3	cdn.purpleads.io	nets4.com
2	analytics.webgains.io	track.webgains.com
2	eb2.3lift.com	2 redirects
2	pm.w55c.net	2 redirects
2	r.turn.com	1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com
2	ad.turn.com	2 redirects
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	pixel.advertising.com	2 redirects
2	s.ad.smaato.net	2 redirects
2	cat.fr.eu.criteo.com	ads.eu.criteo.com
2	f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	ads.eu.criteo.com	ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com 1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com
2	rtb.nl.eu.criteo.com	nets4.com
2	454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cloudflareinsights.com	static.cloudflareinsights.com
2	c.clarity.ms	1 redirects
2	c.tile.openstreetmap.org
2	static.addtoany.com	nets4.com
2	www.google-analytics.com	nets4.com www.google-analytics.com
1	dclk-match.dotomi.com	c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com
1	rtb.openx.net	1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com
1	tr.blismedia.com	1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com
1	cms.quantserve.com	1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com
1	www.euromaster.de	as.ad4m.at
1	shop.euromaster.de	1 redirects
1	partner.blau.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	pixel.rubiconproject.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	sync.mathtag.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	pixel-sync.sitescout.com	454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com
1	googleads.g.doubleclick.net
1	e57834d9ef776e4e43a5a379137cd70c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	69d990d1c25b46320b5ce3d8629e4413.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	c.bing.com	1 redirects
1	www.clarity.ms	nets4.com
1	static.cloudflareinsights.com	nets4.com
0	banner.congstar.de Failed	as.ad4m.at
405	80

This site contains links to these domains. Also see Links.

Domain
blog.nets4.com
link.nets4.com
evilmark.com
leafletjs.com
www.openstreetmap.org
www.addtoany.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-04-29` - `2022-04-28`	a year	crt.sh
*.purpleads.io Amazon	`2021-12-01` - `2022-12-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.tile.openstreetmap.org GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-11-26` - `2022-12-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-06`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-04`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-02-19` - `2022-05-20`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-02-20` - `2022-05-21`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.webgains.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh

This page contains 53 frames:

Primary Page: https://nets4.com/domain/evilmark.com
Frame ID: 3D032994F492573561BDEA837CD2453B
Requests: 86 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.22.html
Frame ID: 01AA600C332F51A15CD5CB254C94453F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=normal&cb=ld6ftpxr4qqa
Frame ID: 1FA66C134BEA5D3860AE8508A07D5372
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: BF0FFF6489F1419C11EED7F44C5480BD
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Frame ID: 33CABBBD7980152FF0E7477E751C50FB
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 4697861D627DC2987362E558533819AE
Requests: 8 HTTP requests in this frame

Frame: https://69d990d1c25b46320b5ce3d8629e4413.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 8DFE305728CB34EBFFA96EB9AA7221DE
Requests: 1 HTTP requests in this frame

Frame: https://ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: BAB0CF0EACA183C02A839697FA27816E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: B1694DACF9C4E20C8BE391E6571A390C
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 37E989AF29D6DD9ED1183251AE7435D3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 24A3396EC074E63D99AE971599724269
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B6989E2169FAF64C44B6805742D8B2AF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9E33A92E3BC88EFB8E79FF239264C039
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: ADF38B67E7A232D8A49B09F0BDE7D366
Requests: 8 HTTP requests in this frame

Frame: https://e57834d9ef776e4e43a5a379137cd70c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 4927F1ED715B63BCDF2FE22A0B3D7F98
Requests: 1 HTTP requests in this frame

Frame: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 5C7479D68BBAAE34902CDFBAB2BCA0C2
Requests: 1 HTTP requests in this frame

Frame: https://ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: C49CFA720B9483F890E12D222A806734
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Frame ID: 0653B247D17598890CE1FFC34E184B2E
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: AED5612E1EA79A3521864A77CD445584
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C932E3FAD483FD469676B10C2DA41C44
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EBA592B22B9EBC342D8DD690397D90B6
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiYdOwAKxdAKd55IAASz3_hag5_yFzrehgQ6VA&u=%7Csg%2FahQfna9sYG4Q%2BiIHJrsRiOtBODSs9otTkdCyJBwQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWTXJx1Y1e4pgxvzkJzD1hYLx7EUKPAdHLDCVTCZFc7XhWlpaikQ8oZtkf5GAs8B4GRv9m4gATW9tpDjOYDkL8dtV2mWlxkfPij00XN1f5ZA_id6fHNrHcyjE-lROrdWful1lYb791-EgQimyo8b4CNfJ9oTewL11Xvw8qny_nKN3ykQ4drAF_uO5GJQh3X-wya5gXaR7jYWIp71EsY6FmEWsQzJYEuuYZ5UarM9vQu8mt8Sy0AM7wXp3YNoLnC-zvID-kqIk8yGUIRgnTaESMBK0Bs-tdOgEOGmh5ViJHbix0p-mr4Bcph4X-QEs5GuLYL0w2xV3i61T7mSMudJTeggXzyWIItv0T0IDUM8Mi0Bie7IizJQQN3ZU8wdSq8Mh-WioFWWjxtRzt6jMj3X8-nltbCsGS5XJSfVknwkJhfFfyJMeDRaeFYLrMzBGi16lU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDrIMOx0mYtCLK8i83gPf55KYDsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKAB1bbS6gPIAQmpAshHdn0GLrI-4AIAqAMBqgT6AU_QuiKdaPAJSPgJfcNsVydbTWLec-8rzgkY9RblNvYuTLNr8zOxuaFcxC526r3BW8Bp-FIW-3H1KIXIYotXMvRGbsTrdB-1pre9FW_hELZEoedHzaWXhNvm9QtdKw72HT7hCH2SLZzdVeiXlszeu3_tO_RH0yK8PSdbbb5jDLFazSlUlIenLlg0wzVOv585xw5oa78ILe9xP0HmNMpVzKMy49Tke9E_oynus0EU1oIDSKehoPeuLFDbvG_hnahxpZeF50h48HB0v3X16eIO6fHMRov7yzPX_CiraJQFbRdj8lj7ZxliQkC6v1PmykgqqDUKUGiRGEgcakngBAGABpzSxb33o_7IwgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0VZ8cPITE6KfsreSnrxFmGaL6QkA%26client%3Dca-pub-4903453974745530%26adurl%3D
Frame ID: F133EB1F35FFD47EAE3EDAB81EFD9A3B
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B9D207F5FAA64C74D70E778E34FED5AB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 099DB52BAE1D76FA8A2A2C8CBA639B26
Requests: 2 HTTP requests in this frame

Frame: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 0879B6B4BDC4E1529BBD1034377DE5B1
Requests: 9 HTTP requests in this frame

Frame: https://f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: ECFE4701834EDB3C2E1F95D743C23645
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hyvyt6bagwx1p5m0wzx37ztkyh6ctyw10zd1h02zh0ksk8dc9vaw58zdkp6597ftbmwndh29d78n0xntscj6p78ax9j3ftwsb84vcgwt1f7qzc20w5d130et1pq0erf0ymme9fdj442nmshwb3pjm638v5gxaf6g8a57gqw4nxr57cazdb7vwz4vjj9vww3fxxc6fe9fr585cmxe23664ptfgppfms95n1mjsmk1yjpws3bhtkvqfdnbcpgt8k6an9pa3vzdgby44f2vcvm8tkz6s699n75f3dsrzjbavdwp1t4am9j56ahnfr3888dx3saejxwmzayjtjsjfx7mqagzd7zjywwcwjff5t3m2bsq7dgg9yrgp1b7550t8fbbdywqby0jcyfwtwjvhe5d53m1esnz0j2y06bcan8whpmke15g6bkt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVNw-Ox0mYuaOPMT83wPujJ04kOGBhFy2qMKK8ALAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKABwq7o3QPIAQmpAshHdn0GLrI-4AIAqAMBqgT7AU_QbUDRO4Vehpl_JthkOSpowpg8dMNC3WpYnGprykq2z-wsdZicLJtx6-ZT5UPksptq-bfIoXLtQuP_31mmNZ2JlfWwJHSioZsGeHDonXJ3n3k4rTkFOxwv6IWZwJTL43RMRzqAPt0Bm9V6AjjHan5uHI-s0LtkLef-jQ17jFlcJRpPWUugJvB1tlsR9Gshf_kNKwbS1VZMR4VPDcXWRBRSPWZaxkRBWmQ2gALS3XhNObPuMkTw96wTrpzFPZPD5IskyLK4C-EAvfTs-hG_Fxr1bIh0r0xguTUf49Ao_vgHzodrLzIHVZAOjfIpRbE3QabRi5_Ii0U7fzm24AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3iltjcZ37znudFHI4p-4f7Tg1uTQ%26client%3Dca-pub-4903453974745530%26adurl%3D
Frame ID: EBB2F3A9E3E711E9C1E4795D4045ED38
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9589A4EA0A20D5ACD455903E08399CD9
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EC0574B138A8C031913341CA9F84CA4C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 26D99C26C1AE4F9FCED93C378E5AB5EC
Requests: 2 HTTP requests in this frame

Frame: https://f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 3333D32DCD1331F7C2439A41011C8045
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 5C846E716FB67BCCC9BC73B6DD3B9972
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jr7myrryjn81axw0z1a4a8h5qvs9h3vz4wk5nahzmk64vkhhvcc8q8gyk0jv38vxmen7vm5cwv0db7cp9ywb4bh5qa1cvadt0dxhfgnd29r687c5ddsryj4t9x8tfx7cghrjh35d34a9y219wgzkm87q9z2p8zg9wack880s6ceddp48dkbff7zgphm6cx5nkp9bpeznjwfg8ty0x9gcq7qnedsdfnakm29qaw68pb01rrcp4vvtdey9v77517r5fj9ga85dqvgxwt68xxhcp67arb40wkemdkhh184z6ew2qyn1kt7xvettxvvw9xbvnkzc7y6dgsp6sjrxj610832rmvttbs87hrdyn4f4j6tzsfwm4tzrs3f0cjert8km5jrx7bxhm59hwahrdpmez93jpmm1vz449d8degfxmf2etevmyd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClb3xPB0mYqesGMiBjuwP1Jq4kAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCyEd2fQYusj7gAgCoAwGqBPoBT9DkRRAiKAARMhkQZxnq9HcEBP3rd5WwM3wECA8YwAWniOlFOCA9JYNLWbk01HEqu4QmW98Ran7sTpcbtfWQeuP6X85FD9Y6VvkXxY9eMOkcWtLJvJXUC23ZPm_zJYRjVJochlIiLoHLlnszXG7CtYMSPXgUOLGwUaddr3vO-nQXawB-g7n0-dwC7jCq55yFl5J4bAUA7AmpYhKaW2TJOReJGYGShQRTzxzYf0lPOgcm30yCJQIpvAUg18BlLc2KtPXt7TrzIUVOuldWXRU8cOgx5WJwjLDNjWjRnK4Dl6oFVEF85MfScurtoKjt012LB88sk2qJa_rAiOAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3AhqbN47f59Tq4VlYF_7tJrHSsqw%26client%3Dca-pub-4903453974745530%26adurl%3D
Frame ID: 08D2A8A0254DD7E8BC5C490C4A47EB7E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 82EE15F7FDAD722294C8B455D7783C46
Requests: 8 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato&display=swap
Frame ID: CA3767F63F3200811A0C2E1435D31325
Requests: 10 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 7597975F11621807C8977A5A3F6D55B2
Requests: 1 HTTP requests in this frame

Frame: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: A7ABF5075BE86611FDF3D733B47E34FE
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: B7041A67D660E09FC99B84E9EBA1ABC8
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=19483%2C166402%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=c61270540eccc2c9e1f0ad9fc0999eb0%2F9829051920461254654&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021045&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1htch1jkmrxdwj6jhydj7srqv63vf0fbcskktmzzdpz57hms4x1xypw9q7kh1zc9s2cm41w3xak798be2234q78162yvbfjydzwdw0zkbn12hevjhwaxd9dm7hgpen7b9yzery71g1prm7kfa2vw2yv4xjqy62k82kanf6xsj376rmwfvc8erjefp3wp3xss31q7wketp4tx6m4xs42sjg4fscd89rsaxja345zvvnpf46drmssasmmb7hcxvc9t1v54gbc27yadxzgcrktg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVNw-Ox0mYuaOPMT83wPujJ04kOGBhFy2qMKK8ALAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKABwq7o3QPIAQmpAshHdn0GLrI-4AIAqAMBqgT7AU_QbUDRO4Vehpl_JthkOSpowpg8dMNC3WpYnGprykq2z-wsdZicLJtx6-ZT5UPksptq-bfIoXLtQuP_31mmNZ2JlfWwJHSioZsGeHDonXJ3n3k4rTkFOxwv6IWZwJTL43RMRzqAPt0Bm9V6AjjHan5uHI-s0LtkLef-jQ17jFlcJRpPWUugJvB1tlsR9Gshf_kNKwbS1VZMR4VPDcXWRBRSPWZaxkRBWmQ2gALS3XhNObPuMkTw96wTrpzFPZPD5IskyLK4C-EAvfTs-hG_Fxr1bIh0r0xguTUf49Ao_vgHzodrLzIHVZAOjfIpRbE3QabRi5_Ii0U7fzm24AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3iltjcZ37znudFHI4p-4f7Tg1uTQ%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Frame ID: 1095D9E8D23E3D5823D969B489A49D01
Requests: 14 HTTP requests in this frame

Frame: https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 9A7B5091811E608461FF5848456C8546
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=182000%2C22451%2C43785&b=Y2jcrfG3f5BXkfVH9HetQtReGtAT1TK1Tr%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2CY2jcrfG3fwB9SVH9HetQt1R1fAT1TK1Tr&f=qGXsmf1WUJ5zAhZHgHDtRCXwgFPTgTq4s3%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CqGXsmf1WUE5bcZHgHDtRCMXMcPTgTq4s3&c=728&d=90&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=48063622d7ce825fce4247ce71f8fa38%2F13023955997220530089&i=20703%2C25174%2C27987&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021118&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmvgs7f3p6h696n5xcxkjte7s1d1x6qfwrd8xsk5hsgwj5khpe47bt3bv04kwr0bgxwj32t964x66pyaacktpsg4dk3zew8hb2hbp5hmdabs7js84bqba09s2e3194e7r3g72kv5pn974tpbd1mv9rfx192skkhnta41dqmvnfrrze5adp4wztxfyasj0jwn2e7nedgyf3z30q9ak2pavrxrjmngmqb6enntcsvjckt08jv9cwrch9x18gf1sdg23w959xsryyea12k69qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClb3xPB0mYqesGMiBjuwP1Jq4kAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCyEd2fQYusj7gAgCoAwGqBPoBT9DkRRAiKAARMhkQZxnq9HcEBP3rd5WwM3wECA8YwAWniOlFOCA9JYNLWbk01HEqu4QmW98Ran7sTpcbtfWQeuP6X85FD9Y6VvkXxY9eMOkcWtLJvJXUC23ZPm_zJYRjVJochlIiLoHLlnszXG7CtYMSPXgUOLGwUaddr3vO-nQXawB-g7n0-dwC7jCq55yFl5J4bAUA7AmpYhKaW2TJOReJGYGShQRTzxzYf0lPOgcm30yCJQIpvAUg18BlLc2KtPXt7TrzIUVOuldWXRU8cOgx5WJwjLDNjWjRnK4Dl6oFVEF85MfScurtoKjt012LB88sk2qJa_rAiOAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3AhqbN47f59Tq4VlYF_7tJrHSsqw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Frame ID: 111173498C408AE4FC082DFA646814E9
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 88D9E85312B5A76E955C382747C21158
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 39F94824D245471BA9780E0946AD7803
Requests: 2 HTTP requests in this frame

Frame: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 4BA70FF5AD47B8974C84428D373CB8BA
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6C2ED285709D36C1EE2B5C6CAD0D7B2D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F401C117F044EA1CF60BA1A0DF94D898
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiYdPQAAzVQKiwaPAA4oIqV6rzSAfh048nMODg&u=%7C8CscHVVsa7Q%2Ffg5Cyj9EWtaW50PDvovk7UN4J5xI5kE%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV2JtZM_Ei5tSPQXcRS1ssTUS_8xvR11yLNH_ueoquGVVe1eYPGXpdJNZAJReCsFY2B_RfUvewNsUWM4sSqFS0Wx1VleLF67T2VhutK8V4JXox3K-8F5JQ_obQqb--WlNOEx9GCFruAjSXEpNPYj8mfYn4a8WIgcphGbm_oEvg4n4jDCrYr7eY-ZMMk_R8-0aAFq7VR8qpm66qqTaBYqKPbwbSzNz-tFr3_awpoUCzg-9sN37_9xzeaqj3hzhYQJMfVoG6jaVGVKTLDisbBBHDWJZdhFQhc-ufOP4Ft3AHlFasQWTCXqWTxo4bqm2asVDxfyAAMgiRIAcc-KbacX4T5QV7BkRJJ6cMy3lFS7KRWOaIN2HYcGl0XJjSylYqMWjOp0loxPvCcHltx_dYcA6wGndQRt4thUpzeYbbH4zkUPcFTbDdddiPdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_WWpPR0mYtSaA4-NrASi0Lj4CMme0rFc1Z2R93DAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKAB1bbS6gPIAQmpAvxqb-QeN7I-4AIAqAMBqgT8AU_QsoZfvjyRYGxXToWqCuZ8pcT2Hps_mi0uFg07ClD8yNpzVqjH_UXG5rqh5AIMl39ZtRP8SWFo-XNdAIcVXXT5f-Wn3mBp_nSf0ysUeMJTGdVzP2Ts-tTNhjEVfqB9mOrXnhFN4KiqLEvI_tEr_x92_W301IyRqNJBRwruruV1lBcm616R2ghLffkZkwt1gteUaFQ9Dk3WzFOtsKztridPRmWrQuGArTu1J98xIMquwQ0so0Idf8bcUQjin6-aC6rjopy93tWc1vLHwXKitAf8Ty5dOK2SjqVVuj2fzhsWgv5tEHB3E6DJSc5OpTA3_MTQ_xi5Qy4kBpQYCOAEAYAGpfyj5rOD5JY7oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2J76TmTLO87xJ9Trn7D4Eg7KdmtA%26client%3Dca-pub-4903453974745530%26adurl%3D
Frame ID: AE506BC7D861D6961DEC8DD7F8A7531A
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E52AE8CBD4A3F23E30F861684352BAEA
Requests: 9 HTTP requests in this frame

Frame: https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 4F165F7F10C67F411E877F58DAF38971
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jf5t9q3xyybexfm3mwehcf2v7wd3mgr96ac6hst9f8nmknk5fxn09jkrhqfby1qq5870xyrwaxmbt1v6y4jrd8f6gmzde6tggtg7eyx28x61a6tq1f1vw64k18ae1q650w4f8pz3r4ycegdc1ab84d1km80fk4chf9srwnwspkrygms2bvmhhyv5vbzackzp4b4xx8hsh2kt5z9760049y920pdsyv2mbb5vk0g0rn6hddgb6wmbwz16e3m68p1k1dhhrj6w5380k1v56yamg707e57rcz0mrw7cx4ntac6dv0z4766m2r56yv6f7jpfatc13yzwcwcm5p3ze34ts9vqt8hye27pq43mqda27vaqc798bgvwzwbs94nhhyp6d8d222f4hhknc36xfmejkvymqj692ef&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZNIDPR0mYvzcCpGYrAS89Z-wA5DhgYRctqjCivACwI23ARABIABglYKAgKAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQL8am_kHjeyPuACAKgDAaoEzQJP0OfM7kky6SuXECbjzDteZ_pDHK8OmK31vxon91MoESpDaqq4sqJbAdsqjozrHMXKzW6cyPlWJXpWCY2RnQ3C-d5cRfqa2TzW3w0NEaO0bcRf6Czu1qlnH5w4VbJ9wo935cbMAhHPi1Kbr1bNm0Lm2TJ39aroYySBAgIEzd2XC4Rfvyv3oc8FmvoPAlPJVNuSI307Nv0hjSYxuPN7CjSk72UIPF5Oti4Ll4wxHw3RbbsAm2Zf2RM2OicJU_zONpK3uDBRMGd6XrJTzM7rZiKs1GJeSdeL_FA5_uWYdEWr051X5Do_mmzAgG3tXTgQjsuBMFo-Hd-DqGiF6w_GAO71qdldj1hpL93jc__nmC5FtN5U4gV5EPQ-gudqCTQpk76p71JgCg4UdoV0l_rGEyk7URtQYuWd_5ry9sKedOL4ZT2ggABvuv9huRQwMK7gBAGABr_Lica30_nRW6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oEBsv1AqsSAfWVzL4Qau7Yy3L9A%26client%3Dca-pub-5413329544040947%26adurl%3D
Frame ID: 7115FDAA30242EE9258DB6FBBCCA5C75
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0156D3AEDA636DDDFB2E0D85E27CB75C
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: FB92F9F5CA4B760F1C18328191F86D78
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C15255%2C823&b=XxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2CXxVfzfrf3bf6H4HetqtMGQtQSkTXKPfJ&f=e7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2C62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Ce7RC3fVfYpcjHZHet2CbrzUwSQTx8Ja1&c=728&d=90&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=d22730ed93be70b2754da1c6fe28122b%2F3581078912661162303&i=25007%2C25174%2C9719&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1646665021955&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jg6nkbevx295n869432ttxq6nkeasf4bvgkctbyzt39k0bdezmfnj73fhvavkg730hkfz4spd8812b9ngnnjfye86e42fswpe5hv5nx53r5x1r4t6zzzyaz3x9eke8vyadqxxqtbf2d8efk5pnhw3z5ybxy3kx4tq511n6243y8xzxefmj7v070erkh7a86k1bz8p4vs879rc7yaxhgzvrt3cbcdg4zeasvas76r82r4d41wsrs03f045727rppq3s8p5ysp4f3g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZNIDPR0mYvzcCpGYrAS89Z-wA5DhgYRctqjCivACwI23ARABIABglYKAgKAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQL8am_kHjeyPuACAKgDAaoEzQJP0OfM7kky6SuXECbjzDteZ_pDHK8OmK31vxon91MoESpDaqq4sqJbAdsqjozrHMXKzW6cyPlWJXpWCY2RnQ3C-d5cRfqa2TzW3w0NEaO0bcRf6Czu1qlnH5w4VbJ9wo935cbMAhHPi1Kbr1bNm0Lm2TJ39aroYySBAgIEzd2XC4Rfvyv3oc8FmvoPAlPJVNuSI307Nv0hjSYxuPN7CjSk72UIPF5Oti4Ll4wxHw3RbbsAm2Zf2RM2OicJU_zONpK3uDBRMGd6XrJTzM7rZiKs1GJeSdeL_FA5_uWYdEWr051X5Do_mmzAgG3tXTgQjsuBMFo-Hd-DqGiF6w_GAO71qdldj1hpL93jc__nmC5FtN5U4gV5EPQ-gudqCTQpk76p71JgCg4UdoV0l_rGEyk7URtQYuWd_5ry9sKedOL4ZT2ggABvuv9huRQwMK7gBAGABr_Lica30_nRW6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1oEBsv1AqsSAfWVzL4Qau7Yy3L9A%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Frame ID: 5FDEE5365D3928C41C0935636FA1775A
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Evilmark.com - > The Evil Mark Show with Mark Hammond

Detected technologies

Leaflet (Maps) Expand

Overall confidence: 100%
Detected patterns

leaflet.{0,32}\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

405
Requests

93 %
HTTPS

55 %
IPv6

48
Domains

80
Subdomains

52
IPs

8
Countries

4895 kB
Transfer

10541 kB
Size

46
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.nets4.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://link.nets4.com/digitalocean

Search URL Search Domain Scan URL

URL: https://link.nets4.com/google
Title: Signin to Nets4.com

Search URL Search Domain Scan URL

URL: http://evilmark.com/?utm_source=nets4.com&utm_medium=referral&utm_campaign=domain_page
Title: evilmark.com

Search URL Search Domain Scan URL

URL: https://leafletjs.com/
Title: Leaflet

Search URL Search Domain Scan URL

URL: https://www.openstreetmap.org/copyright
Title: OpenStreetMap

Search URL Search Domain Scan URL

URL: https://blog.nets4.com/p/privacy-policy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://blog.nets4.com/p/about.html
Title: About Us

Search URL Search Domain Scan URL

URL: https://link.nets4.com/facebook

Search URL Search Domain Scan URL

URL: https://link.nets4.com/twitter

Search URL Search Domain Scan URL

URL: https://link.nets4.com/youtube

Search URL Search Domain Scan URL

URL: https://link.nets4.com/instagram

Search URL Search Domain Scan URL

URL: https://link.nets4.com/quora

Search URL Search Domain Scan URL

URL: https://link.nets4.com/pinterest

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=DFF8F0AAA6FB44F1A3631EF2BC03D3F4&RedC=c.clarity.ms&MXFR=2F9BD4B7FE0B69FB0864C5D7FA0B6790 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=DFF8F0AAA6FB44F1A3631EF2BC03D3F4&MUID=23289BA076E1640D19468AC0778A65D9

Request Chain 167

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 219

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEF5dOVp-_WrnnqEsQzoi28M&google_cver=1&google_push=AYg5qPJcYJi62HvXDfTiU8tmCYf8N_jtn6RsALu2cz8syNMNONtc-64E9UrwMiOC5vy67a-z_M2cjKkSDhvGfUvwNQFCozW22DE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJcYJi62HvXDfTiU8tmCYf8N_jtn6RsALu2cz8syNMNONtc-64E9UrwMiOC5vy67a-z_M2cjKkSDhvGfUvwNQFCozW22DE&google_hm=mLWZCMeoR9qTbjvy9WEhrrc

Request Chain 220

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEB5xlyDk-c2RmMa1AgAlZ2g&google_cver=1&google_push=AYg5qPLuiuqtPNKtRMaxh7W9aZJVt0Kj8Op7m5cebd5iQEQBde51eaEvJSzHHiz5uzrRIvEUdfA_yyDLaXvoBCBU88X45EnTfeY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLuiuqtPNKtRMaxh7W9aZJVt0Kj8Op7m5cebd5iQEQBde51eaEvJSzHHiz5uzrRIvEUdfA_yyDLaXvoBCBU88X45EnTfeY&google_hm=NjE1NDI2OTA4NTA3ODc0MDE1Mw%3D%3D

Request Chain 221

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN4SmEtQwhRmKkuHS45pFRQ&google_cver=1&google_push=AYg5qPIxpp4NdwOfI2rsYhq1m4xKQk_quYTH_SPYCHj-Rk1mkFfukz8Xqe0xn1JgV3yGkcHyPQYH0mg7DZmOD-qNX1ymarc2Tb4 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN4SmEtQwhRmKkuHS45pFRQ&google_cver=1&google_push=AYg5qPIxpp4NdwOfI2rsYhq1m4xKQk_quYTH_SPYCHj-Rk1mkFfukz8Xqe0xn1JgV3yGkcHyPQYH0mg7DZmOD-qNX1ymarc2Tb4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc5MjIyMzA3OTA1OTk4MzAwMw&google_push=AYg5qPIxpp4NdwOfI2rsYhq1m4xKQk_quYTH_SPYCHj-Rk1mkFfukz8Xqe0xn1JgV3yGkcHyPQYH0mg7DZmOD-qNX1ymarc2Tb4

Request Chain 222

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELzNa6GEqkXsEzXlQiuPe8Y&google_cver=1&google_push=AYg5qPJoEPDnVFIanMjhtyTycjQPMkR-AsvdPDHhI8RVxKvb_1MqCB8VSCzw4OeWOI65-v94mqC3tpPPYbfOHz3nMU2xASO-PH0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJoEPDnVFIanMjhtyTycjQPMkR-AsvdPDHhI8RVxKvb_1MqCB8VSCzw4OeWOI65-v94mqC3tpPPYbfOHz3nMU2xASO-PH0

Request Chain 223

https://onetag-sys.com/sync/i,19/?google_gid=CAESEK0Dycwezl-HU-HD3tckN70&google_cver=1&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA

Request Chain 224

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEPusvLqZwD86uY5q0wqdR0&google_cver=1&google_push=AYg5qPIqMLOwTndKP_b-XyI-09cVtOBKpGe2g2SIJFoGI6VYZd1e5o-BqRDYR5Vew3ieW1CqxW9N6HhZOp7Stswmzhujnb8owjc HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEPusvLqZwD86uY5q0wqdR0&google_cver=1&google_push=AYg5qPIqMLOwTndKP_b-XyI-09cVtOBKpGe2g2SIJFoGI6VYZd1e5o-BqRDYR5Vew3ieW1CqxW9N6HhZOp7Stswmzhujnb8owjc&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEPusvLqZwD86uY5q0wqdR0&google_cver=1&google_push=AYg5qPIqMLOwTndKP_b-XyI-09cVtOBKpGe2g2SIJFoGI6VYZd1e5o-BqRDYR5Vew3ieW1CqxW9N6HhZOp7Stswmzhujnb8owjc&apid=UPd7a80051-9e26-11ec-837a-066ef03919b2 HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEPusvLqZwD86uY5q0wqdR0&google_cver=1&google_push=AYg5qPIqMLOwTndKP_b-XyI-09cVtOBKpGe2g2SIJFoGI6VYZd1e5o-BqRDYR5Vew3ieW1CqxW9N6HhZOp7Stswmzhujnb8owjc&apid=UPd7a80051-9e26-11ec-837a-066ef03919b2&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBkN2E4MDA1MS05ZTI2LTExZWMtODM3YS0wNjZlZjAzOTE5YjI%3D&google_push=AYg5qPIqMLOwTndKP_b-XyI-09cVtOBKpGe2g2SIJFoGI6VYZd1e5o-BqRDYR5Vew3ieW1CqxW9N6HhZOp7Stswmzhujnb8owjc

Request Chain 256

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKne-xMJx5nYTrqdxUN8rRU&google_cver=1&google_push=AYg5qPJqoTYKTQ0mpM4rW2A5GybMTzmMMZavWTtniUXuHDJnbmmbpuVBtAoT53PvSiPLCMehFQbBT5uwH3A1KDd05yFn5FDfPzLi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJqoTYKTQ0mpM4rW2A5GybMTzmMMZavWTtniUXuHDJnbmmbpuVBtAoT53PvSiPLCMehFQbBT5uwH3A1KDd05yFn5FDfPzLi

Request Chain 257

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBBzohjbmGZhQGiTGB9RSSM&google_cver=1&google_push=AYg5qPKMWvO0iMBJoXnKUOksHOzCSTtgXHTM7j8MJVgKtIk3cqHv52AQ_Ml4X67QddabjTLfKToE846eWcF87fLdK9mRjoetSmGB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKMWvO0iMBJoXnKUOksHOzCSTtgXHTM7j8MJVgKtIk3cqHv52AQ_Ml4X67QddabjTLfKToE846eWcF87fLdK9mRjoetSmGB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBBzohjbmGZhQGiTGB9RSSM&google_cver=1&google_push=AYg5qPKMWvO0iMBJoXnKUOksHOzCSTtgXHTM7j8MJVgKtIk3cqHv52AQ_Ml4X67QddabjTLfKToE846eWcF87fLdK9mRjoetSmGB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKMWvO0iMBJoXnKUOksHOzCSTtgXHTM7j8MJVgKtIk3cqHv52AQ_Ml4X67QddabjTLfKToE846eWcF87fLdK9mRjoetSmGB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 258

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEF3Yie-3ZYBr22aztXl9Qd4&google_cver=1&google_push=AYg5qPLBclyRGKi-Vhbxt0_2G1PkXNZPrt7a6r1tkEoJXM2JkLWPwB-YhIjB0dHUUD7OQ1n4KOlW19K47F_E5sXZ5yO03nYGpfk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA3MjM3MjQxMjY2NTE2NTk3NQ%3D%3D&google_push=AYg5qPLBclyRGKi-Vhbxt0_2G1PkXNZPrt7a6r1tkEoJXM2JkLWPwB-YhIjB0dHUUD7OQ1n4KOlW19K47F_E5sXZ5yO03nYGpfk

Request Chain 259

https://d5p.de17a.com/cookies/google?google_gid=CAESEBeMVfq_6ANzAsfz1zcgRQU&google_cver=1&google_push=AYg5qPLR6gOaBQAasNcGd-p9GtytQQ_z6P6BBrfwv7WREv8sC9qU8x7T_ZFreoYGVD9vZ8F7rusOBLt5OFVvgeb43L8ISFqykTu_ HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBeMVfq_6ANzAsfz1zcgRQU&google_cver=1&google_push=AYg5qPLR6gOaBQAasNcGd-p9GtytQQ_z6P6BBrfwv7WREv8sC9qU8x7T_ZFreoYGVD9vZ8F7rusOBLt5OFVvgeb43L8ISFqykTu_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLR6gOaBQAasNcGd-p9GtytQQ_z6P6BBrfwv7WREv8sC9qU8x7T_ZFreoYGVD9vZ8F7rusOBLt5OFVvgeb43L8ISFqykTu_

Request Chain 260

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN4SmEtQwhRmKkuHS45pFRQ&google_cver=1&google_push=AYg5qPJMJKTB1H8w1c1DqGc45_oqGVaYCHrTWSPhEHjkOJL6sRPzet8MyoqGKWhN6RIVgIim2zjRuaSHFugzRu-mU1-fFXEpLYrT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc5MjIyMzA3OTA1OTk4MzAwMw&google_push=AYg5qPJMJKTB1H8w1c1DqGc45_oqGVaYCHrTWSPhEHjkOJL6sRPzet8MyoqGKWhN6RIVgIim2zjRuaSHFugzRu-mU1-fFXEpLYrT

Request Chain 261

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJDG30GvJ24PIHJs9zIt_ds&google_cver=1&google_push=AYg5qPJgXz6hx8s6nh4KNbzvzBTAv039rfID-7RmyK-A_Q6aHGBVOoTI1fqYoP0u6mw15k8sU2UZtb2-SO8POtR9RJucS8JMmhw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBHVFU1Vk8tMUQtR01YNQ==&google_push=AYg5qPJgXz6hx8s6nh4KNbzvzBTAv039rfID-7RmyK-A_Q6aHGBVOoTI1fqYoP0u6mw15k8sU2UZtb2-SO8POtR9RJucS8JMmhw

Request Chain 290

https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneid3bgFpf14UB63a7HrHAtEt997f8TWTReadoneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneid3bgFpf14UB63a7HrHAtEt997f8TWTReadoneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022030715570165227498483X117679V1226132702MSoneid3bgFpf14UB63a7HrHAtEt997f8TWTReadoneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth&spid=2022030715570165227498483X117679V1226132702MSoneid3bgFpf14UB63a7HrHAtEt997f8TWTReadoneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679

Request Chain 293

https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022030715570165227498485X113752V1225131106MSoneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth

Request Chain 323

https://www.awin1.com/cread.php?s=2480620&v=14363&q=359541&r=412871&pv=1&pref3=oneidY2jcrfG3f5BXkfVH9HetQtReGtAT1TK1Troneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd={{IAB_CONSENT_PD} HTTP 302
https://shop.euromaster.de/?awc=14363_1646665021_0d0d8497ae2c2f078900432029c0e6d7 HTTP 301
https://www.euromaster.de/?awc=14363_1646665021_0d0d8497ae2c2f078900432029c0e6d7

Request Chain 326

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=COKLrZ2htPYCFUuaewodAvgD1w;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1646665021_d84b1d72-9e26-11ec-81bc-2262d3a2196d

Request Chain 335

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJG3RLLlpC3LH4xDGgi6ugo&google_cver=1&google_push=AYg5qPIixRCdLvTanflo2HKSEs8GjYa1uIj3AK554AUElr95LyrcYuMYtVXJE92CKJvppv7jXdfzOx7kFvo6-kWZucefOnWmzYc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzU5NDE0OTUyMDExMTMzMTM3OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJG3RLLlpC3LH4xDGgi6ugo&google_cver=1

Request Chain 337

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBdBvHC1fciVnQODIB-miR4&google_cver=1&google_push=AYg5qPIlpyQ8nHg3KbpVknXOGRdK3_Z3IAx4h0iqwoy0-7X8q85Vc3BSxbrsATFOngCMN5Swg1Hvxd3UkxVJoc7W_X3kBbrNFg HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBdBvHC1fciVnQODIB-miR4&google_cver=1&google_push=AYg5qPIlpyQ8nHg3KbpVknXOGRdK3_Z3IAx4h0iqwoy0-7X8q85Vc3BSxbrsATFOngCMN5Swg1Hvxd3UkxVJoc7W_X3kBbrNFg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YVlqcVBuRkgxTnJlTmY1&google_gid=CAESEBdBvHC1fciVnQODIB-miR4&google_cver=1&google_push=AYg5qPIlpyQ8nHg3KbpVknXOGRdK3_Z3IAx4h0iqwoy0-7X8q85Vc3BSxbrsATFOngCMN5Swg1Hvxd3UkxVJoc7W_X3kBbrNFg

Request Chain 340

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELzNa6GEqkXsEzXlQiuPe8Y&google_cver=1&google_push=AYg5qPJB-eQsOziyLRLpwuI-ed7IXpl2fVfQVcOUsR6SQEAEI1sSSrzD81htqUGt5mS-AVEaRgCcqqBnXwBiYniCC0FMNKxIzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJB-eQsOziyLRLpwuI-ed7IXpl2fVfQVcOUsR6SQEAEI1sSSrzD81htqUGt5mS-AVEaRgCcqqBnXwBiYniCC0FMNKxIzg

Request Chain 341

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOv9QCV-9LjrQmJDvraCLNI&google_cver=1&google_push=AYg5qPIPteBe6NiOgSjFkoR7rsoS0ByaVy0mVhiHxABlFe_5Nze178Y-Vd2LpX54YMkm8xN7QTG9eoJZ1q7Z9O5KXgNbGwWEdsU HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPIPteBe6NiOgSjFkoR7rsoS0ByaVy0mVhiHxABlFe_5Nze178Y-Vd2LpX54YMkm8xN7QTG9eoJZ1q7Z9O5KXgNbGwWEdsU&google_gid=CAESEOv9QCV-9LjrQmJDvraCLNI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTEyNDA3MzkzNzYwNjIzMjg3MDY2&google_push=AYg5qPIPteBe6NiOgSjFkoR7rsoS0ByaVy0mVhiHxABlFe_5Nze178Y-Vd2LpX54YMkm8xN7QTG9eoJZ1q7Z9O5KXgNbGwWEdsU

Request Chain 354

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJG3RLLlpC3LH4xDGgi6ugo&google_cver=1&google_push=AYg5qPISscF3Y2x_0kRz3SgsMOWJy5lq8ZxsFGuENrLIQIwxIEkOQG6nRGnuapcRvIqSSkSniVbgcYWU9iJNskxMoxZUMOQKIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzU5NDE0OTUyMDExMTMzMTM3OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJG3RLLlpC3LH4xDGgi6ugo&google_cver=1

Request Chain 356

https://d5p.de17a.com/cookies/google?google_gid=CAESEBeMVfq_6ANzAsfz1zcgRQU&google_cver=1&google_push=AYg5qPKpSetePoffY3dKjQfFB4VRCBxTTW7ske0yxyd9Fq4JlfkpRNg_mmg1wOdJC3nUtcMRpqqLvZpc4q91bGrsNWUujP-Azw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKpSetePoffY3dKjQfFB4VRCBxTTW7ske0yxyd9Fq4JlfkpRNg_mmg1wOdJC3nUtcMRpqqLvZpc4q91bGrsNWUujP-Azw

Request Chain 357

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN4SmEtQwhRmKkuHS45pFRQ&google_cver=1&google_push=AYg5qPK6T75jVQW83MsGYiBVoOM2w9I1dH2MvKOYNJ9OKOQE8mXZbwhSKyN-WmtjmBuyQ2NbR0t648i91iF4I4E0-LP6alt-BKo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc5MjIyMzA3OTA1OTk4MzAwMw&google_push=AYg5qPK6T75jVQW83MsGYiBVoOM2w9I1dH2MvKOYNJ9OKOQE8mXZbwhSKyN-WmtjmBuyQ2NbR0t648i91iF4I4E0-LP6alt-BKo

Request Chain 358

https://match.360yield.com/match/ebda?google_gid=CAESECHelNNTX_o2Hzky_fAFhAA&google_cver=1&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-NqAFu3KpOJU HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESECHelNNTX_o2Hzky_fAFhAA&google_cver=1&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-NqAFu3KpOJU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-NqAFu3KpOJU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-NqAFu3KpOJU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-NqAFu3KpOJU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-NqAFu3KpOJU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-NqAFu3KpOJU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-NqAFu3KpOJU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-NqAFu3KpOJU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-NqAFu3KpOJU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-NqAFu3KpOJU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-NqAFu3KpOJU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-NqAFu3KpOJU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-NqAFu3KpOJU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-NqAFu3KpOJU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-NqAFu3KpOJU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-NqAFu3KpOJU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-NqAFu3KpOJU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-NqAFu3KpOJU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-NqAFu3KpOJU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-NqAFu3KpOJU

Request Chain 359

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIKDJU70-ndkZBHbjHoUKiE&google_cver=1&google_push=AYg5qPK0IodjAAXkQb1Qfnvb6mDTWnV41856Ow6TaNUB8q2ijx24DhBw3JpKMZutE5loo6dQHmizvF5p2O7-kGnEX-OJMqrHVlMu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1NdUNjZEMxRTJ1R2FKVGFVaHRjV1FNcHRfNUszampqX35B&google_push=AYg5qPK0IodjAAXkQb1Qfnvb6mDTWnV41856Ow6TaNUB8q2ijx24DhBw3JpKMZutE5loo6dQHmizvF5p2O7-kGnEX-OJMqrHVlMu

Request Chain 395

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3oneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMe_z52htPYCFZaHgwcdCZwIVQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3oneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3oneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1646665022_d891c361-9e26-11ec-81bc-2262d3a2196d

405 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request evilmark.com Show response
nets4.com/domain/ 48 KB
12 KB 720ms
671ms Document
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nets4.com/domain/evilmark.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eea82a9fbbd29de3d09f9ea2cae5971b1e4c4661b05124a27f40b56fbba4b061

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
content-type: text/html; charset=UTF-8
cf-ray: 6e842e437d7890e6-FRA
cache-control: public, max-age=86400, proxy-revalidate
last-modified: Sun, 06 Mar 2022 14:15:45 GMT
vary: Accept-Encoding
cf-cache-status: EXPIRED
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JEX09XzmsPP05vz8KPf40ze%2FMLH6x%2B848yM0HbghHF6vhiJV90qc4FcolgsujSrPzpVECirm850dTLZluLbkoDHDYisfTSehRwhaNvNhzMwdNGQth11TcfkxSVb3wFm6TFBscnsuyWg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 awkqrI1qzYcE0gTfW6uXyLl_1bA.js Show response
nets4.com/cdn-cgi/apps/head/ 7 KB
3 KB 29ms
27ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nets4.com/cdn-cgi/apps/head/awkqrI1qzYcE0gTfW6uXyLl_1bA.js
Requested by: Host: nets4.com
URL: https://nets4.com/domain/evilmark.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f70751d4b3f5d5c9f208ea16e8cbcac3c6abf1bda80357da3fcd21dde4333449

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/domain/evilmark.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1735789
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: TBE6C4PT6ZEY65EB
x-amz-id-2: hqmFJhu4VH8dCEln6C+wWXkNh2EoKkrRwJZHX09Pjf7ISr+2/I4OwLauznRIaOAhxAwkQDPUhmg=
last-modified: Fri, 10 Dec 2021 11:06:12 GMT
server: cloudflare
etag: W/"e951628ea64bbeadb19c6d855ca98c7a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iE4YoPn9JRi9kmZ6VVlu%2BD33GVLT6SoRdSNkHDdwKj%2BqAG0INNn79UkS02%2B8plt729WLs7hJP9fPFDtxHLVIcjQz9y1k3HhyZLCl4Fqil8t7gRutgm1xzZemKGdMeOAOlbg0ePf%2Bmmo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 7KspX51u1Msx7FcOmJWweyW7FbGqzJNg
cf-ray: 6e842e48684c90e6-FRA

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/css/ 157 KB
18 KB 61ms
24ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/css/bootstrap.min.css

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 622319
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17620
timing-allow-origin: *
last-modified: Tue, 20 Jul 2021 01:00:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60f6203f-44d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXhGkyhXziUq7iTR4C4r5wLsCOGxLKx9rU36ohQCEMu36idxf6C58xlL%2BvA9u5FW3O7Y5Vn7eflGfvTJdfn562g75v%2BDlulZRjWhb6PP3myCWiw8nINc8c40JLXg0awSXEBP1Wwx36wxVFuG12kIjoFp"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e842e489be16922-FRA
expires: Sat, 25 Feb 2023 14:56:57 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 62ms
25ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 838591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10462
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-28de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgfNYc%2BeCZhDNd%2FvXaf5504UilhbSPNKXkIUaPbpIn131zeUUlyuKwv4xAxVmdiTV9Hc0fqFoJ%2FaJz9bpZfQGCtzMMNTWZNyeaogxBLpcT4yrFZPpKTu0QUVtXy4%2BfXC%2FHk0p9yKbGiptk36F5U5EfgO"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e842e489be36922-FRA
expires: Sat, 25 Feb 2023 14:56:57 GMT

GET
H2 200 style.css
nets4.com/assets/css/ 345 B
577 B 41ms
41ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nets4.com/assets/css/style.css
Requested by: Host: nets4.com
URL: https://nets4.com/domain/evilmark.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0f382f3320ade05dd14f969ff7dd9d894c6a6571165ab6d7fcdade2f4836dfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/domain/evilmark.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5978
cf-polished: origSize=451
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 01 Nov 2021 12:55:19 GMT
server: cloudflare
etag: W/"617fe3b7-1c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLCDzPUs2V10hI4416RKCC1Elg044IyXEJooxyaIUlnIHXDP4lO7ZPhKszwBL%2BLUCJXnsYFJ02Kv9GIp4V67dl7scpTAJYpcwU%2B4HjhYE8bMTlrk6jS%2BtFLpOR%2FZ11RXSjwafy6S3IY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 6e842e48684d90e6-FRA
cf-bgj: minify

GET
H3 200 invisible.js Show response
nets4.com/cdn-cgi/challenge-platform/h/g/scripts/ 46 KB
17 KB 29ms
28ms Script
text/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nets4.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Requested by: Host: nets4.com
URL: https://nets4.com/domain/evilmark.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15343fff5c592b8409f9b77d2cb3ff13ba6e8becde4ef47d4588fd2ff3bec1e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/domain/evilmark.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WF3Dt3lFi%2BuGq4MZ3TtG4BQ90ZOrAl42E%2Fw%2FWhYzJAJMPnyVdGsCV%2B4XrA4FiexEtHF5clSX4xWbDf51Epvp2b76VuBps3Rob6RonaLIdcUnjUitfGFaDkI8gpwfJRfWkyGkyqBuams%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6e842e48dc406921-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Th69y9F.png
img.nets4.com/img/i.imgur.com/ 3 KB
4 KB 54ms
50ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/img/i.imgur.com/Th69y9F.png?w=120&h=20&f=auto

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

704f6f54ae77cd5ea0a0bf47ebb70727a9bd76a311d7e54788ad3dc79b366739

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 599852
cf-ray: 6e842e48e91690e6-FRA
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3395
x-served-by: cache-sea4480-SEA
server: cloudflare
etag: W/"6df89d86deba278d112332afb4bb100b1a6165842a7fdb7f78a5a70c7c7218aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXf8d%2FiooHT6L%2Bsac7o7XGSAUtigcjkLoyM3rGjeYauTNxCu5mkHq53u1mJl99vNIBYdkTHj1bYKTFvi8iyIY9%2FsRC8vbzBDw%2B6LqGT2XjdJGkyIPgCfDxlYtPD16YFaosvwxEBAnd5UShNi"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://img.nets4.com/image/Th69y9F.png>; rel="canonical"
access-control-expose-headers: *

GET
H2 200 58T3Wrl.png
img.nets4.com/img/i.imgur.com/ 1 KB
2 KB 64ms
60ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/img/i.imgur.com/58T3Wrl.png?w=20h=20&f=auto

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2255ec4c3254a41b448889224b2cc5c32f8d6f8a6165d3c58aa6523f86c0957c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3570519
cf-ray: 6e842e48e91990e6-FRA
x-cache: MISS, MISS
x-cache-hits: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1117
x-served-by: cache-sea4474-SEA, cache-fra19151-FRA
server: cloudflare
x-timer: S1643094498.253186,VS0,VE702
etag: W/"86d32e1b83f7c87590ac6aad5f278dca67bb9675a7a7869ed47749c6cf91763d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZupSQhC5OWR6unS%2FpCICvp6rMFIRR0bmyyQKgvvxsB3qbTXDLnahMuA6yZlZuS98YnmrghOjaD%2BFy3zp%2BS2dIQ%2FguMSUGK5J3i0MgTEqzMSkanF8B7O39OidNHJFp7l%2BQu9IlqAjXSJ8H2UK"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://img.nets4.com/image/58T3Wrl.png>; rel="canonical"
access-control-expose-headers: *

GET
H3 200 leaflet.min.css
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/ 10 KB
3 KB 43ms
22ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.min.css

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

722c5b95144aaf980dafacd36b1df0a3a0cff78962e8eee8f56e40c423f00b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://nets4.com/
Origin: https://nets4.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 608857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2153
timing-allow-origin: *
last-modified: Thu, 03 Sep 2020 12:27:33 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f50e135-298f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spZq87XHrSLFtzigQ791wbEn0rwEpCY5g8u%2BW4rbIeWXRfC4rlSgeu5zt2qmIMEkAacnd2sQtMIyPo0zI4KdB6t1d2Y9j7yMtpNHvE%2Bj7GCoiLsOzJo74bu4F6ntp6JWGyjodcLaV8zu0wjKotbH0Wz3"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e842e48e9c99b74-FRA
expires: Sat, 25 Feb 2023 14:56:57 GMT

GET
H2 200 Zc4iwuj.png
img.nets4.com/img/i.imgur.com/ 814 B
1 KB 57ms
56ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/img/i.imgur.com/Zc4iwuj.png?w=15h=15&f=auto

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd1892cb87a74dac682a6207344909a96f23d342670b32063a4f4bae614805dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3570519
cf-ray: 6e842e48e91390e6-FRA
x-cache: MISS, MISS
x-cache-hits: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 814
x-served-by: cache-sea4422-SEA, cache-fra19136-FRA
server: cloudflare
x-timer: S1643094498.271303,VS0,VE214
etag: W/"ef5e715e8edc5303224592e859bd4f82e513e48ef6932a25dfb6f389dbaed4a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2Fj72Zd%2BvO%2F3UX4OnQgCALYqeaOkscRVbUCMafHOk8gZX9S1dUtcKQKkAQPK84f122J3eSA8Cuxiz2Wut8kRNue9rUEsAQDMYKpLr1qogw%2F47ekvDVXah00xoeutiyVrRaxCnGBjuyEvvUMj"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://img.nets4.com/image/Zc4iwuj.png>; rel="canonical"
access-control-expose-headers: *

GET
H3 200 rocket-loader.min.js Show response
nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 34ms
34ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/domain/evilmark.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Mar 2022 15:11:12 GMT
server: cloudflare
etag: W/"621f8910-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cX2k0uCSPuHp5juknzTRsgDeFEt1iMVyI7ggobCky50lEaYPC49Hwn%2Bry%2BMhOhkvQNQ1xMYG%2BZxc0engWVI8vO8GSaNhMNk%2F46CZ%2FiuLG6d5DKmVIMcyP8eNPGcSJ1TfrGyu7ncxWvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e842e48ec5c6921-FRA
vary: Accept-Encoding
expires: Wed, 09 Mar 2022 14:56:57 GMT

GET
H2 200 W25b9ht.png
img.nets4.com/img/i.imgur.com/ 2 KB
2 KB 31ms
31ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/img/i.imgur.com/W25b9ht.png?w=40&h=40&f=auto

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17a97981604a1fe56f8804e77655010e70cbfbbac2c66e03a303e876dfd72640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3570518
cf-ray: 6e842e48f93990e6-FRA
x-cache: HIT, MISS
x-cache-hits: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1574
x-served-by: cache-sea4420-SEA, cache-fra19181-FRA
server: cloudflare
x-timer: S1643094500.716062,VS0,VE220
etag: W/"ee80457266cef4b485c3668cbdd5f67e7ed204e94a46f041afd17fa27c93c945"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BA%2BHCaraWVoZtUFUF2YhSwvLQv1KFvrsOhYMXtK779FnNjOngAdNAWUAmWCH8jmfC%2F4f2VfXcnHiqOh1IvnFKIj2bmYktAsuLPXfb%2B2RPeyyml3nEg43DR7%2BuH0jIF2zjmIIJzvCaoT%2FuXOX"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://img.nets4.com/image/W25b9ht.png>; rel="canonical"
access-control-expose-headers: *

GET
H3 200 evilmark.com
nets4.com/domain/ 15 B
0 29ms
29ms Fetch
application/json 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nets4.com/domain/evilmark.com
Requested by: Host: nets4.com
URL: https://nets4.com/domain/evilmark.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://nets4.com/domain/evilmark.com
ts-request-embed-key: a0767c01-2b7a-4bab-8954-d37e7510e64d:33977c469845eaeecf42689452328038956e61e1e60017c215b6d3880addb366
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:56:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzkzXDR8iZsBSjNabexZFzJ5vdmEZ10ZLjG4ialTQKT%2BQv8gAE0EgIIDgth3KZctPUX89WmyCKZe48J7ODv5Y%2B0ftk6BvcPPbDiiVZ7ljL2Qpqy7nDNaeqO9ojGijijqYButd%2BWA5bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
cache-control: no-store
cf-ray: 6e842e491cb36921-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15

GET
H3 200 leaflet.js Show response
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/ 139 KB
36 KB 26ms
26ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.js

Requested by

Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c837347a297c1a35852aa375392cc74950a2b868214e8b1909c4637b8b63ee24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://nets4.com/
Origin: https://nets4.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3567737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35659
timing-allow-origin: *
last-modified: Thu, 03 Sep 2020 12:27:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f50e115-22a75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qHfwzE6fPY%2B15QNJUjrMaxpIqBS%2FDajN7MkOcavKHdsciUT9F6DFOarAk24RYHsN8h3iQUaHTwvCRsPSMGIVqMfPKv%2BF4j6u%2BAyM%2Fe0ncO45jiG9Sja8qk4vRlFmXBsy1zd4iYZM4CIGVswXrZmCtQD4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e842e492a449b74-FRA
expires: Sat, 25 Feb 2023 14:56:57 GMT

GET
H2 200 agent.js Show response
cdn.purpleads.io/ 34 KB
10 KB 90ms
20ms Script
application/javascript 13.224.89.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Requested by: Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38bf08369b9d72ce4d22d5b555e9e5ee2e7a5fab8980ba2787f47d89d55e2c99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:35:08 GMT
content-encoding: gzip
last-modified: Mon, 21 Feb 2022 08:37:50 GMT
server: AmazonS3
age: 44526
etag: "0c008aa8cd8d5ae47e2eb77cc10e9a3c"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c07945b00aad28e34fbfebb3d3907060.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 10377
x-amz-cf-id: j1I5pxzhb9aGarxK65kTkjkJ1WfWgNSB51QCUEM-hDxpnXU1iF6v6w==

GET
H3 200 sharebutton.js Show response
nets4.com/assets/js/ 80 KB
28 KB 42ms
42ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nets4.com/assets/js/sharebutton.js
Requested by: Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21af66f64bb18b1159ee363a933d5630e27419c83915d4d5ef42d8154f3921da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/domain/evilmark.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5737
cf-polished: origSize=120806
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 03 Jul 2021 07:08:27 GMT
server: cloudflare
etag: W/"60e00ceb-1d7e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9KlgOth7r0cuJP8NpZTcRix2f7TSPrHLpcpd9KUQzqLKhEA1uEbnDtuDnLxCBZlP0aJQ2qku5dQjxI6r1fCX%2F3wk352xp0ho8bIJzpYI56OaE%2Frgx0caazPlPwP18zSPa0xhJKQ%2B%2Bc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 6e842e492cd06921-FRA
cf-bgj: minify

GET
H2 200 load.js Show response
cdn.purpleads.io/ 24 KB
7 KB 95ms
26ms Script
application/javascript 13.224.89.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Requested by: Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 56386db6fedf5475ff6ac57939cfaac58722f519fdce666cee7494b993c84e81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:06:23 GMT
content-encoding: gzip
last-modified: Mon, 21 Feb 2022 10:12:20 GMT
server: AmazonS3
age: 46235
etag: "46df8e234dd4307137411d6b4887edad"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c07945b00aad28e34fbfebb3d3907060.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 6702
x-amz-cf-id: oy3Wz0-8HY2RrDY5t5gMGuzONsE0uKpj1t9CTzCNerZXIZOqm4CDog==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
966 B 67ms
26ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7077dc489ef7df1bcc1994a1b6649f391aae70107d5a3f5bc58ea481040a3af5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Mon, 07 Mar 2022 14:56:57 GMT

GET
H3 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/js/ 62 KB
13 KB 50ms
27ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/js/bootstrap.min.js

Requested by

Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 599431
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13102
timing-allow-origin: *
last-modified: Tue, 20 Jul 2021 01:00:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60f6203f-332e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSWQ6NCDRmGRu2mvPGA8OWdh9aE2RE3SHRZk85arjuJcyu3VzVM4pmyDYRDCc2SofQdONUODNBORkBUude8v%2F8v1tCRoW9%2FFBDOABGxyNXVgiF1DuuqSuBSsHrp3oVOfHUkeqRrmetS73dWNEHiSTloc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e842e494f799bbc-FRA
expires: Sat, 25 Feb 2023 14:56:57 GMT

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.0/umd/ 18 KB
7 KB 48ms
26ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.0/umd/popper.min.js

Requested by

Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691d4bd7b9b31f9ab1b1837e7d956e0e3041ef63c1ee0edee8ca6208a4234efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3567702
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6107
timing-allow-origin: *
last-modified: Thu, 02 Sep 2021 17:01:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61310375-17db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrBxZIUCdbdTpaHfPauRAKYTKJie7mE7gXdqHWMFAJr3dMR%2BJES2nCA7Ck63ZuO2cEK5c9rVPJHto%2BelFEMSuxc1kaVt07k%2FfBh66jOo%2FX%2FO1ohE6NInnrXrUIMNVynXlIUCjROsor2A3BweVu0xDbND"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e842e494f779bbc-FRA
expires: Sat, 25 Feb 2023 14:56:57 GMT

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 67ms
46ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 488152
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27938
timing-allow-origin: *
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9k506EmkvC%2BT2M5H6Ryd%2Bo47QW8MQH7Y8TCtzkTp%2FP0zR9Tv5RsORpmVDYoeS4SzdYHcAT%2FHiJIUn5w%2BvwSnrHItHrmxHQ4XolgrvNwnmA5eQkW%2Fx0Q0EfspypXIxYy7HW89FhrkugVyp10Ucsgakm5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e842e494f769bbc-FRA
expires: Sat, 25 Feb 2023 14:56:57 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 14 KB
5 KB 109ms
72ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: nets4.com
URL: https://nets4.com/cdn-cgi/apps/head/awkqrI1qzYcE0gTfW6uXyLl_1bA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6e842e495d1a6913-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 57ms
16ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4924
date: Mon, 07 Mar 2022 13:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 07 Mar 2022 15:34:53 GMT

GET
H3 200 s.js Show response
nets4.com/cdn-cgi/zaraz/ 4 KB
2 KB 91ms
90ms Script
text/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nets4.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0cmFja3MlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyRXZpbG1hcmsuY29tJTIwLSUyMCUzRSUyMFRoZSUyMEV2aWwlMjBNYXJrJTIwU2hvdyUyMHdpdGglMjBNYXJrJTIwSGFtbW9uZCUyMiUyQyUyMnclMjIlM0ExNjAwJTJDJTIyaCUyMiUzQTEyMDAlMkMlMjJqJTIyJTNBMTIwMCUyQyUyMmUlMjIlM0ExNjAwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGbmV0czQuY29tJTJGZG9tYWluJTJGZXZpbG1hcmsuY29tJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EwJTdE
Requested by: Host: nets4.com
URL: https://nets4.com/domain/evilmark.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22d7e00449ca81f34b0926fe4573ec056a674d959ad42d7fa0ad680e90f27992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/domain/evilmark.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: https://nets4.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qHKpdZ5Of7n%2Bj3dBocpJAldKZzXoAq2hxdaq8iFkZry%2FetSTK891zF8Ao1k9DveR4ij0PgWjUbCRgbWwDRJFSowzma6I4zqkvANcYD8bQ9l1FSPSYOSqLD%2BuOEBuJu9aShTuMzf4PTY%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 600
access-control-allow-credentials: true
cf-ray: 6e842e492ce16921-FRA
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 75 KB
76 KB 53ms
53ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin: https://nets4.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 600078
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76736
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-12bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LptF7fjmsZFVEwLWmXelXYewJ7GGtENdUmwLFOqEjNCMdQTrdPsQucYPJ2GhnBmOhlXfqXDo%2FV9feViNRg%2FyGYHHlMm9fkCDXINSXwFA0b83KhmFwQqhX1sUYZ0U26Shg36UOYhQepm8GGDyHSSFHyGa"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e842e492a589b74-FRA
expires: Sat, 25 Feb 2023 14:56:57 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 76 KB
77 KB 35ms
35ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin: https://nets4.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 602697
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78268
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-131bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUeXWuAULPudRUqHeTZelvRqzkxLuegNAOaJDHos1Z6k5YfAn5ouDprl9XLQVJJJ6xQ9aZ%2F5KKhL8msZ4YptJANe2x5OlbvomilLFeVoL2FaM43xcr8YC9033Vd9mGpb9Q8LGbs8V4Ui8qlX6DrJ5%2FN7"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e842e492a5a9b74-FRA
expires: Sat, 25 Feb 2023 14:56:57 GMT

GET
H2 200 7ccf33bd-68d0-446c-ad81-bc17f2d0b5e7.png
s0.nets4.com/s/ 64 KB
65 KB 393ms
384ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.nets4.com/s/7ccf33bd-68d0-446c-ad81-bc17f2d0b5e7.png?w=500

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77e352447803c8cf8eb745651a271f97bc628025877a32e003f4ad97c9863b07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:58 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65509
x-served-by: cache-sea4434-SEA
timing-allow-origin: *
server: cloudflare
etag: W/"fe6213e2377a2460f7c6a8140e60d1504faaf3aa6086c68210223814d78cd9b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tkmswd%2BXO02aT%2F6%2FeXi2IsOBITTcpMXPF%2BLpN4KE4CRn9URbTz23H0MXlKx%2BY0FQ%2B9gddkOWUsle9lz34xlX6yGzs8MM2f7BtMMERM%2Bp9sRWkbdyWsmpOn9u0MSdhUZ%2B4sl8m8scwea1PWs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6e842e499a2e90e6-FRA
link: <https://urlscan.io/screenshots/7ccf33bd-68d0-446c-ad81-bc17f2d0b5e7.png>; rel="canonical"
access-control-expose-headers: *

GET
H3 200 evilmark.com
img.nets4.com/favs/ 2 KB
2 KB 1041ms
1037ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/evilmark.com?size=32

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc899b1127007a05c4ca19684d23687f975e3714054db7c3b42ed5ff443dee72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:58 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1847
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Mar 2022 14:56:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOy6H%2BHaQ6XMeKKlxD0Ta9DoPM7uqYrvZMHeNX8zDZ4mwABjmXVupHAvpxgjEhVzspjnr9FKJEbGoYr1X3ib5uuBnchcLqpFJX88oOaFt7YZcrk%2BxSgCScclaVbnBwGURfWMbvZXombg0G4G"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6e842e498d976921-FRA

GET
H3 200 evilmark.com
img.nets4.com/favs/ 712 B
1 KB 1191ms
1187ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/evilmark.com?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cccfed53a9a32840e71b4ddec1a65e7534088c6b423864d80f62f8ed90e26927

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 712
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Mar 2022 14:56:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6kuZxJfyFMaZU78dnzhqCrmzutqsJgg2HW3DbYe1fVENRtCw98IMReQAA56dUm%2BKADOYGEqwrrcN8Dr29k8BYMH1hXT%2FLmM%2BLWfWgarRuIWvP1skBlv1MozNbrN7vErduWnarjUK%2B%2BIuzyv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6e842e498d9a6921-FRA

GET
H3 200 lovequotes.co.in
img.nets4.com/favs/ 510 B
1 KB 523ms
518ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/lovequotes.co.in?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee3a07dfe37911fa2abcb6e402aad8eee580fe07e8e34e258a4d006e6ad1fd7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:58 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 510
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Mar 2022 14:56:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tfgg9q1TceAzK1vJLf2B1vG8EruL9%2BxiqZqo77RstkcABb59I0z3Zsdv8TDWruKOVAAq%2B1LRcB6%2B6b1ix81yH4zGCpn7sgHPY4LZzs8ac3GPGxOMDYPH7cyM%2BxZWcb%2Bc%2BMTSLmNBdAzUt%2B%2Fr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6e842e498da36921-FRA

GET
H3 200 meiker.io
img.nets4.com/favs/ 487 B
1017 B 1221ms
1215ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/meiker.io?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42467bfee0bb1814b830891344a900a0631d60b919b1fc528e5b533207d77910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 487
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Mar 2022 14:56:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BaK9nXEaXbx1XMOTuWw2Ht4wVytqXxagGzMICWExrJxUmYSQCtKJBCOTIGRLikTwGVC%2B4NeAaVAz4VIkfECUxxugtu5DUn85mMDLBTawdve5qdMm5qoG5wzoavP%2Fy3EDCQ4O4CcAWLv77yQo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6e842e498dab6921-FRA

GET
H3 200 picrew.me
img.nets4.com/favs/ 587 B
1 KB 715ms
709ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/picrew.me?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87b416e6a40d49208eb17cd3bcf00c4219b0a7c3bfa6e4447a387391351f0a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:58 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 587
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Mar 2022 14:56:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zff4HMkvs1KouDxlGjbY34Y5I%2BsBrbHOHbUI%2FtFog5PBEozepcuyzq9LkJBeEKYx2xtV9yNo0F2A1NdK7%2BVgBF23iJn%2FTSg69QEe53b3PtNfnTvkkMpoJI7vjoQthtdMQmwjhEvjnJ9Gez2a"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6e842e498daf6921-FRA

GET
H3 200 queanimalada.net
img.nets4.com/favs/ 70 B
606 B 514ms
509ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/queanimalada.net?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:58 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Mar 2022 14:56:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z62yBwTZvVfYgDOg7%2F6flFpVGeJ6UZvCCtzRmEB413b4Lc%2FFaK0cmdOBA2CzPwxWRabG%2BtMRAh%2B4bxmnX5deO%2BGfFTpaI%2B7Px9BUNEon7DLT9rWYKUbLX3IgjTvBMzJMUsBN0M%2B7NpMW0zZa"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6e842e498db16921-FRA

GET
H3 200 comiccartel.io
img.nets4.com/favs/ 70 B
603 B 502ms
497ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/comiccartel.io?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:58 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Mar 2022 14:56:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fn9Oelx2R3hoBbdCBE73EmW0QUGK%2FYAcwVcvTb0T%2Byd4UnvhCsIdegUNDfdK6G%2BT3qjk3NYSUfYkHizXE4NFZGB6rYgfXkWe%2BpkNbrmeJ%2FyxJNIdESGIKuyXWXjENiE8Gf4XbtonjrH6PEct"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6e842e498db26921-FRA

GET
H3 200 lightbulbjokes.org
img.nets4.com/favs/ 590 B
1 KB 1202ms
1196ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/lightbulbjokes.org?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29b14f7dbefc49b7847a1074e7c68058a7ec0132c3a5fe1bbf23ad4cc226ef32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 590
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Mar 2022 14:56:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuXqhP%2FKllJ1qTj%2BTN0VgPFoDQhyxtVmSlrleEDgM71Ch9imBJWg4fnkDoPcO9OWndb%2Fb52NYaHihSh%2FT%2FX09ZdiEi5w0hCHoGfH7AT5C6LYCthL0wA1bdK1eIbZadYUVzTjZE6%2Bx%2Be0iyU0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6e842e498db36921-FRA

GET
H2 200 backlinks-discovery-chart
s0.nets4.com/charts/ 29 KB
31 KB 870ms
864ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.nets4.com/charts/backlinks-discovery-chart?d=evilmark.com&w=400&h=200&entries=12&ctype=2

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be09338dcf9b1478c046dec062b9660a76b8a340e01d849d99db8facf0256655

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://docs.google.com https://*.googleusercontent.com;
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://docs.google.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:58 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' analytics.majesticseo.com analytics.majestic.com info.majestic.com https://www.googletagmanager.com www.google-analytics.com https://www.googleadservices.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://platform.twitter.com/;style-src 'self' 'unsafe-inline';img-src 'self' data: https:;font-src 'none';object-src 'none';media-src 'none';frame-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;child-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;frame-ancestors https://docs.google.com https://*.googleusercontent.com;report-uri /csp/report
content-disposition: filename=BacklinkHistoryChart.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30160
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: ALLOW-FROM https://docs.google.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Language, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LO7sfcB2K0vENB%2F0Lzc0eqHm9H0tVKCqE40IC%2FNzGkLlVT3fytGJ3C5M65n7RgMcAnkRqBBR7ilkaLjCiaKxZhwu6DK2pAzaD8KZ9S7KUdbp8ByjG%2F0SRr%2FNEJOxHK5%2Fi%2BVAp9kP28ECuaU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
content-security-policy: frame-ancestors https://docs.google.com https://*.googleusercontent.com;
accept-ranges: bytes
cf-ray: 6e842e499a3190e6-FRA
expires: Mon, 14 Mar 2022 14:56:58 GMT

GET
H2 200 referring-domains-discovery
s0.nets4.com/charts/ 31 KB
31 KB 1191ms
1185ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.nets4.com/charts/referring-domains-discovery?d=evilmark.com&w=400&h=200&entries=12&ctype=2

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc52360afda7acb06fe4bdc27c58ee231ce1629a2a97d1c4e176bc45ea9f0cf9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://docs.google.com https://*.googleusercontent.com;
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://docs.google.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' analytics.majesticseo.com analytics.majestic.com info.majestic.com https://www.googletagmanager.com www.google-analytics.com https://www.googleadservices.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://platform.twitter.com/;style-src 'self' 'unsafe-inline';img-src 'self' data: https:;font-src 'none';object-src 'none';media-src 'none';frame-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;child-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;frame-ancestors https://docs.google.com https://*.googleusercontent.com;report-uri /csp/report
content-disposition: filename=BacklinkHistoryChart.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31583
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: ALLOW-FROM https://docs.google.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Language, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6gNUcQzeKcFiAqvidLVWAMTiD4C6m4cs%2FGchKNxxh0VTzY43Izc0OtIjARvk9mJ06pNdbOx5APPp4hMkV27exxOC5vwTRka%2B4PgDziz9ELMtsqpgu5zIl9s5XwArl5%2FnaLz%2BzZv5ccfsDgw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
content-security-policy: frame-ancestors https://docs.google.com https://*.googleusercontent.com;
accept-ranges: bytes
cf-ray: 6e842e499a3290e6-FRA
expires: Mon, 14 Mar 2022 14:56:58 GMT

GET
H3 200 gogo-play.net
img.nets4.com/favs/ 556 B
1 KB 56ms
52ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/gogo-play.net?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46866e17d18a48c9fe8a6aeb0a8838d528cd3ba4761975d566a7fc9f845c2749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1362
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 556
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Mar 2022 14:34:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMkCNKQ2BpuSDB%2Fqc5TkoHMg6z8uR%2FarcAIoTSL9%2FkED2rbrY5n5L2xmxdBgEQr21hY6LdLmei0Yk4S6hBAuTuBMD%2F5mWVqGI5CoBecDff0qPpBQtOurUjCwLlHm9l%2FPAqeZqR8OC2iqDy6I"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6e842e498db46921-FRA

GET
H3 200 history.google.com
img.nets4.com/favs/ 549 B
1 KB 62ms
58ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/history.google.com?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29711943aeb09e861d06c8409318655ed6d2d7db0fcbfc1c12359bff07447018

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17331
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 549
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Mar 2022 10:08:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8r%2BR4dLT4pziLuMtMgHENSy8S3Rv2kJMbxroqesH3AAwW3BlE0BknzrrYuaDuHME1GqHljOqZbH0%2FKY0qKVwzW5E%2BIChJg9RSluwZWFYryiovzYTUqVBvdb6Dfc441LN1TrllIGSnNp7Nzo0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6e842e498db66921-FRA

GET
H3 200 fillerbotox.it
img.nets4.com/favs/ 70 B
605 B 53ms
49ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/fillerbotox.it?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20899
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Mar 2022 09:08:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTNnX%2FMGf8yqchy7fuWk6xj8ksYbW5SlHTMma3wwTX6wDNqc0oIUm9WsaUqvBh7JaF5j61qrvHX3rc2ShySF9PcTfHuwVbCzP%2Bt1U9vnj18jSp0XdbraW2kfmHEiD%2BEaWClANBFXO4womq%2FF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6e842e498db86921-FRA

GET
H3 200 9anime.to
img.nets4.com/favs/ 242 B
782 B 57ms
54ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/9anime.to?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50fb88e3a2d413c5c0a0294b71e0da34829b2ec9444ba55af7e1d6935a4029a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 177805
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 242
x-xss-protection: 1; mode=block
last-modified: Sat, 05 Mar 2022 13:33:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGM1sWrCPwj%2B5%2FpjFxynfZhP5RXOXVJVOi91VVQ9eRWFTvnhB6UBN6U4WegrXDOA67IM0THTJ14y9xO7K9tunDM%2BCHOeU1urTFY8BKLVjmPXoTMN8M%2BI%2BXsyKELdVnTgoNDEGcim7OdDvewC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6e842e498dba6921-FRA

GET
H3 200 apkdl.in
img.nets4.com/favs/ 480 B
1018 B 53ms
50ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/apkdl.in?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c593b5ebf818cc3c3288acbead773b67b1c380baaee940902be46ed8d43cab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 268980
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 480
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Mar 2022 12:13:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=feb2yBneUBVewVR%2F7xD4eOfUaMkKlnleqC7RQDtZIXIwQopWgXny621Cj%2FpOk0bPgG%2FQfBazlaApobHYrl5Tp95HOE1mvwGj06UFCR2OxUsQpgAdMgbBFqliJm1fcQULkyfupax%2BUpCGyOB%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6e842e498dbc6921-FRA

GET
H3 200 5play.ru
img.nets4.com/favs/ 484 B
1020 B 54ms
50ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/5play.ru?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9564c9314dc78a6a95eba744d873801bf7a7005cc81cb4af95d11ef565ef4210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 267613
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 484
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Mar 2022 12:36:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1vSnXLB8VKkBAOh5uCtU0oitxTTCzb3lpcNxYWiBTU8cloHXzCAES57Py88NcIO3cOrYGFgufSZQWNxz7MhybR6AY4IwJZfUUzWGqdzOcF%2BSlWwSh%2Bx7L65CSywGB70TDp8684HEjX8UpHi"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6e842e498dbf6921-FRA

GET
H3 200 pelisplushd.net
img.nets4.com/favs/ 369 B
905 B 57ms
54ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/pelisplushd.net?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de0ade3cbafe1f027190e4612e4ad975dd76178f7e7d3ba19b39d128d9fc3547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 40830
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 369
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Mar 2022 03:36:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5W%2B6Nlh7e36kTcejMTZb8WcHogrMpvtkk5P2M41LDlstMTp1si4V2ZheNr4g%2B2L6X6%2FY5m5s3cG5%2BNqBFz6bL0%2BERfHsSeTgi3snYAg3FLJPA3HLjDuF7ER53I03Ee2bGZsu%2FSoLzfqvstw5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6e842e498dc06921-FRA

GET
H3 200 moma.org
img.nets4.com/favs/ 280 B
813 B 77ms
75ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/moma.org?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

316bc6817312b27beb652dfec4faa6fdaa20979e89161cc9cc55100cd70ef5aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44970
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 280
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Mar 2022 02:27:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GU7zFukc3BI67uiUUEiVNSZFYXac5Xm5Y7nW8D4%2BK4QwFmNXrIUNRjs18T2rMoQnMkXGey6dh4ryo%2BOuaqEW1izYGRXNsvKiMr52trJBo4m6bXkSfnQSa3xBroyFE1bgq00C%2BA9b7l7vqtgG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6e842e498dc36921-FRA

GET
H3 200 fbox.to
img.nets4.com/favs/ 70 B
614 B 58ms
55ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/fbox.to?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 131679
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70
x-xss-protection: 1; mode=block
last-modified: Sun, 06 Mar 2022 02:22:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NgQvm8XsBqgCcv%2FxQB2n3MC9m%2F5nX4KWyJArxZkZQRH5Dg4YHYMjnryOLYwrYWF%2BzTljzz%2F%2Bjj2IXWOoD3BzkuYOOCvxqpjmBBywD1kLkN72ULSZA56%2BW60h4epA0HM%2F9YbBVRkX1iWnGCC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6e842e498dc46921-FRA

GET
H3 200 9anime.me
img.nets4.com/favs/ 242 B
779 B 56ms
54ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nets4.com/favs/9anime.me?size=16

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50fb88e3a2d413c5c0a0294b71e0da34829b2ec9444ba55af7e1d6935a4029a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 88654
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 242
x-xss-protection: 1; mode=block
last-modified: Sun, 06 Mar 2022 14:19:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePl%2B1JfymLEvlbQx5sR2yvxxRHXeG4b%2FCTGV%2F7HiGQg0jI%2B2%2BTr4k1VYCtInNso89reRcXPjBjgdOs4SBhmoW3v4ofFwxWGQy5RzBUn95R4I6SZlubzUPhrKCN3sm3ewMlbZq8EBGVswhdMc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6e842e498dc66921-FRA

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 46ms
23ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1279923477&t=pageview&_s=1&dl=https%3A%2F%2Fnets4.com%2Fdomain%2Fevilmark.com&ul=en-us&de=UTF-8&dt=Evilmark.com%20-%20%3E%20The%20Evil%20Mark%20Show%20with%20Mark%20Hammond&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=307455469&gjid=1147986996&cid=1852444038.1646665018&tid=UA-123511935-10&_gid=685662484.1646665018&_r=1&_slc=1&z=428107582

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nets4.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:56:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nets4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 550j6zn5gn Show response
www.clarity.ms/tag/ 683 B
1 KB 223ms
146ms Script
application/x-javascript 2620:1ec:27::cafe:1389
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/550j6zn5gn
Requested by: Host: nets4.com
URL: https://nets4.com/domain/evilmark.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1389 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 3218fb69661597f0afc39c1475df7eb566f13c2f8538389cafd479a7c9371858

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
x-powered-by: ASP.NET
x-azure-ref: 0OR0mYgAAAAB4EobKJhGCRrP0IG1Qsk2yU1RPRURHRTA4MTgANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
content-length: 683
expires: -1

GET
H2 200 clarity.js Show response
k.clarity.ms/s/0.6.31/ 52 KB
23 KB 322ms
106ms Script
application/javascript 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/s/0.6.31/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/550j6zn5gn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:57 GMT
content-encoding: br
etag: "1d8314fb074d200"
last-modified: Sun, 06 Mar 2022 11:45:34 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

OPTIONS
H2 200 /
api.purpleads.io/x/ Frame 0
0 360ms
145ms Preflight 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/?ts=1646665018590
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 14:56:58 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 3ed11388-9dc3-4826-b955-898241055ee5

GET
H2 200 / Show response
api.purpleads.io/x/ 5 KB
2 KB 747ms
540ms Fetch
application/json 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/?ts=1646665018590
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash: 55994d5963c8ea46427e8bcc1a61f7f85d8b9d7f4d4a1a8d4eead4e3433b56aa

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2V2aWxtYXJrLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 0.4.13

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
etag: W/"12a2-1AgW/u0w68tIqG5ljhDKfBSFW2Q"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
x-request-id: bb694769-de0f-4428-a64e-83c588930f07

GET
H2 200 agent.js Show response
cdn.purpleads.io/ 34 KB
10 KB 24ms
24ms Script
application/javascript 13.224.89.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Requested by: Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-8.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38bf08369b9d72ce4d22d5b555e9e5ee2e7a5fab8980ba2787f47d89d55e2c99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:35:08 GMT
content-encoding: gzip
last-modified: Mon, 21 Feb 2022 08:37:50 GMT
server: AmazonS3
age: 44527
etag: "0c008aa8cd8d5ae47e2eb77cc10e9a3c"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c07945b00aad28e34fbfebb3d3907060.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 10377
x-amz-cf-id: 9dYoqO0hfnFj-JRRh8Rb7QIejklJEvHpVK4LQ12xuVZpjuUQB_940w==

GET
H2 200 sm.22.html Show response
static.addtoany.com/menu/ Frame 01AA 278 B
650 B 82ms
43ms Document
text/html 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.22.html

Requested by

Host: nets4.com
URL: https://nets4.com/assets/js/sharebutton.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fef239ebd936e96f316dee1aca599952e7adaaba26fab72b45328871855ac4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

date: Mon, 07 Mar 2022 14:56:58 GMT
content-type: text/html; charset=utf-8
via: e3s
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
last-modified: Tue, 28 Sep 2021 21:02:23 GMT
etag: W/"116-5cd1487afaaea"
cache-control: max-age=315360000, immutable
vary: Accept-Encoding
cf-cache-status: HIT
age: 914016
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6e842e4e9804695d-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

OPTIONS
H2 200 init
api.purpleads.io/x/ Frame 0
0 339ms
159ms Preflight 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/init?ts=1646665018624
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 14:56:58 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 6e4699b5-76c6-4238-ab07-20e8c0445d20

GET
H2 200 init Show response
api.purpleads.io/x/ 68 B
357 B 373ms
180ms Fetch
application/json 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/init?ts=1646665018624
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash: 587259314084a04755f0dfb2d0f0e9f07bdf03a575352e366e308d2e19cfc70a

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2V2aWxtYXJrLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 2.0.26

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
etag: W/"44-Pm5SJt3t2KI5gMvsRd3GV+dxT2U"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
content-length: 68
x-request-id: fef5e0a1-1522-4e07-bf82-4c713ddc5a5d

GET
H3 200 marker-icon.png
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/ 1 KB
2 KB 26ms
26ms Image
image/png 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/marker-icon.png

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

574c3a5cca85f4114085b6841596d62f00d7c892c7b03f28cbfa301deb1dc437

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 609877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1470
timing-allow-origin: *
last-modified: Thu, 03 Sep 2020 12:27:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f50e115-5ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2BvHwLbae6mte8JgGNhk7gpjWERJyLXBPzMyu9UjprEIeMaUhnXB0R3ARH3ngi5nwR5sj%2FmbXAcXTnRkRINlEzrmJIalhsJejZcpgd9pozG662M4qdMXzL2qJZoHGfe5HVoXYbs2MaLAr88JFYaB97Vu"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e842e4e8b8a9bbc-FRA
expires: Sat, 25 Feb 2023 14:56:58 GMT

GET
H2 200 2.png
c.tile.openstreetmap.org/3/0/ 5 KB
5 KB 59ms
16ms Image
image/png 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.tile.openstreetmap.org/3/0/2.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

dea6d9b977b06e1be6dbf3fc5118a1d8bfca410f14b6c4ad64ec07c057d4783c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "a97b0ae3a1c931b59d9503c0fb773d21"
age: 45260
x-cache: HIT
x-cache-hits: 371
content-length: 4699
x-served-by: cache-hhn4028-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1646665019.710902,VS0,VE0
date: Mon, 07 Mar 2022 14:56:58 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: nidhogg.openstreetmap.org
cache-control: max-age=19496, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Mon, 28 Feb 2022 03:29:28 GMT

GET
H2 200 2.png
a.tile.openstreetmap.org/3/1/ 8 KB
8 KB 64ms
21ms Image
image/png 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.tile.openstreetmap.org/3/1/2.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

3b322c9030883acdb559f857024b4ef3ab7574712b635b6e3db135749e32e1fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "cb5643e63f3bc4f3e5c38d2017293c13"
age: 7636
x-cache: HIT
x-cache-hits: 81
content-length: 8528
x-served-by: cache-hhn4049-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1646665019.715010,VS0,VE0
date: Mon, 07 Mar 2022 14:56:58 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: odin.openstreetmap.org
cache-control: max-age=45476, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Tue, 01 Mar 2022 16:00:16 GMT

GET
H2 200 3.png
a.tile.openstreetmap.org/3/0/ 249 B
421 B 63ms
21ms Image
image/png 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.tile.openstreetmap.org/3/0/3.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

6ad584690f7fa3e788ea1df9a6a567211be5d9d627908e9339e84e99efe70126

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "07a14efdf923d78dad7320032b8d412c"
age: 16685
x-cache: HIT
x-cache-hits: 84
content-length: 249
x-served-by: cache-hhn4049-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1646665019.715073,VS0,VE0
date: Mon, 07 Mar 2022 14:56:58 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: odin.openstreetmap.org
cache-control: max-age=396871, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Sat, 26 Feb 2022 05:12:14 GMT

GET
H2 200 3.png
b.tile.openstreetmap.org/3/1/ 4 KB
4 KB 60ms
17ms Image
image/png 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.tile.openstreetmap.org/3/1/3.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

516fadf20aefdc9565d38ff12fd35aa4262d20408dace2f5849cd191119496c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "bc52a0f704ebee39a8cb5a58715363ce"
age: 64864
x-cache: HIT
x-cache-hits: 576
content-length: 3910
x-served-by: cache-hhn4065-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1646665019.711261,VS0,VE0
date: Mon, 07 Mar 2022 14:56:58 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: nidhogg.openstreetmap.org
cache-control: max-age=37186, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Tue, 01 Mar 2022 11:19:07 GMT

GET
H2 200 2.png
a.tile.openstreetmap.org/3/7/ 4 KB
5 KB 62ms
21ms Image
image/png 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.tile.openstreetmap.org/3/7/2.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

d61dfceadcc69e4a50173bb6b17554d10cd33011e0c33ead0499ab3bd28a3bdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "db0a1352471555cd1486a95bb1e02a86"
age: 41980
x-cache: HIT
x-cache-hits: 332
content-length: 4524
x-served-by: cache-hhn4049-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1646665019.715154,VS0,VE0
date: Mon, 07 Mar 2022 14:56:58 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: odin.openstreetmap.org
cache-control: max-age=8404, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Sun, 27 Feb 2022 08:54:00 GMT

GET
H2 200 2.png
b.tile.openstreetmap.org/3/2/ 11 KB
11 KB 60ms
18ms Image
image/png 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.tile.openstreetmap.org/3/2/2.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

3c865f9ba19b80bbab61230ac6f099d6c605af2b21615415338a9bfa471c863a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "c7b1ee252c1accd2fea964a71de354de"
age: 81314
x-cache: HIT
x-cache-hits: 852
content-length: 11092
x-served-by: cache-hhn4065-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1646665019.711370,VS0,VE0
date: Mon, 07 Mar 2022 14:56:58 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: nidhogg.openstreetmap.org
cache-control: max-age=97872, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Sat, 05 Mar 2022 09:18:02 GMT

GET
H2 200 3.png
b.tile.openstreetmap.org/3/7/ 581 B
772 B 60ms
18ms Image
image/png 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.tile.openstreetmap.org/3/7/3.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

67e7067770aa3a8ba335500e060aea040464cd4075a652e7f5e3ca33e5771878

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "92d42645368395a804e37292f6e9aee7"
age: 68047
x-cache: HIT
x-cache-hits: 259
content-length: 581
x-served-by: cache-hhn4065-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1646665019.711441,VS0,VE0
date: Mon, 07 Mar 2022 14:56:58 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: odin.openstreetmap.org
cache-control: max-age=437222, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Tue, 01 Mar 2022 00:46:25 GMT

GET
H2 200 3.png
c.tile.openstreetmap.org/3/2/ 5 KB
6 KB 58ms
17ms Image
image/png 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.tile.openstreetmap.org/3/2/3.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

c6cd28b8f48cd9c890723dbd16c6847083e7c322af81fc3da91b9730ac576658

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
etag: "7c25652ac6639939d717ee7de6a8d342"
age: 27059
x-cache: HIT
x-cache-hits: 455
content-length: 5621
x-served-by: cache-hhn4028-HHN
server: Apache/2.4.41 (Ubuntu)
x-timer: S1646665019.710963,VS0,VE0
date: Mon, 07 Mar 2022 14:56:58 GMT
expect-ct: max-age=0
content-type: image/png
access-control-allow-origin: *
x-tilerender: nidhogg.openstreetmap.org
cache-control: max-age=42212, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Tue, 01 Mar 2022 13:29:14 GMT

GET
H3 200 marker-shadow.png
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/ 618 B
1 KB 29ms
29ms Image
image/png 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/marker-shadow.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

264f5c640339f042dd729062cfc04c17f8ea0f29882b538e3848ed8f10edb4da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 610066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 622
timing-allow-origin: *
last-modified: Thu, 03 Sep 2020 12:27:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f50e115-26a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BEQ4vi6neCSqi%2BFh7ZbYWmsU8BcSNFOlZTdrEW4CgQ969jaecAljXIQUGF8gmVyzGAXIpVgsf7LsIDf5XYS3WAxBqRdLmSAz2G16vh7oMjORQpCLpmM9mGTzxk6s3wTh8TRSXpT0O4nZqZte83T3o0a8"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e842e4ebc109bbc-FRA
expires: Sat, 25 Feb 2023 14:56:58 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=DFF8F0AAA6FB44F1A3631EF2BC03D3F4&RedC=c.clarity.ms&MXFR=2F9BD4B7FE0B69FB0864C5D7FA0B6790
https://c.clarity.ms/c.gif?CtsSyncId=DFF8F0AAA6FB44F1A3631EF2BC03D3F4&MUID=23289BA076E1640D19468AC0778A65D9

42 B
368 B

34ms
34ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=DFF8F0AAA6FB44F1A3631EF2BC03D3F4&MUID=23289BA076E1640D19468AC0778A65D9
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:56:58 GMT
last-modified: Mon, 28 Feb 2022 22:29:30 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "7c5ed6a6f22cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:56:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BF3F8440BC3448748ABE1AAF471A2AE2 Ref B: FRAEDGE1411 Ref C: 2022-03-07T14:56:58Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=DFF8F0AAA6FB44F1A3631EF2BC03D3F4&MUID=23289BA076E1640D19468AC0778A65D9
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 icons.29.svg.js Show response
static.addtoany.com/menu/svg/ 78 KB
33 KB 29ms
29ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.29.svg.js

Requested by

Host: nets4.com
URL: https://nets4.com/assets/js/sharebutton.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:58 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 915007
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 31 Dec 2018 23:29:11 GMT
server: cloudflare
etag: W/"13937-57e59c7b88bd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 6e842e4eb853695d-FRA
cf-bgj: minify

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ 360 KB
142 KB 60ms
16ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84d00511d9ac2d60f4b43ad8dd4c237a8093c7a45f1e8da88f5c233866d408f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nets4.com/
Origin: https://nets4.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145103
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 23:43:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 14:19:05 GMT

GET
H3 200 pica.js
nets4.com/cdn-cgi/challenge-platform/h/g/scripts/ 22 KB
8 KB 30ms
30ms Other
text/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nets4.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a75ad44591831a0d5d5bf3a9882e8287bf50447913230d93d96f3b064ddef6df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/domain/evilmark.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:58 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fP6oU26KJcVpBKVOj2iKaCIYjlJyQd5sA63iWYUS9oZdxF41HZbBXVjsYi8%2F7CotFUMtURuSk%2B%2FCexIAspLSZP6bwxMNxRADDCchSqEpcxbU4hSrbMQvE8RcVhYyhAdPyf%2F%2B03Ej7Qc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6e842e4ebf066921-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 collect Show response
k.clarity.ms/ 0
88 B 214ms
214ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: k.clarity.ms
URL: https://k.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://nets4.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://nets4.com
date: Mon, 07 Mar 2022 14:56:58 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

OPTIONS
H2 200 rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0 67ms
20ms Preflight
text/plain 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 14:56:58 GMT
content-type: text/plain
access-control-allow-origin: https://nets4.com
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 6e842e4f1a599006-FRA
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip

POST
H2 200 rum Show response
cloudflareinsights.com/cdn-cgi/ 0
77 B 33ms
33ms XHR
text/plain 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://nets4.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/json

Response headers

date: Mon, 07 Mar 2022 14:56:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://nets4.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6e842e4f3a979006-FRA
vary: Origin

OPTIONS
H2 200 /
api.purpleads.io/x/b/ Frame 0
0 172ms
172ms Preflight 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/b/?idx=0&pid=3bc8e66a58954a99842d4b0b1997a06e&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=6c192ad8-c739-45bd-9735-d16621972932&ts=1646665018841
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 14:56:58 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 08a40935-9850-465c-9820-14627942d8c5

OPTIONS
H2 200 /
api.purpleads.io/x/b/ Frame 0
0 156ms
155ms Preflight 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/b/?idx=1&pid=3bc8e66a58954a99842d4b0b1997a06e&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=c3aa0681-b3bb-41ea-bbb8-06687b896ec2&ts=1646665018841
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 14:56:58 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: e969ed6d-6fec-4faa-8d9a-d600f9d983b8

OPTIONS
H2 200 /
api.purpleads.io/x/b/ Frame 0
0 228ms
228ms Preflight 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/b/?idx=2&pid=3bc8e66a58954a99842d4b0b1997a06e&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=0dddbc14-041e-44e1-b5ee-53014309b893&ts=1646665018842
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: c77baf8f-a2fc-4492-9d8b-81945916c412

OPTIONS
H2 200 /
api.purpleads.io/x/b/ Frame 0
0 137ms
137ms Preflight 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/b/?idx=3&pid=3bc8e66a58954a99842d4b0b1997a06e&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=1c10b731-e85c-4783-ac9d-8e39bb6c05a4&ts=1646665018842
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 14:56:58 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 8a86cc6f-9915-424b-bb49-37e1cda2eef6

OPTIONS
H2 200 /
api.purpleads.io/x/b/ Frame 0
0 109ms
109ms Preflight 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/b/?idx=4&pid=3bc8e66a58954a99842d4b0b1997a06e&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=153c9716-7e2b-4b8e-a238-26aa670c337e&ts=1646665018842
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 14:56:58 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 79e342a0-4494-47fc-8c8c-480d7c07840c

GET
H2 200 / Show response
api.purpleads.io/x/b/ 9 KB
2 KB 319ms
176ms Fetch
application/json 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/b/?idx=0&pid=3bc8e66a58954a99842d4b0b1997a06e&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=6c192ad8-c739-45bd-9735-d16621972932&ts=1646665018841
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash: b9b6d4d89b6b08519ee453948c1ce3088a310d085d391d40b38c0c51a21f3686

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2V2aWxtYXJrLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 2.0.26

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
etag: W/"235b-0GyVdiY3S/lnahUENOVyLdmiBzo"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
x-request-id: 7b17f979-7dad-42a1-89e1-cf4aaea2b929

GET
H2 200 / Show response
api.purpleads.io/x/b/ 9 KB
2 KB 388ms
228ms Fetch
application/json 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/b/?idx=1&pid=3bc8e66a58954a99842d4b0b1997a06e&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=c3aa0681-b3bb-41ea-bbb8-06687b896ec2&ts=1646665018841
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash: cd9d70247fb0bfee91cf0a1220a55bb295476ed3ff5dc2a8e86012e7562c6450

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2V2aWxtYXJrLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 2.0.26

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
etag: W/"240b-zE/vxk3Q3Ela4Lc+2DGXjq6UeYI"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
x-request-id: 4bd0238b-69e4-407f-9e2e-312eed4f0ac3

GET
H2 200 / Show response
api.purpleads.io/x/b/ 9 KB
2 KB 816ms
730ms Fetch
application/json 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/b/?idx=2&pid=3bc8e66a58954a99842d4b0b1997a06e&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=0dddbc14-041e-44e1-b5ee-53014309b893&ts=1646665018842
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash: 5d83107229c1cbfe3de997fd2124035816294178c1eaec7829ab43ccdea1a155

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2V2aWxtYXJrLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 2.0.26

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
etag: W/"240b-cU3B+UhHcfe2mqqVTUvOdmE1V9w"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
x-request-id: 4a796329-0b8f-4e1e-b46c-5743385c171e

GET
H2 200 / Show response
api.purpleads.io/x/b/ 9 KB
2 KB 734ms
557ms Fetch
application/json 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/b/?idx=3&pid=3bc8e66a58954a99842d4b0b1997a06e&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=1c10b731-e85c-4783-ac9d-8e39bb6c05a4&ts=1646665018842
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash: af7c2d74ae3ac06198964b09d9ba00e9141f33aacd60330f210be60d7b6f0d53

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2V2aWxtYXJrLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 2.0.26

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
etag: W/"240b-OukODW/ocdqvmLLMXL5evd3W+ro"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
x-request-id: bb120fe0-df23-4d23-ba26-f36143c85f75

GET
H2 200 / Show response
api.purpleads.io/x/b/ 9 KB
2 KB 795ms
589ms Fetch
application/json 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/b/?idx=4&pid=3bc8e66a58954a99842d4b0b1997a06e&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=153c9716-7e2b-4b8e-a238-26aa670c337e&ts=1646665018842
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash: 9523e5f49ab9936cea024964bbb733d92926cc476240bc3a7260cf1d5f6051e9

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2V2aWxtYXJrLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 2.0.26

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
etag: W/"23fa-rOlamUrbIjD2CZsicKk2EuBmiqw"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
x-request-id: 3c6d8159-4d81-412f-b230-df0f3d1c1999

POST
H3 200 6e842e437d7890e6 Show response
nets4.com/cdn-cgi/challenge-platform/h/g/cv/result/ 2 B
681 B 44ms
43ms XHR
text/plain 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nets4.com/cdn-cgi/challenge-platform/h/g/cv/result/6e842e437d7890e6
Requested by: Host: nets4.com
URL: https://nets4.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://nets4.com/domain/evilmark.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e842e517be66921-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNUmm%2BPzz8mtjLNgPvHhAkxway6CHtjGQgVQ9svRCeBcyU%2B1uj%2BLPdHsQw3y4AB0HihyBw7e2k5eXXfp4KbupdJnVZlKd8BwKbK71nrTAlzLQGs3PUrSMp1XMtWd7pMk1qn7muoQ2YQ%3D"}],"group":"cf-nel","max_age":604800}

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 1FA6 42 KB
22 KB 66ms
39ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=normal&cb=ld6ftpxr4qqa

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c59f0654e76d8b317f589b6b7961f882426eb2f3bb8e218d9c300263595b4f9a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A6gTLoObHgJFaolihgoUlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 07 Mar 2022 14:56:59 GMT
content-security-policy: script-src 'report-sample' 'nonce-A6gTLoObHgJFaolihgoUlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22648
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ Frame 1FA6 51 KB
24 KB 42ms
17ms Stylesheet
text/css 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=normal&cb=ld6ftpxr4qqa

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 11:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 23:43:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 11:29:43 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ Frame 1FA6 360 KB
142 KB 50ms
25ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84d00511d9ac2d60f4b43ad8dd4c237a8093c7a45f1e8da88f5c233866d408f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145103
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 23:43:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 14:19:05 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame BF0F 82 KB
28 KB 73ms
34ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

64ff64fa503bc9d8e4e3f3fbf1bee9a37f2548f130beada5e749be4b33a9645d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
server: sffe
etag: "1152 / 200 of 1000 / last-modified: 1646414445"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 07 Mar 2022 14:56:59 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 1FA6 102 B
134 B 26ms
26ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6e3d3c32ac7d28713d5d03e6317bc7135fd141a853dccbc4afb0dc4ca1649841

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=normal&cb=ld6ftpxr4qqa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 07 Mar 2022 14:56:59 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 33CA 7 KB
1 KB 57ms
57ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b25ed8bc8dbe5c5d9dcc7b837aacfa4ddbeda185835ce670cc36b101623f18a8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KPXrPJGECHh6kvnuGp8hvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 07 Mar 2022 14:56:59 GMT
content-security-policy: script-src 'report-sample' 'nonce-KPXrPJGECHh6kvnuGp8hvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 4697 82 KB
27 KB 57ms
33ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

1a1ceef0848eb5ea2c816e56c35b6be9fcee9295c976ac5b0da03d4552d9ac4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
server: sffe
etag: "1152 / 847 of 1000 / last-modified: 1646414401"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 07 Mar 2022 14:56:59 GMT

GET
H3 200 pubads_impl_2022030201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame BF0F 364 KB
122 KB 25ms
17ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065513

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

499d742344f4b69df1c45273acccf5c6941269f48276e4d52cdabdfbb77a7904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2122
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124504
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 09:35:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Mar 2023 14:21:37 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ Frame 33CA 51 KB
24 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 11:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 23:43:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 11:29:43 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ Frame 33CA 360 KB
142 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84d00511d9ac2d60f4b43ad8dd4c237a8093c7a45f1e8da88f5c233866d408f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145103
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 23:43:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 14:19:05 GMT

GET
H3 200 pubads_impl_2022030101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4697 365 KB
122 KB 17ms
17ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

0bc44ea79e71bea23b78759ad6113a2106a0708b2db4988b73f47f3aa10f78fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:42:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 894
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124868
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 09:35:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Mar 2023 14:42:05 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame BF0F 107 B
792 B 69ms
26ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nets4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame BF0F 107 B
549 B 66ms
25ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nets4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BF0F 52 KB
12 KB 346ms
345ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2410310622912297&correlator=99056290202850&eid=31065436%2C31065513%2C31063247&output=ldjh&gdfp_req=1&vrg=2022030201&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220307&iu_parts=21902364955%3A22652385948%2Ccm_pu_nets4.com_technology_and_computing_top%2Ccm_pu_nets4.com_technology_and_computing_btf_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&eri=4&cookie_enabled=1&abxe=1&dt=1646665019599&dlt=1646665019355&idt=218&ea=0&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=294&adys=507&ucis=n4h887hw37ye&adks=471609500&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fevilmark.com&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=1852444038.1646665018&ga_sid=1646665020&ga_hid=1846473598&ga_fc=true&fws=256&ohw=0&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065513

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

58f209abba42520f14ff6ad69b787e34ebad0d959058a32093564b17d4a6e842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12254
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nets4.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BF0F 14 KB
11 KB 75ms
35ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f4502507de122f29ce7f45bc6b468e99f205a738e47bb2767fd73989b3eaa3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10653
x-xss-protection: 0

GET
H2 200 container.html Show response
69d990d1c25b46320b5ce3d8629e4413.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8DFE 6 KB
4 KB 93ms
25ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://69d990d1c25b46320b5ce3d8629e4413.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 07 Mar 2022 14:56:59 GMT
expires: Tue, 07 Mar 2023 14:56:59 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4697 107 B
165 B 27ms
26ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nets4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4697 107 B
165 B 26ms
26ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nets4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4697 23 KB
10 KB 250ms
250ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2968988290597184&correlator=484345065596611&eid=31065501%2C31065504%2C31063246&output=ldjh&gdfp_req=1&vrg=2022030101&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220307&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&eri=4&cookie_enabled=1&abxe=1&dt=1646665019659&dlt=1646665019475&idt=165&ea=0&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=294&adys=1374&ucis=2jd4kf9u3ww&adks=4203880072&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fevilmark.com&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=1852444038.1646665018&ga_sid=1646665020&ga_hid=711424924&ga_fc=true&fws=256&ohw=0&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

c7ec0db4dba7fe536c6354499a1bc7294766d2792ede217378a2c0c81c3edd5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10203
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nets4.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4697 14 KB
10 KB 38ms
38ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ed9b72c565894fb730643a70b3cb95bea13403a32380634d302bf59d648b197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10610
x-xss-protection: 0

GET
H2 200 container.html Show response
ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BAB0 6 KB
3 KB 53ms
24ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 07 Mar 2022 14:56:59 GMT
expires: Tue, 07 Mar 2023 14:56:59 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 collect Show response
k.clarity.ms/ 0
48 B 221ms
221ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: k.clarity.ms
URL: https://k.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://nets4.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://nets4.com
date: Mon, 07 Mar 2022 14:56:59 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BF0F 17 KB
7 KB 75ms
33ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 14:56:59 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4697 17 KB
6 KB 58ms
43ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 14:56:59 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame B169 82 KB
27 KB 28ms
28ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

78271e5eab32b96dd3dc099fd7648c4cd621658b2bd654b0e65fecc4b2547d1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
server: sffe
etag: "1152 / 649 of 1000 / last-modified: 1646414445"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 07 Mar 2022 14:56:59 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 37E9 13 KB
5 KB 42ms
16ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Mar 2022 14:40:04 GMT
expires: Tue, 07 Mar 2023 14:40:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 1015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 24A3 783 B
534 B 27ms
26ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3e317c84b8007c86322deed2d46cd763ed9bda0444d35887844da8f1418d9bd0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-klKyBMib+3PpFA++mYdUdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 07 Mar 2022 14:56:59 GMT
date: Mon, 07 Mar 2022 14:56:59 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-klKyBMib+3PpFA++mYdUdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B698 13 KB
5 KB 35ms
16ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Mar 2022 14:40:04 GMT
expires: Tue, 07 Mar 2023 14:40:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 1015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9E33 783 B
533 B 26ms
26ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

03068997bed60ded02d0b912a72ed25e8e95f456ca842df6f4e078d2554a2a92

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cws/apJZai/OLz9g1S5SwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 07 Mar 2022 14:56:59 GMT
date: Mon, 07 Mar 2022 14:56:59 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-cws/apJZai/OLz9g1S5SwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_2022030201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B169 364 KB
122 KB 16ms
16ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065453

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

499d742344f4b69df1c45273acccf5c6941269f48276e4d52cdabdfbb77a7904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1059
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124504
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 09:35:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Mar 2023 14:39:20 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame ADF3 82 KB
27 KB 33ms
33ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

64ff64fa503bc9d8e4e3f3fbf1bee9a37f2548f130beada5e749be4b33a9645d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
server: sffe
etag: "1152 / 262 of 1000 / last-modified: 1646414445"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 07 Mar 2022 14:56:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 24A3 0
0 94ms
69ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030201&jk=2410310622912297&rc=null
Requested by: Host: nets4.com
URL: https://nets4.com/domain/evilmark.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame B169 107 B
122 B 49ms
25ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nets4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065453

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame B169 107 B
122 B 56ms
32ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nets4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065453

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B169 442 B
276 B 194ms
194ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1382523317830390&correlator=1150767813276654&eid=31064150%2C31065436%2C31065453&output=ldjh&gdfp_req=1&vrg=2022030201&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220307&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&eri=4&cookie_enabled=1&abxe=1&dt=1646665019850&dlt=1646665019739&idt=95&ea=0&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=294&adys=4230&ucis=of8nhkisl54v&adks=4203880072&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fevilmark.com&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=1852444038.1646665018&ga_sid=1646665020&ga_hid=83253598&ga_fc=true&fws=256&ohw=0&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065453

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

9603e3178faba135ae0013932620b3e3a2c636f948a17d3a4a915372064d2034

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nets4.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B169 13 KB
10 KB 56ms
31ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065453

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2ef84d8cd4a536592937e583c4388ae2cefb158416b95a41933008673865117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10452
x-xss-protection: 0

GET
H2 200 container.html Show response
e57834d9ef776e4e43a5a379137cd70c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4927 6 KB
3 KB 55ms
24ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e57834d9ef776e4e43a5a379137cd70c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065453

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 07 Mar 2022 14:56:59 GMT
expires: Tue, 07 Mar 2023 14:56:59 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9E33 0
0 69ms
68ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030101&jk=2968988290597184&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 pubads_impl_2022030201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame ADF3 364 KB
122 KB 15ms
15ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065513

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

499d742344f4b69df1c45273acccf5c6941269f48276e4d52cdabdfbb77a7904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2122
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124504
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 09:35:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Mar 2023 14:21:37 GMT

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame B698 35 KB
14 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 14:17:22 GMT

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 37E9 35 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 14:17:22 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame ADF3 107 B
122 B 24ms
24ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nets4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065513

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame ADF3 107 B
122 B 25ms
25ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nets4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065513

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame ADF3 26 KB
11 KB 272ms
272ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2588779079999851&correlator=1476963311743764&eid=31065435%2C31065513&output=ldjh&gdfp_req=1&vrg=2022030201&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220307&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600%7C120x600%7C200x200%7C250x250&eri=4&cookie_enabled=1&abxe=1&dt=1646665019937&dlt=1646665019786&idt=143&ea=0&biw=1600&bih=1200&isw=160&ish=600&oid=2&adxs=1148&adys=1298&ucis=tb3r0er7u9fh&adks=113378651&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fevilmark.com&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=160x0&msz=160x0&ga_vid=1852444038.1646665018&ga_sid=1646665020&ga_hid=698185403&ga_fc=true&fws=256&ohw=0&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065513

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

9236b501fbcf819c1a6ba64884946aab697e6b88fd417a96bce9543064a2d838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11424
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nets4.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame ADF3 14 KB
10 KB 41ms
40ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065513

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bff5a039d26b87070c2d6420c75b9406cc15907a238bfe6e74f632cbc170cd70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10586
x-xss-protection: 0

GET
H2 200 container.html Show response
454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5C74 6 KB
3 KB 63ms
27ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 07 Mar 2022 14:56:59 GMT
expires: Tue, 07 Mar 2023 14:56:59 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B169 17 KB
6 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065453

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 14:56:59 GMT

GET
H3 200 container.html Show response
ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C49C 6 KB
3 KB 42ms
16ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Mar 2022 14:56:59 GMT
expires: Tue, 07 Mar 2023 14:56:59 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 i
api.purpleads.io/x/a/052345fa9fcdcbc78212af3d2a64640e:dc7f739a17a30a9acc6d24fa77b23c3fda67b712f83453acf013ff724041bbda307227ea35ee54209b21e7c3f0328100c87aa452b01355dcc2014e17829764231c3a387cb197ee9... Frame 0
0 164ms
164ms Preflight 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/a/052345fa9fcdcbc78212af3d2a64640e:dc7f739a17a30a9acc6d24fa77b23c3fda67b712f83453acf013ff724041bbda307227ea35ee54209b21e7c3f0328100c87aa452b01355dcc2014e17829764231c3a387cb197ee95627c3f91233fd2b3f4a5a76de6adad128fd96e99ca07e50c01063b392b770f5f56f6035ef1432943c3bc39ce270a234589f75f3b919c45ef00392f42431af236b116c41b2ebcf8d1/i?id=4bd0238b-69e4-407f-9e2e-312eed4f0ac3&ts=1646665019959
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 980084e3-2fb8-4963-ab64-a12507cafc28

GET
H2 200 i Show response
api.purpleads.io/x/a/052345fa9fcdcbc78212af3d2a64640e:dc7f739a17a30a9acc6d24fa77b23c3fda67b712f83453acf013ff724041bbda307227ea35ee54209b21e7c3f0328100c87aa452b01355dcc2014e17829764231c3a387cb197ee9... 0
199 B 356ms
355ms Fetch 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/a/052345fa9fcdcbc78212af3d2a64640e:dc7f739a17a30a9acc6d24fa77b23c3fda67b712f83453acf013ff724041bbda307227ea35ee54209b21e7c3f0328100c87aa452b01355dcc2014e17829764231c3a387cb197ee95627c3f91233fd2b3f4a5a76de6adad128fd96e99ca07e50c01063b392b770f5f56f6035ef1432943c3bc39ce270a234589f75f3b919c45ef00392f42431af236b116c41b2ebcf8d1/i?id=4bd0238b-69e4-407f-9e2e-312eed4f0ac3&ts=1646665019959
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2V2aWxtYXJrLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 2.0.26

Response headers

access-control-allow-origin: https://nets4.com
date: Mon, 07 Mar 2022 14:57:00 GMT
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials: true
x-request-id: 77976360-450d-4a30-8148-a510c2d471d6

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012202072236000/ Frame 0653 220 KB
60 KB 102ms
44ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 266958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61519
x-xss-protection: 0
server: sffe
date: Fri, 04 Mar 2022 12:47:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "609f9f524fc23ab6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 04 Mar 2023 12:47:42 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 0653 16 KB
6 KB 80ms
22ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 266958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5708
x-xss-protection: 0
server: sffe
date: Fri, 04 Mar 2022 12:47:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4c9170e21c83610c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 04 Mar 2023 12:47:42 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 0653 96 KB
29 KB 92ms
34ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 266958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29623
x-xss-protection: 0
server: sffe
date: Fri, 04 Mar 2022 12:47:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f660f99fdfd5d6c6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 04 Mar 2023 12:47:42 GMT

GET
H2 200 amp-bind-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 0653 43 KB
14 KB 81ms
23ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-bind-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d843ad3a3881e8bb473d29e92bbfc2de1737cd85097bb448aff9a7fb05e544a8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 594626
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14476
x-xss-protection: 0
server: sffe
date: Mon, 28 Feb 2022 17:46:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1cef8e0038993477"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Feb 2023 17:46:34 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 0653 5 KB
2 KB 112ms
55ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 266958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1844
x-xss-protection: 0
server: sffe
date: Fri, 04 Mar 2022 12:47:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b0f41eb8e6d0a727"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 04 Mar 2023 12:47:42 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 0653 42 KB
14 KB 75ms
18ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 266958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13623
x-xss-protection: 0
server: sffe
date: Fri, 04 Mar 2022 12:47:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14164defe327400f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 04 Mar 2023 12:47:42 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0653 8 KB
1 KB 65ms
24ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 14:34:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 07 Mar 2022 14:57:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Mar 2022 14:57:00 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0653 2 KB
2 KB 20ms
17ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 71832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 07 Mar 2022 18:59:48 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0653 295 B
319 B 21ms
16ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 33206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 08 Mar 2022 05:43:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0653 0
0 31ms
25ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTsjtBCB8e5QUpnlpsYjxOKuKDFzuDTADEENcUktG7Heqva-tyltOHH53tA0D73TGjlCcp71990wRquqt_y8czcnsckHA
Requested by: Host: nets4.com
URL: https://nets4.com/domain/evilmark.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 0653 225 B
249 B 23ms
16ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 11:09:14 GMT
x-content-type-options: nosniff
server: cafe
age: 13666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14085932017949564970
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Tue, 08 Mar 2022 11:09:14 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0653 0
0 89ms
87ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBZ7UOx0mYtXIJ4Tl3wPLkaww9fPU4Gjmmcumhw6IlPiHswIQASDy07l7YJWCgICgB6AB9fz92gPIAQHgAgCoAwHIAwqqBPkBT9CD4nDiGnLjEd8tfAktURv-f1cCKDKIstTKiE0VFTaLETQ8hrhcooYSaRWZ91WEhhsWi2m_xKXPqaM-oMstWLCKAIr2tgFtw9Q7Vo57YtKOuSPOr0bdp99JqrrQqWi-_YiKMK3MbgoPDRfqUcDh-PMa5rJq-ptt37HtaAI8SajVnVsBn1x3o5bzsEfnmze7T2xv4atxAZzo4aweindl1LG6fsJV0OajDHnzx-2xSOJ3PTbCk8cclOYN2pbLHmmZqZtn-G4YZIQ3jBHTLj5er2Kpr38yr3ZeGxminWTdUDdNbkUwdvYmlbS889eK7aCO5BElZp6oEyzZwATI3binkAPgBAGSBQQIBBgBkgUECAUYBIAH84KCJagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELS2D9IICQiI4YAQEAEYHYAKA8gLAdgTCogUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi01NDEzMzI5NTQ0MDQwOTQ3GMGMdA&sigh=RcdEOop9dXI&uach_m=[UACH]
Requested by: Host: nets4.com
URL: https://nets4.com/domain/evilmark.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 i Show response
api.purpleads.io/x/a/c5884cfc475699487f3d451e29297dc9:6093d0360585902b00632937b87e6cde6d14c1f9b8ec294eecc0ef63c3d88c76735dbc8afe9ae9c1b72938dfbf6016868071d81945640a42e53cf0a03e14fa2c5af279f9c09205a... 0
200 B 326ms
325ms Fetch 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/a/c5884cfc475699487f3d451e29297dc9:6093d0360585902b00632937b87e6cde6d14c1f9b8ec294eecc0ef63c3d88c76735dbc8afe9ae9c1b72938dfbf6016868071d81945640a42e53cf0a03e14fa2c5af279f9c09205a65abd96b917575e16ffb0ddab29f6668f953e140526d875724174eb15c776a765807270d21796cb18c06e4233013bbb99ec6ce4222affed7922232cb4394d2658410d9f5a6cec6f4068093468d3e8b79269d2045d6012f903/i?id=7b17f979-7dad-42a1-89e1-cf4aaea2b929&ts=1646665020000
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2V2aWxtYXJrLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 2.0.26

Response headers

access-control-allow-origin: https://nets4.com
date: Mon, 07 Mar 2022 14:57:00 GMT
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials: true
x-request-id: 803824e7-55db-4263-9b3b-7e73778b26f4

OPTIONS
H2 200 i
api.purpleads.io/x/a/c5884cfc475699487f3d451e29297dc9:6093d0360585902b00632937b87e6cde6d14c1f9b8ec294eecc0ef63c3d88c76735dbc8afe9ae9c1b72938dfbf6016868071d81945640a42e53cf0a03e14fa2c5af279f9c09205a... Frame 0
0 156ms
155ms Preflight 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/a/c5884cfc475699487f3d451e29297dc9:6093d0360585902b00632937b87e6cde6d14c1f9b8ec294eecc0ef63c3d88c76735dbc8afe9ae9c1b72938dfbf6016868071d81945640a42e53cf0a03e14fa2c5af279f9c09205a65abd96b917575e16ffb0ddab29f6668f953e140526d875724174eb15c776a765807270d21796cb18c06e4233013bbb99ec6ce4222affed7922232cb4394d2658410d9f5a6cec6f4068093468d3e8b79269d2045d6012f903/i?id=7b17f979-7dad-42a1-89e1-cf4aaea2b929&ts=1646665020000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 8c9773d6-cab6-44db-b417-5f5929756117

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame ADF3 17 KB
6 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065513

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 14:57:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame AED5 82 KB
27 KB 40ms
39ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

78271e5eab32b96dd3dc099fd7648c4cd621658b2bd654b0e65fecc4b2547d1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
server: sffe
etag: "1152 / 651 of 1000 / last-modified: 1646414445"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 07 Mar 2022 14:57:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C932 13 KB
5 KB 16ms
16ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Mar 2022 14:40:04 GMT
expires: Tue, 07 Mar 2023 14:40:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 1016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EBA5 783 B
537 B 27ms
27ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f8fba18c8eff0e07e20bbd33c8f42fb2331160af716f8a6cc23bb7f5a25637df

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-J7f60D/97QQHjYQhDOQRFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 07 Mar 2022 14:57:00 GMT
date: Mon, 07 Mar 2022 14:57:00 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-J7f60D/97QQHjYQhDOQRFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C49C 0
0 85ms
84ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C48oxOx0mYtCLK8i83gPf55KYDsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKAB1bbS6gPIAQmpAshHdn0GLrI-4AIAqAMBqgT3AU_QuiKdaPAJSPgJfcNsVydbTWLec-8rzgkY9RblNvYuTLNr8zOxuaFcxC526r3BW8Bp-FIW-3H1KIXIYotXMvRGbsTrdB-1pre9FW_hELZEoedHzaWXhNvm9QtdKw72HT7hCH2SLZzdVeiXlszeu3_tO_RH0yK8PSdbbb5jDLFazSlUlIenLlg0wzVOv585xw5oa78ILe9xP0HmNMpVzKMy49Tke9E_oynus0EU1oIDSKehoPeuLFDbvG_hnahxpZeF50h48HB0v3X16eIO6fHMBInaWbRYYDsU9ICmvSrFClHvba9obFg4C5vbbLqVthkS1cIVC_fgBAGABpzSxb33o_7IwgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00OTAzNDUzOTc0NzQ1NTMwGIu5dw&sigh=HM1eH6dMKbg&uach_m=[UACH]&cid=CAQSPwCNIrLMGPjayJKivQJaGtqF1TKvKOcmDdPLp2ueSGs3-aUMkb2gr00-EZMyv3DKK9BoJejMUyNPUCdyV59oUxgB
Requested by: Host: nets4.com
URL: https://nets4.com/domain/evilmark.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame C49C 0
0 75ms
22ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UOqXEsg12AVanYNiAgIAAADCQBX5g68IgBA7HSZiLd53imo5PbduYk0AEg&wp=YiYdOwAKxdAKd55IAASz3_hag5_yFzrehgQ6VA

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
server: Kestrel
server-processing-duration-in-ticks: 237919
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame F133 122 KB
42 KB 183ms
133ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YiYdOwAKxdAKd55IAASz3_hag5_yFzrehgQ6VA&u=%7Csg%2FahQfna9sYG4Q%2BiIHJrsRiOtBODSs9otTkdCyJBwQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWTXJx1Y1e4pgxvzkJzD1hYLx7EUKPAdHLDCVTCZFc7XhWlpaikQ8oZtkf5GAs8B4GRv9m4gATW9tpDjOYDkL8dtV2mWlxkfPij00XN1f5ZA_id6fHNrHcyjE-lROrdWful1lYb791-EgQimyo8b4CNfJ9oTewL11Xvw8qny_nKN3ykQ4drAF_uO5GJQh3X-wya5gXaR7jYWIp71EsY6FmEWsQzJYEuuYZ5UarM9vQu8mt8Sy0AM7wXp3YNoLnC-zvID-kqIk8yGUIRgnTaESMBK0Bs-tdOgEOGmh5ViJHbix0p-mr4Bcph4X-QEs5GuLYL0w2xV3i61T7mSMudJTeggXzyWIItv0T0IDUM8Mi0Bie7IizJQQN3ZU8wdSq8Mh-WioFWWjxtRzt6jMj3X8-nltbCsGS5XJSfVknwkJhfFfyJMeDRaeFYLrMzBGi16lU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDrIMOx0mYtCLK8i83gPf55KYDsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKAB1bbS6gPIAQmpAshHdn0GLrI-4AIAqAMBqgT6AU_QuiKdaPAJSPgJfcNsVydbTWLec-8rzgkY9RblNvYuTLNr8zOxuaFcxC526r3BW8Bp-FIW-3H1KIXIYotXMvRGbsTrdB-1pre9FW_hELZEoedHzaWXhNvm9QtdKw72HT7hCH2SLZzdVeiXlszeu3_tO_RH0yK8PSdbbb5jDLFazSlUlIenLlg0wzVOv585xw5oa78ILe9xP0HmNMpVzKMy49Tke9E_oynus0EU1oIDSKehoPeuLFDbvG_hnahxpZeF50h48HB0v3X16eIO6fHMRov7yzPX_CiraJQFbRdj8lj7ZxliQkC6v1PmykgqqDUKUGiRGEgcakngBAGABpzSxb33o_7IwgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0VZ8cPITE6KfsreSnrxFmGaL6QkA%26client%3Dca-pub-4903453974745530%26adurl%3D

Requested by

Host: ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com
URL: https://ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c6f259c7a7391bd6dae4cb3e0bf644f2f914817a803de9f7967d6347b53cd0d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com/

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=_Vc48YolLF3Qt7ARF9mLHxPWGdn610RP8meFrE76Wmg4RfG-9LtDrgZb07xVWPDrgp2OeXTeE48p3JKQnOGYFF7ITNIY-tvc_mnhsU1HNcXF7rvlcbthd5jUcvgs1DlEesmKG07NVvycvCeA5bI3zJFK6raAFSDyf0YH1nt_mv1iMcjdZz6lU1hNeH6O09bzmIpWH3ekJ6OBJ5ziT8jDDh_Bw--NQIV-pOny6zBQQOpe0a01t3ZuDijZ1mw"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 107691796
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame C49C 2 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/window_focus_fy2019.js

Requested by

Host: ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com
URL: https://ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 14:56:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C49C 124 KB
39 KB 66ms
26ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com
URL: https://ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 14:57:00 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame C49C 15 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com
URL: https://ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 14:56:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C49C 0
0 25ms
25ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRl806JpYq32bU9_xL_bR-oCL9ie1dF9ErcjICvnfe85C2eed9061y_RONQM8gnbFnMhZYazPt8XILIlNTcwGlk35I6HQ
Requested by: Host: ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com
URL: https://ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame C49C 22 KB
7 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com
URL: https://ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 14:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Mar 2023 14:03:17 GMT

GET
DATA 200
OK truncated
/ Frame 0653 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d286b2753cb20f00d7222cf67add356df61c62714c4c695917293eab23c1610

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 0653 28 KB
28 KB 60ms
17ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nets4.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 22:47:37 GMT
x-content-type-options: nosniff
age: 490163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Mar 2023 22:47:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B9D2 13 KB
5 KB 16ms
15ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Mar 2022 14:40:04 GMT
expires: Tue, 07 Mar 2023 14:40:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 1016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 099D 783 B
535 B 28ms
27ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d1f10a248466f9d4823788927d117dac7d12255a2b43acf46e87cce60c3419a3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-47SEfIg3wsxQpXOxpKLSBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 07 Mar 2022 14:57:00 GMT
date: Mon, 07 Mar 2022 14:57:00 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-47SEfIg3wsxQpXOxpKLSBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_2022030201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame AED5 364 KB
122 KB 15ms
15ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065453

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

499d742344f4b69df1c45273acccf5c6941269f48276e4d52cdabdfbb77a7904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1060
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124504
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 09:35:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Mar 2023 14:39:20 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 37E9 0
9 B 16ms
15ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WQD4dg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B698 0
9 B 15ms
15ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dUWf0A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 0653
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

136ms
93ms

Image
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol: H2
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Mon, 07 Mar 2022 14:57:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 ww.mjs Show response
cdn.ampproject.org/rtv/012202072236000/ Frame 0653 46 KB
13 KB 51ms
16ms Fetch
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/ww.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27b12ba011ac71b930c18879e96051d0ed9ba9e1f9e39b5d024345f1180181f5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: text/plain
Referer: https://nets4.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 594625
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13577
x-xss-protection: 0
server: sffe
date: Mon, 28 Feb 2022 17:46:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3da6b1fed14c46a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Feb 2023 17:46:35 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0653 2 KB
2 KB 16ms
15ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 71832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 07 Mar 2022 18:59:48 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0653 295 B
319 B 16ms
16ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 33206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 08 Mar 2022 05:43:34 GMT

GET
H3 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 0653 225 B
249 B 16ms
16ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 11:09:14 GMT
x-content-type-options: nosniff
server: cafe
age: 13666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14085932017949564970
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Tue, 08 Mar 2022 11:09:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EBA5 0
0 69ms
69ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030201&jk=1382523317830390&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 container.html Show response
454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0879 6 KB
3 KB 17ms
17ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065513

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Mar 2022 14:56:59 GMT
expires: Tue, 07 Mar 2023 14:56:59 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 i
api.purpleads.io/x/a/9b2c83edde6156cc143a6e026c75a72e:c3de84fd69a70a1fa687b5004acdd6026a1950495931913e235e538d49642b8a93a06d13259ac631fd9afd1bdaf0210f21429341d277c84ed02589d93fab7609ada132c2e85df0d... Frame 0
0 129ms
128ms Preflight 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/a/9b2c83edde6156cc143a6e026c75a72e:c3de84fd69a70a1fa687b5004acdd6026a1950495931913e235e538d49642b8a93a06d13259ac631fd9afd1bdaf0210f21429341d277c84ed02589d93fab7609ada132c2e85df0d951273f1e56e655d2ca369f3d2fa5b1b3d91a0a7ac645144b8fe26a5884f5d854a551b90cfb3b4d1134ecab52ea857fc0b5028f1407b53e2c12dba7b342ee79a2eabfd6153fa85d40/i?id=3c6d8159-4d81-412f-b230-df0f3d1c1999&ts=1646665020255
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 3c5b0dba-c116-40b9-8781-59a8937aa41b

GET
H2 200 i Show response
api.purpleads.io/x/a/9b2c83edde6156cc143a6e026c75a72e:c3de84fd69a70a1fa687b5004acdd6026a1950495931913e235e538d49642b8a93a06d13259ac631fd9afd1bdaf0210f21429341d277c84ed02589d93fab7609ada132c2e85df0d... 0
199 B 309ms
309ms Fetch 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/a/9b2c83edde6156cc143a6e026c75a72e:c3de84fd69a70a1fa687b5004acdd6026a1950495931913e235e538d49642b8a93a06d13259ac631fd9afd1bdaf0210f21429341d277c84ed02589d93fab7609ada132c2e85df0d951273f1e56e655d2ca369f3d2fa5b1b3d91a0a7ac645144b8fe26a5884f5d854a551b90cfb3b4d1134ecab52ea857fc0b5028f1407b53e2c12dba7b342ee79a2eabfd6153fa85d40/i?id=3c6d8159-4d81-412f-b230-df0f3d1c1999&ts=1646665020255
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2V2aWxtYXJrLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 2.0.26

Response headers

access-control-allow-origin: https://nets4.com
date: Mon, 07 Mar 2022 14:57:00 GMT
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials: true
x-request-id: e2da27c9-8eb2-4595-bf58-01dd4cbf5b51

GET
H2 200 / Show response
api.purpleads.io/x/b/ 9 KB
2 KB 529ms
525ms Fetch
application/json 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/b/?idx=5&pid=3bc8e66a58954a99842d4b0b1997a06e&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=1c10b731-e85c-4783-ac9d-8e39bb6c05a4&demand=adipolo&ts=1646665020296
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash: 8ea89251f9af2ef6f1f136dc7a71fe9122fa9df10d35d99ffc12de57ef638e30

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2V2aWxtYXJrLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 2.0.26

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
content-encoding: gzip
etag: W/"235b-rn4J+OT1tZ0M9Tk5hBIVTNHSleY"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
x-request-id: d4f921e5-51b4-49fb-9bfc-ecff38d1a312

OPTIONS
H2 200 /
api.purpleads.io/x/b/ Frame 0
0 157ms
157ms Preflight 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/b/?idx=5&pid=3bc8e66a58954a99842d4b0b1997a06e&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=1c10b731-e85c-4783-ac9d-8e39bb6c05a4&demand=adipolo&ts=1646665020296
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 7301347c-2789-486c-a589-ca8210c1f40f

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame AED5 107 B
122 B 31ms
30ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nets4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065453

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 14:57:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame AED5 107 B
122 B 26ms
26ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nets4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065453

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 14:57:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame AED5 26 KB
11 KB 242ms
242ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=462823231518315&correlator=3911184907762927&eid=31065453%2C31065497%2C31065503&output=ldjh&gdfp_req=1&vrg=2022030201&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220307&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&eri=4&cookie=ID%3D8a3a6984fdd0fedd%3AT%3D1646665019%3AS%3DALNI_MZBGKVXtiM3Bb7RGYUQfzWisybbuQ&abxe=1&dt=1646665020351&dlt=1646665020055&idt=278&ea=0&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=294&adys=2372&ucis=adgm3jnpnyaq&adks=4203880072&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fevilmark.com&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=1852444038.1646665018&ga_sid=1646665020&ga_hid=320940945&ga_fc=true&fws=256&ohw=0&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065453

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

5441052b90ea7c9dd9e004b29063fbd95969ca46e5cb6850f535c5da87935ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11443
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nets4.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AED5 14 KB
10 KB 32ms
31ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065453

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d11806876d8ce00009929055b3e6378b92b288bb5811ff020efda25028650463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 14:57:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10590
x-xss-protection: 0

GET
H2 200 container.html Show response
f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ECFE 6 KB
3 KB 39ms
24ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065453

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 07 Mar 2022 14:57:00 GMT
expires: Tue, 07 Mar 2023 14:57:00 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame C932 35 KB
14 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 14:17:22 GMT

GET
DATA 200
OK truncated
/ Frame C49C 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6aa327026d0b4ca42fdd9924926a06a5f33df4cd62f85862bea39caeda2f335f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame F133 2 KB
1 KB 72ms
23ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiYdOwAKxdAKd55IAASz3_hag5_yFzrehgQ6VA&u=%7Csg%2FahQfna9sYG4Q%2BiIHJrsRiOtBODSs9otTkdCyJBwQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWTXJx1Y1e4pgxvzkJzD1hYLx7EUKPAdHLDCVTCZFc7XhWlpaikQ8oZtkf5GAs8B4GRv9m4gATW9tpDjOYDkL8dtV2mWlxkfPij00XN1f5ZA_id6fHNrHcyjE-lROrdWful1lYb791-EgQimyo8b4CNfJ9oTewL11Xvw8qny_nKN3ykQ4drAF_uO5GJQh3X-wya5gXaR7jYWIp71EsY6FmEWsQzJYEuuYZ5UarM9vQu8mt8Sy0AM7wXp3YNoLnC-zvID-kqIk8yGUIRgnTaESMBK0Bs-tdOgEOGmh5ViJHbix0p-mr4Bcph4X-QEs5GuLYL0w2xV3i61T7mSMudJTeggXzyWIItv0T0IDUM8Mi0Bie7IizJQQN3ZU8wdSq8Mh-WioFWWjxtRzt6jMj3X8-nltbCsGS5XJSfVknwkJhfFfyJMeDRaeFYLrMzBGi16lU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDrIMOx0mYtCLK8i83gPf55KYDsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKAB1bbS6gPIAQmpAshHdn0GLrI-4AIAqAMBqgT6AU_QuiKdaPAJSPgJfcNsVydbTWLec-8rzgkY9RblNvYuTLNr8zOxuaFcxC526r3BW8Bp-FIW-3H1KIXIYotXMvRGbsTrdB-1pre9FW_hELZEoedHzaWXhNvm9QtdKw72HT7hCH2SLZzdVeiXlszeu3_tO_RH0yK8PSdbbb5jDLFazSlUlIenLlg0wzVOv585xw5oa78ILe9xP0HmNMpVzKMy49Tke9E_oynus0EU1oIDSKehoPeuLFDbvG_hnahxpZeF50h48HB0v3X16eIO6fHMRov7yzPX_CiraJQFbRdj8lj7ZxliQkC6v1PmykgqqDUKUGiRGEgcakngBAGABpzSxb33o_7IwgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0VZ8cPITE6KfsreSnrxFmGaL6QkA%26client%3Dca-pub-4903453974745530%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Mar 2023 14:57:00 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame F133 2 KB
1 KB 71ms
23ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Mar 2023 14:57:00 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame F133 308 B
636 B 57ms
22ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 02 Mar 2023 14:57:00 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame F133 507 B
835 B 59ms
24ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Thu, 02 Mar 2023 14:57:00 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame F133 43 B
347 B 87ms
26ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=DC8t2l7SUV9S9xYEPwMeUmlJC_IrqE5acl17VUzjvlUUUO1itDknVWcVp5qb0FKsmx4nM0KBZy4FwjYmojefwwruWZ8fUf8g8HRdNH86EkA9JTWqHpy2LwaxuDdZPlFcLKWLFzhf50E12xLva-EMJhmL-Dr7i5sWYV_iUvvyrVxDDdSb8IftkE0Ru9NH8T7BA911b-cCXvWUjXEPNxCrOWdW9RBs21_EEQFtgtyB1_9z37XeqXlisRS7LVp1WxvxL1_eYlGM2W0sAeUejDCcebNgxLmTwKAUkziAh9ZleDKx-2G2jwL8F1sQ3QX5zFeeKUAUd0lcl_hFAcMH08ZB5-WBhMbxXxhF9Rm1zbl30tE8Pm6WXIJayyJdzmug2pcR0xYJKQfIBxtXto6Zkra2pQ3tTsXzSoCzOKLbjCe9TdZZXrjl3_TevnHfBl2OvXlQ6IiJ0g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:00 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3106278
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 099D 0
0 70ms
69ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030201&jk=2588779079999851&rc=null
Requested by: Host: nets4.com
URL: https://nets4.com/domain/evilmark.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0879 0
0 88ms
87ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CC1k1Ox0mYuaOPMT83wPujJ04kOGBhFy2qMKK8ALAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKABwq7o3QPIAQmpAshHdn0GLrI-4AIAqAMBqgT4AU_QbUDRO4Vehpl_JthkOSpowpg8dMNC3WpYnGprykq2z-wsdZicLJtx6-ZT5UPksptq-bfIoXLtQuP_31mmNZ2JlfWwJHSioZsGeHDonXJ3n3k4rTkFOxwv6IWZwJTL43RMRzqAPt0Bm9V6AjjHan5uHI-s0LtkLef-jQ17jFlcJRpPWUugJvB1tlsR9Gshf_kNKwbS1VZMR4VPDcXWRBRSPWZaxkRBWmQ2gALS3XhNObPuMkTw96wTrpzFPZPD5IskyLK4C-EAvfTs-hG_Fxr1bMp2jt63QLJfK1dgaCJOXHVSOziqX74WUHLrDCPP1bj9k0oUFAXz4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDkwMzQ1Mzk3NDc0NTUzMBiLuXc&sigh=JjOrsJeb0yM&uach_m=[UACH]&cid=CAQSPACNIrLMgCTfREpJPGS7BYDW7F-ztsflkQ17tDhwKwYn1fMM14cmfMOs7A7RdVC4lu9Yf3sOndLngE5YVRgB
Requested by: Host: nets4.com
URL: https://nets4.com/domain/evilmark.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 0879 0
0 71ms
28ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jftfe4rs7wk59p061ss5j9jz7n5frnr7bw89tm05ajkt0c2npvh9wfbfc9wgk3y0wnjr30grnzmwxc0mp2ypk2xqmf98sbngbcjrmjrvjn23mdy6gq251m2p1j9r7c65vqhwzz8qr65myy33hree67vpa1hnvk5yqb8x4cf7gx2c9m0sf2egpxg0e0kjws3tx5wg13xabpn6nkfhc7g84stfw410gwhgynjkgxy0qnbemjsmqh8qg09dbapq20yd22s3wx3yyxj29mqx8wzpcqrwrxapdgb71j1re96zsf6pt94rr04c9p9ttkm918j7s06zwsea2vhjyg6jq8h1q6rtxh7kmkj2ex50x2ftx1bf8b7abjscmeptvstn45wdbwtja9sf97b29800sphmjrvzp6ct&b=YiYdOwAPB2YKd_5EAAdGbq_vQam13Zm_5oxOJQ
Requested by: Host: nets4.com
URL: https://nets4.com/domain/evilmark.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 07 Mar 2022 14:57:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame EBB2 2 KB
3 KB 68ms
34ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hyvyt6bagwx1p5m0wzx37ztkyh6ctyw10zd1h02zh0ksk8dc9vaw58zdkp6597ftbmwndh29d78n0xntscj6p78ax9j3ftwsb84vcgwt1f7qzc20w5d130et1pq0erf0ymme9fdj442nmshwb3pjm638v5gxaf6g8a57gqw4nxr57cazdb7vwz4vjj9vww3fxxc6fe9fr585cmxe23664ptfgppfms95n1mjsmk1yjpws3bhtkvqfdnbcpgt8k6an9pa3vzdgby44f2vcvm8tkz6s699n75f3dsrzjbavdwp1t4am9j56ahnfr3888dx3saejxwmzayjtjsjfx7mqagzd7zjywwcwjff5t3m2bsq7dgg9yrgp1b7550t8fbbdywqby0jcyfwtwjvhe5d53m1esnz0j2y06bcan8whpmke15g6bkt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVNw-Ox0mYuaOPMT83wPujJ04kOGBhFy2qMKK8ALAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKABwq7o3QPIAQmpAshHdn0GLrI-4AIAqAMBqgT7AU_QbUDRO4Vehpl_JthkOSpowpg8dMNC3WpYnGprykq2z-wsdZicLJtx6-ZT5UPksptq-bfIoXLtQuP_31mmNZ2JlfWwJHSioZsGeHDonXJ3n3k4rTkFOxwv6IWZwJTL43RMRzqAPt0Bm9V6AjjHan5uHI-s0LtkLef-jQ17jFlcJRpPWUugJvB1tlsR9Gshf_kNKwbS1VZMR4VPDcXWRBRSPWZaxkRBWmQ2gALS3XhNObPuMkTw96wTrpzFPZPD5IskyLK4C-EAvfTs-hG_Fxr1bIh0r0xguTUf49Ao_vgHzodrLzIHVZAOjfIpRbE3QabRi5_Ii0U7fzm24AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3iltjcZ37znudFHI4p-4f7Tg1uTQ%26client%3Dca-pub-4903453974745530%26adurl%3D

Requested by

Host: 454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com
URL: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6728e1d20e88098fc74ecfffa43ef11aaec970fbc78de1d6b0ff172538a0c540

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e842e59ca3e9bca-FRA
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame 0879 2 KB
1 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/window_focus_fy2019.js

Requested by

Host: 454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com
URL: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 14:56:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9589 1 KB
749 B 17ms
17ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com
URL: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 07 Mar 2022 05:53:44 GMT
expires: Tue, 08 Mar 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 32596
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0879 124 KB
38 KB 63ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com
URL: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 14:57:00 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame 0879 15 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com
URL: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 14:56:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0879 0
0 25ms
24ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTAfNfwr0VKX7X1OhMkS9bkpL_Akc2RU9uo_17C28qfjkv_hU5HXFAubvH1378zq5y79TbL9aQwNUyGkjuvszN_kbelFQ
Requested by: Host: 454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com
URL: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0879 22 KB
7 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com
URL: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 14:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Mar 2023 14:03:17 GMT

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame B9D2 35 KB
14 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 14:17:22 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AED5 17 KB
6 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065453

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 14:57:00 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame F133 12 KB
5 KB 26ms
26ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 489522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0ryTG4MYvr9WgVcZ0c3nlilJktIvSx3AoTFegK0IJOtaJ31kjBXdifCcf6D40O0Vgg40N1jWLCarxxE6iX%2Bkg3yDLwWlXOOr8jc6lvVyP%2FzXfZ6o%2FThok7K3FngkCYIoGInZVJ%2BDtTqQc5oBjRkVJyP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e842e59ad579bbc-FRA
expires: Sat, 25 Feb 2023 14:57:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame F133 12 KB
6 KB 40ms
23ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Mar 2023 14:57:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F133 16 KB
16 KB 100ms
42ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=176&m=0&partner=1895&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F1895%2F181017%2Fa165609b423c4c0c8975927ff1343dbb_logo_n_horizontal_3.png&v=3&w=256&s=SB2dAK10PUdfxhq5l7-kIXy_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e6a93f480cbf33a2e016fd777ca2e7a0944773d2f1d3874b1a44765794a84d19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29684468
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 16450
expires: Tue, 14 Feb 2023 04:38:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F133 137 KB
138 KB 137ms
79ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=1895&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F1895%2F220121%2F72ba830e1aed4a46a9269e640b56bfab_img_horizontal_1.png&v=3&w=1200&s=xGT4xEOPQHPnR3vq9jIAU2lv

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2ff65b0600fe7250809e82ea0c84552439ab72f585bf50a814698cbcd0db7d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29869500
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 140498
expires: Thu, 16 Feb 2023 08:02:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F133 12 KB
12 KB 99ms
41ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F21baut_c0918_red.jpg&v=3&w=400&s=walh-auEXnABYb0Xls9Jtzia&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2302ef8bdd8794ad935e006948eca54d2c0259871dcbfbc5b784447b5ada8a5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=65737
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 11884
expires: Tue, 08 Mar 2022 09:12:37 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F133 10 KB
11 KB 123ms
65ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F21waut_a1014_wht.jpg&v=3&w=400&s=V_ioYs31wudukl0Nf0XSg_fB&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

caa6fb5239ca83ee694d34cd07918ee773d18b1a429d2f9e354be434b41ea209

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=99022
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 10500
expires: Tue, 08 Mar 2022 18:27:23 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F133 12 KB
12 KB 107ms
50ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F22wspr_j0585_org.jpg&v=3&w=400&s=-dAnZ3n-ou_LejKm_klErRCJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

3e387f60e81f624045b0bbea55f425afb9d9d78e7e3d68f61299d7bd2b06316d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=99200
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 12410
expires: Tue, 08 Mar 2022 18:30:21 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F133 22 KB
23 KB 130ms
72ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F21uaut_y1708_yel.jpg&v=3&w=400&s=x2oHBjD8TFNh1FeWFkGEcDJw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

23de04f333f6df873688e3bcb116bd5757f25b32326c8038b8c97a95957375e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=65495
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 22824
expires: Tue, 08 Mar 2022 09:08:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F133 10 KB
10 KB 95ms
94ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F22gsum_g3123_pnk.jpg&v=3&w=400&s=RsQkpbta_e2Epxgc2_m9g7Tz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

daf627c0def4ab23a6171270b7e6dea53d1c625db807aaf0a9322d284b3e601c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=99813
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9746
expires: Tue, 08 Mar 2022 18:40:33 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F133 13 KB
14 KB 95ms
93ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F22wspr_s0179_irs.jpg&v=3&w=400&s=jkLDWR2GYgLBJonOce7t9xz8&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9717c1881ab82152f1fef06042b1d8eb69ed12f32062dcc7d5d5f865811e4483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:59 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=18400
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 13574
expires: Mon, 07 Mar 2022 20:03:41 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F133 31 KB
32 KB 104ms
103ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F22wspr_d0094_mpt.jpg&v=3&w=400&s=RB5BnwHQSgNFdJ12iB93lpMv&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

866075e9f9540d3fbc1af75076631d86c71404b40ce5252d4e5085b0d9964e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=80231
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 32168
expires: Tue, 08 Mar 2022 13:14:12 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame F133 0
127 B 86ms
29ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=_Vc48YolLF3Qt7ARF9mLHxPWGdn610RP8meFrE76Wmg4RfG-9LtDrgZb07xVWPDrgp2OeXTeE48p3JKQnOGYFF7ITNIY-tvc_mnhsU1HNcXF7rvlcbthd5jUcvgs1DlEesmKG07NVvycvCeA5bI3zJFK6raAFSDyf0YH1nt_mv1iMcjdZz6lU1hNeH6O09bzmIpWH3ekJ6OBJ5ziT8jDDh_Bw--NQIV-pOny6zBQQOpe0a01t3ZuDijZ1mw&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 07 Mar 2022 14:56:59 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F133 2 KB
1 KB 27ms
26ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Mar 2023 14:57:00 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame F133 2 KB
1 KB 29ms
27ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Mar 2023 14:57:00 GMT

GET
BLOB 200
OK 7b2f64e0-9a18-4c84-945d-7fae9c11cbf5
https://nets4.com/ Frame 0653 47 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://nets4.com/7b2f64e0-9a18-4c84-945d-7fae9c11cbf5
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fb9443e2de03752863a1d0831e719754f7c9254124e868f539b0e97821fd76f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 47662
Content-Type: text/javascript

GET
H3 200 css
fonts.googleapis.com/ Frame F133 2 KB
538 B 50ms
26ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cabin:400%7CMuli:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f2c78d11d003e80352b2d13a775d2a137299302b3893210b68427a7d5ee3a72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 13:22:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 07 Mar 2022 14:57:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Mar 2022 14:57:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 9589 0
191 B 101ms
33ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEDocJCpG7w8UmVrlDg6vLMQ&google_cver=1&google_push=AYg5qPL7mocE0tyOCkVEqsGAjIUJw1t6FZSCLofQultWi7EgKKBwKSsMQ1t--7wZZUXwya6jRxtLw_FkQf_nOolMROhMUL3a5A4
Requested by: Host: 454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com
URL: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:00 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9589
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEF5dOVp-_WrnnqEsQzoi28M&google_cver=1&google_push=AYg5qPJcYJi62HvXDfTiU8tmCYf8N_jtn6RsALu2cz8syNMNONtc-64E9UrwMiOC5vy67a-z_M2cjKkSDhv...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJcYJi62HvXDfTiU8tmCYf8N_jtn6RsALu2cz8syNMNONtc-64E9UrwMiOC5vy67a-z_M2cjKkSDhvGfUvwNQFCozW22DE&google_hm=mLWZCMeoR9qTbjvy9WEhrrc

170 B
188 B

68ms
44ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJcYJi62HvXDfTiU8tmCYf8N_jtn6RsALu2cz8syNMNONtc-64E9UrwMiOC5vy67a-z_M2cjKkSDhvGfUvwNQFCozW22DE&google_hm=mLWZCMeoR9qTbjvy9WEhrrc

Requested by

Host: 454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com
URL: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:56:59 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJcYJi62HvXDfTiU8tmCYf8N_jtn6RsALu2cz8syNMNONtc-64E9UrwMiOC5vy67a-z_M2cjKkSDhvGfUvwNQFCozW22DE&google_hm=mLWZCMeoR9qTbjvy9WEhrrc
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9589
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEB5xlyDk-c2RmMa1AgAlZ2g&google_cver=1&google_push=AYg5qPLuiuqtPNKtRMaxh7W9aZJVt0Kj8Op7m5cebd5iQEQBde51eaEvJSzHHiz5uzrRIvEUdfA_yyDLaXvoBCBU88X45En...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLuiuqtPNKtRMaxh7W9aZJVt0Kj8Op7m5cebd5iQEQBde51eaEvJSzHHiz5uzrRIvEUdfA_yyDLaXvoBCBU88X45EnTfeY&google_hm=NjE1NDI2OTA4NTA3ODc0MDE...

170 B
188 B

43ms
43ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLuiuqtPNKtRMaxh7W9aZJVt0Kj8Op7m5cebd5iQEQBde51eaEvJSzHHiz5uzrRIvEUdfA_yyDLaXvoBCBU88X45EnTfeY&google_hm=NjE1NDI2OTA4NTA3ODc0MDE1Mw%3D%3D

Requested by

Host: 454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com
URL: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 07 Mar 2022 14:57:00 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLuiuqtPNKtRMaxh7W9aZJVt0Kj8Op7m5cebd5iQEQBde51eaEvJSzHHiz5uzrRIvEUdfA_yyDLaXvoBCBU88X45EnTfeY&google_hm=NjE1NDI2OTA4NTA3ODc0MDE1Mw%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9589
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN4SmEtQwhRmKkuHS45pFRQ&google_cver=1&google_push=AYg5qPIxpp4NdwOfI2rsYhq1m4xKQk_quYTH_SPYCHj-Rk1mkFfukz8Xqe0xn1JgV3yGkcHyPQYH0mg7...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN4SmEtQwhRmKkuHS45pFRQ&google_cver=1&google_push=AYg5qPIxpp4NdwOfI2rsYhq1m4xKQk_quYTH_SPYCHj-Rk1mkFfukz8Xqe0xn1JgV3yGkcHyPQY...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc5MjIyMzA3OTA1OTk4MzAwMw&google_push=AYg5qPIxpp4NdwOfI2rsYhq1m4xKQk_quYTH_SPYCHj-Rk1mkFfukz8Xqe0xn1JgV3yGkcHyPQYH0m...

170 B
188 B

43ms
43ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc5MjIyMzA3OTA1OTk4MzAwMw&google_push=AYg5qPIxpp4NdwOfI2rsYhq1m4xKQk_quYTH_SPYCHj-Rk1mkFfukz8Xqe0xn1JgV3yGkcHyPQYH0mg7DZmOD-qNX1ymarc2Tb4

Requested by

Host: 454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com
URL: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:00 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc5MjIyMzA3OTA1OTk4MzAwMw&google_push=AYg5qPIxpp4NdwOfI2rsYhq1m4xKQk_quYTH_SPYCHj-Rk1mkFfukz8Xqe0xn1JgV3yGkcHyPQYH0mg7DZmOD-qNX1ymarc2Tb4
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9589
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELzNa6GEqkXsEzXlQiuPe8Y&google_cver=1&google_push=AYg5qPJoEPDnVFIanMjhtyTycjQPMkR-AsvdPDHhI8RVxKvb_1MqCB8VSCzw4OeWOI65-v94mqC3tpPPYbfOHz3n...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJoEPDnVFIanMjhtyTycjQPMkR-AsvdPDHhI8RVxKvb_1MqCB8VSCzw4OeWOI65-v94mqC3tpPPYbfOHz3nMU2xASO-PH0

170 B
188 B

44ms
44ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJoEPDnVFIanMjhtyTycjQPMkR-AsvdPDHhI8RVxKvb_1MqCB8VSCzw4OeWOI65-v94mqC3tpPPYbfOHz3nMU2xASO-PH0

Requested by

Host: 454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com
URL: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 07 Mar 2022 14:57:00 GMT
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: ZRH50-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJoEPDnVFIanMjhtyTycjQPMkR-AsvdPDHhI8RVxKvb_1MqCB8VSCzw4OeWOI65-v94mqC3tpPPYbfOHz3nMU2xASO-PH0
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: HITpSd0M1Bq-mD3VP1JXD4qpIEHH4tFqI-QSXtNK0cyV8l87tcLpuQ==

GET

pixel
cm.g.doubleclick.net/ Frame 9589
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESEK0Dycwezl-HU-HD3tckN70&google_cver=1&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9589
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEPusvLqZwD86uY5q0wqdR0&google_cver=1&google_push=AYg5qPIqMLOwTndKP_b-XyI-09cVtOBKpGe2g2SIJFoGI6VYZd1e5o-B...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEPusvLqZwD86uY5q0wqdR0&google_cver=1&google_push=AYg5qPIqMLOwTndKP_b-XyI-09cVtOBKpGe2g2SIJFoGI6VYZd1e5o-B...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEPusvLqZwD86uY5q0wqdR0&google_cver=1&google_push=AYg5qPIqMLOwTndKP_b-XyI-09cVtOBKpGe2g2SIJFoGI6VYZd1e5o...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEPusvLqZwD86uY5q0wqdR0&google_cver=1&google_push=AYg5qPIqMLOwTndKP_b-XyI-09cVtOBKpGe2g2SIJFoGI6VYZd1e5o...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBkN2E4MDA1MS05ZTI2LTExZWMtODM3YS0wNjZlZjAzOTE5YjI%3D&google_push=AYg5qPIqMLOwTndKP_b-XyI-09cVtOBKpGe2g2SIJFoGI6VYZd1e5o-BqRDYR5Vew3...

170 B
188 B

44ms
44ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBkN2E4MDA1MS05ZTI2LTExZWMtODM3YS0wNjZlZjAzOTE5YjI%3D&google_push=AYg5qPIqMLOwTndKP_b-XyI-09cVtOBKpGe2g2SIJFoGI6VYZd1e5o-BqRDYR5Vew3ieW1CqxW9N6HhZOp7Stswmzhujnb8owjc

Requested by

Host: 454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com
URL: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBkN2E4MDA1MS05ZTI2LTExZWMtODM3YS0wNjZlZjAzOTE5YjI%3D&google_push=AYg5qPIqMLOwTndKP_b-XyI-09cVtOBKpGe2g2SIJFoGI6VYZd1e5o-BqRDYR5Vew3ieW1CqxW9N6HhZOp7Stswmzhujnb8owjc
date: Mon, 07 Mar 2022 14:57:00 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9589 0
232 B 66ms
24ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jo9vig0yHiAhM5c8fLNB8pfivfBz2jbolFYgDct6h1LLXdKbk9nkHoZbJkxfFr__dnHdUcBg

Requested by

Host: 454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com
URL: https://454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EC05 13 KB
5 KB 16ms
15ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Mar 2022 14:40:04 GMT
expires: Tue, 07 Mar 2023 14:40:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 1016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 26D9 783 B
532 B 26ms
25ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

490eb54dd601dc1fcb77abfcbc4549f8c65552d03d33ee78e3ff2bcfe62788cd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lhemlFxBF8WlOdaXeoaGgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 07 Mar 2022 14:57:00 GMT
date: Mon, 07 Mar 2022 14:57:00 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-lhemlFxBF8WlOdaXeoaGgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame EBB2 81 KB
11 KB 48ms
29ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hyvyt6bagwx1p5m0wzx37ztkyh6ctyw10zd1h02zh0ksk8dc9vaw58zdkp6597ftbmwndh29d78n0xntscj6p78ax9j3ftwsb84vcgwt1f7qzc20w5d130et1pq0erf0ymme9fdj442nmshwb3pjm638v5gxaf6g8a57gqw4nxr57cazdb7vwz4vjj9vww3fxxc6fe9fr585cmxe23664ptfgppfms95n1mjsmk1yjpws3bhtkvqfdnbcpgt8k6an9pa3vzdgby44f2vcvm8tkz6s699n75f3dsrzjbavdwp1t4am9j56ahnfr3888dx3saejxwmzayjtjsjfx7mqagzd7zjywwcwjff5t3m2bsq7dgg9yrgp1b7550t8fbbdywqby0jcyfwtwjvhe5d53m1esnz0j2y06bcan8whpmke15g6bkt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVNw-Ox0mYuaOPMT83wPujJ04kOGBhFy2qMKK8ALAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKABwq7o3QPIAQmpAshHdn0GLrI-4AIAqAMBqgT7AU_QbUDRO4Vehpl_JthkOSpowpg8dMNC3WpYnGprykq2z-wsdZicLJtx6-ZT5UPksptq-bfIoXLtQuP_31mmNZ2JlfWwJHSioZsGeHDonXJ3n3k4rTkFOxwv6IWZwJTL43RMRzqAPt0Bm9V6AjjHan5uHI-s0LtkLef-jQ17jFlcJRpPWUugJvB1tlsR9Gshf_kNKwbS1VZMR4VPDcXWRBRSPWZaxkRBWmQ2gALS3XhNObPuMkTw96wTrpzFPZPD5IskyLK4C-EAvfTs-hG_Fxr1bIh0r0xguTUf49Ao_vgHzodrLzIHVZAOjfIpRbE3QabRi5_Ii0U7fzm24AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3iltjcZ37znudFHI4p-4f7Tg1uTQ%26client%3Dca-pub-4903453974745530%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hyvyt6bagwx1p5m0wzx37ztkyh6ctyw10zd1h02zh0ksk8dc9vaw58zdkp6597ftbmwndh29d78n0xntscj6p78ax9j3ftwsb84vcgwt1f7qzc20w5d130et1pq0erf0ymme9fdj442nmshwb3pjm638v5gxaf6g8a57gqw4nxr57cazdb7vwz4vjj9vww3fxxc6fe9fr585cmxe23664ptfgppfms95n1mjsmk1yjpws3bhtkvqfdnbcpgt8k6an9pa3vzdgby44f2vcvm8tkz6s699n75f3dsrzjbavdwp1t4am9j56ahnfr3888dx3saejxwmzayjtjsjfx7mqagzd7zjywwcwjff5t3m2bsq7dgg9yrgp1b7550t8fbbdywqby0jcyfwtwjvhe5d53m1esnz0j2y06bcan8whpmke15g6bkt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVNw-Ox0mYuaOPMT83wPujJ04kOGBhFy2qMKK8ALAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKABwq7o3QPIAQmpAshHdn0GLrI-4AIAqAMBqgT7AU_QbUDRO4Vehpl_JthkOSpowpg8dMNC3WpYnGprykq2z-wsdZicLJtx6-ZT5UPksptq-bfIoXLtQuP_31mmNZ2JlfWwJHSioZsGeHDonXJ3n3k4rTkFOxwv6IWZwJTL43RMRzqAPt0Bm9V6AjjHan5uHI-s0LtkLef-jQ17jFlcJRpPWUugJvB1tlsR9Gshf_kNKwbS1VZMR4VPDcXWRBRSPWZaxkRBWmQ2gALS3XhNObPuMkTw96wTrpzFPZPD5IskyLK4C-EAvfTs-hG_Fxr1bIh0r0xguTUf49Ao_vgHzodrLzIHVZAOjfIpRbE3QabRi5_Ii0U7fzm24AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3iltjcZ37znudFHI4p-4f7Tg1uTQ%26client%3Dca-pub-4903453974745530%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1141623
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Tue, 22 Feb 2022 09:49:57 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6e842e5a88849052-FRA
cf-bgj: minify

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame EBB2 35 KB
13 KB 27ms
26ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hyvyt6bagwx1p5m0wzx37ztkyh6ctyw10zd1h02zh0ksk8dc9vaw58zdkp6597ftbmwndh29d78n0xntscj6p78ax9j3ftwsb84vcgwt1f7qzc20w5d130et1pq0erf0ymme9fdj442nmshwb3pjm638v5gxaf6g8a57gqw4nxr57cazdb7vwz4vjj9vww3fxxc6fe9fr585cmxe23664ptfgppfms95n1mjsmk1yjpws3bhtkvqfdnbcpgt8k6an9pa3vzdgby44f2vcvm8tkz6s699n75f3dsrzjbavdwp1t4am9j56ahnfr3888dx3saejxwmzayjtjsjfx7mqagzd7zjywwcwjff5t3m2bsq7dgg9yrgp1b7550t8fbbdywqby0jcyfwtwjvhe5d53m1esnz0j2y06bcan8whpmke15g6bkt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVNw-Ox0mYuaOPMT83wPujJ04kOGBhFy2qMKK8ALAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKABwq7o3QPIAQmpAshHdn0GLrI-4AIAqAMBqgT7AU_QbUDRO4Vehpl_JthkOSpowpg8dMNC3WpYnGprykq2z-wsdZicLJtx6-ZT5UPksptq-bfIoXLtQuP_31mmNZ2JlfWwJHSioZsGeHDonXJ3n3k4rTkFOxwv6IWZwJTL43RMRzqAPt0Bm9V6AjjHan5uHI-s0LtkLef-jQ17jFlcJRpPWUugJvB1tlsR9Gshf_kNKwbS1VZMR4VPDcXWRBRSPWZaxkRBWmQ2gALS3XhNObPuMkTw96wTrpzFPZPD5IskyLK4C-EAvfTs-hG_Fxr1bIh0r0xguTUf49Ao_vgHzodrLzIHVZAOjfIpRbE3QabRi5_Ii0U7fzm24AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3iltjcZ37znudFHI4p-4f7Tg1uTQ%26client%3Dca-pub-4903453974745530%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=tEZe3A==, md5=Jdq10Kok9oEWJwphx1gWLw==
date: Mon, 07 Mar 2022 14:57:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1166
x-guploader-uploadid: ADPycds1S9GbOzl75swOIMTP1TgdW5VToJrXkAx5weMmg0b7-qhqoxLoMGYPaWNRe5vM0AjfXsXSWP1R5dQzER9hlP2KOLEwAA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 26 Jan 2022 11:00:45 GMT
server: cloudflare
etag: W/"25dab5d0aa24f68116270a61c758162f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnMcHc2w9By0kXlvZQ1P%2BBuEnufLb5nDX07i9zmkRFflGt%2B2yFYM%2BSlhsCa9SChElrr4gQlvve0JTmhGqI%2BUIMwGtE0U0wbRTsIVe%2FFWuYOVHocC7PpKoultYtwhJsxqsIbHuy4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1643194845770575
content-type: application/javascript; charset=utf-8
expires: Mon, 07 Mar 2022 14:37:34 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11870
cf-ray: 6e842e5a6bce9bca-FRA
cf-bgj: minify

GET
DATA 200
OK truncated
/ Frame 0879 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d937393fafb440bc7ef710e5ec12aa0fa24d737218bd242ae61c9b1dbeda1de7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30eg.woff2
fonts.gstatic.com/s/muli/v26/ Frame F133 16 KB
16 KB 45ms
19ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v26/7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30eg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400%7CMuli:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

997b911237bf1ba3ae866d21754fd8e3873582aece25276fbb6b4877a61e1a80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 09:01:43 GMT
x-content-type-options: nosniff
age: 453317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16828
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:37:29 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 09:01:43 GMT

GET
H3 200 u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2
fonts.gstatic.com/s/cabin/v18/ Frame F133 15 KB
15 KB 20ms
17ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabin/v18/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb8138fe467ac4fd833c97df11108432d9a0f84486b05f08d34159aff9f104b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 05:32:15 GMT
x-content-type-options: nosniff
age: 465885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15440
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 20:56:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 05:32:15 GMT

GET
H3 200 container.html Show response
f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3333 6 KB
3 KB 16ms
16ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065453

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Mar 2022 14:57:00 GMT
expires: Tue, 07 Mar 2023 14:57:00 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 i
api.purpleads.io/x/a/bcb3e0c2a2cce062ff3faa9465d64ce6:72c3bda3b2e4228db254062023ddfc6cf9fae89e0eca813057dfbb312d45903036839a7beec48de122a4f9dab4380ce2e5dfd1b52ff8d76484bfb918b22461a8b3226ffbf93819e... Frame 0
0 131ms
131ms Preflight 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/a/bcb3e0c2a2cce062ff3faa9465d64ce6:72c3bda3b2e4228db254062023ddfc6cf9fae89e0eca813057dfbb312d45903036839a7beec48de122a4f9dab4380ce2e5dfd1b52ff8d76484bfb918b22461a8b3226ffbf93819e363aca50ecaf7d1b6e3e9676d3ac09a473ffb6cc5da87c5815e1066918316d8e9662f016e7c68be4ae1e1697b8b6bc9ad1f62dbb1ced7d808b2ee49127e4a8e01630b099453ba8265/i?id=4a796329-0b8f-4e1e-b46c-5743385c171e&ts=1646665020626
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: a3f6a01b-0bf6-46c4-a1c8-54d55e92c089

GET
H2 200 i Show response
api.purpleads.io/x/a/bcb3e0c2a2cce062ff3faa9465d64ce6:72c3bda3b2e4228db254062023ddfc6cf9fae89e0eca813057dfbb312d45903036839a7beec48de122a4f9dab4380ce2e5dfd1b52ff8d76484bfb918b22461a8b3226ffbf93819e... 0
199 B 347ms
347ms Fetch 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/a/bcb3e0c2a2cce062ff3faa9465d64ce6:72c3bda3b2e4228db254062023ddfc6cf9fae89e0eca813057dfbb312d45903036839a7beec48de122a4f9dab4380ce2e5dfd1b52ff8d76484bfb918b22461a8b3226ffbf93819e363aca50ecaf7d1b6e3e9676d3ac09a473ffb6cc5da87c5815e1066918316d8e9662f016e7c68be4ae1e1697b8b6bc9ad1f62dbb1ced7d808b2ee49127e4a8e01630b099453ba8265/i?id=4a796329-0b8f-4e1e-b46c-5743385c171e&ts=1646665020626
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2V2aWxtYXJrLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 2.0.26

Response headers

access-control-allow-origin: https://nets4.com
date: Mon, 07 Mar 2022 14:57:01 GMT
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials: true
x-request-id: fbaab78e-19c6-4a49-827e-136437247f18

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 26D9 0
0 70ms
69ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030201&jk=462823231518315&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame EC05 35 KB
14 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 14:17:22 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame EBB2 3 KB
4 KB 77ms
31ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Mon, 07 Mar 2022 14:57:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 600051
x-guploader-uploadid: ADPycdsAM1RKIW8NW9FXGsxgzhi5bSYe4VqqEbCt8J5Oc8iEgAF2SjSQc54Zb1FETUd5c-MZGmZZMUkSoxlmANI9NVVBPD3Irw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eKkoxh3JyR78ZfPe%2B7Qnim5HWhja9ix8HByFPunMeKLIxoQyAiVkmCBmkvLRm4UiaUwyu5VuTxK0pWWe8Q1KRbBK3j%2B2LwXsRp%2BM3fK9g2Ni%2BC8sd8%2F0EuZLbUopBFnjcQGGrarukQRiIXPPDV5BudUr"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6e842e5b6f669ba4-FRA
expires: Tue, 28 Feb 2023 16:16:09 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B9D2 0
9 B 15ms
15ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oj06QQ
Requested by: Host: nets4.com
URL: https://nets4.com/domain/evilmark.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 frame.html Show response
ad4m.at/ Frame 5C84 2 KB
2 KB 29ms
29ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdugBLBP-Vwd2B9WHPfqz7wLElCJPL4RDx_q8DQF8SE2-ZYKEh4d8NJI0q3TqTXs-Lt8QdoPKRS3lY5o3ig520BPzOfHoA
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
expires: Mon, 07 Mar 2022 15:57:00 GMT
cache-control: public, max-age=3600
last-modified: Wed, 06 May 2020 15:09:30 GMT
age: 891822
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bc%2FJ4a2fUFyF2sAYLiE1fbR0sJRPVfWxX1uVQYMIerhZO4Il7s%2FoJPu3w5cHXqwu5KUrUkPMUr1VoCwu3v%2Fj7QerG%2BFSxuOBlIl2xDue7OdtdJQ%2BQruax7mN6p6jdYn%2ByVAX3OM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6e842e5b39d89052-FRA
content-encoding: br

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C932 0
9 B 17ms
16ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uOm6TA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3333 0
0 88ms
88ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ChoNLPB0mYqesGMiBjuwP1Jq4kAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCyEd2fQYusj7gAgCoAwGqBPcBT9DkRRAiKAARMhkQZxnq9HcEBP3rd5WwM3wECA8YwAWniOlFOCA9JYNLWbk01HEqu4QmW98Ran7sTpcbtfWQeuP6X85FD9Y6VvkXxY9eMOkcWtLJvJXUC23ZPm_zJYRjVJochlIiLoHLlnszXG7CtYMSPXgUOLGwUaddr3vO-nQXawB-g7n0-dwC7jCq55yFl5J4bAUA7AmpYhKaW2TJOReJGYGShQRTzxzYf0lPOgcm30yCJQIpvAUg18BlLc2KtPXt7TrzIUVOuldWXRU8cOhz50PiW0lKzaBW1DjZ3jj3bVV2Sc38ajdtYuF_K8mVK9f5T_XJo-AEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ5MDM0NTM5NzQ3NDU1MzAYi7l3&sigh=vomx33xtZ4o&uach_m=[UACH]&cid=CAQSPACNIrLMww4nTTidmOjy_IYuGI6pFYAnvNRPW6DlDjGAS01rUD6q5mU810ivq14kp7tnpAlrHbfakPyjxhgB
Requested by: Host: nets4.com
URL: https://nets4.com/domain/evilmark.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame 3333 0
0 44ms
25ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kkw3aytzsj2n2p5mtpc7trmtqqp714dy3tngm746m0kydsfy7v8gagtgcz3rprnn0a3hm7102y7ew7t0gmw5d73etaw79he9a5exq94c1vgx97gh3fvjschbqgs61h8k0kfy4zxze7p96de1d2qncgg6eh3kx7t4jw0vs5fjnrwpxn9nadahpyrtrt5gptpz9van3pdddp33v2t55acczbrerqf7rqfydx13y99tz2wv3zsr5x12dbx0a38w8ct8fvpc5r24v7ptzhzt760hhmr1eavxc597zgtx2gpv046m6wnpek0mnzx61npaz8fryt1wdsbdbtf6f7cf632g4ycb0mpety5psyah5nvqqs24tt56zjqkq2eh75s62ax8tnxtxd36m89xax8fdvhwrr1dkdba&b=YiYdPAAGFicHg4DIAA4NVKCMnBJ9zEEkEveuhA
Requested by: Host: nets4.com
URL: https://nets4.com/domain/evilmark.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 07 Mar 2022 14:57:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 08D2 2 KB
3 KB 29ms
29ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jr7myrryjn81axw0z1a4a8h5qvs9h3vz4wk5nahzmk64vkhhvcc8q8gyk0jv38vxmen7vm5cwv0db7cp9ywb4bh5qa1cvadt0dxhfgnd29r687c5ddsryj4t9x8tfx7cghrjh35d34a9y219wgzkm87q9z2p8zg9wack880s6ceddp48dkbff7zgphm6cx5nkp9bpeznjwfg8ty0x9gcq7qnedsdfnakm29qaw68pb01rrcp4vvtdey9v77517r5fj9ga85dqvgxwt68xxhcp67arb40wkemdkhh184z6ew2qyn1kt7xvettxvvw9xbvnkzc7y6dgsp6sjrxj610832rmvttbs87hrdyn4f4j6tzsfwm4tzrs3f0cjert8km5jrx7bxhm59hwahrdpmez93jpmm1vz449d8degfxmf2etevmyd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClb3xPB0mYqesGMiBjuwP1Jq4kAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCyEd2fQYusj7gAgCoAwGqBPoBT9DkRRAiKAARMhkQZxnq9HcEBP3rd5WwM3wECA8YwAWniOlFOCA9JYNLWbk01HEqu4QmW98Ran7sTpcbtfWQeuP6X85FD9Y6VvkXxY9eMOkcWtLJvJXUC23ZPm_zJYRjVJochlIiLoHLlnszXG7CtYMSPXgUOLGwUaddr3vO-nQXawB-g7n0-dwC7jCq55yFl5J4bAUA7AmpYhKaW2TJOReJGYGShQRTzxzYf0lPOgcm30yCJQIpvAUg18BlLc2KtPXt7TrzIUVOuldWXRU8cOgx5WJwjLDNjWjRnK4Dl6oFVEF85MfScurtoKjt012LB88sk2qJa_rAiOAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3AhqbN47f59Tq4VlYF_7tJrHSsqw%26client%3Dca-pub-4903453974745530%26adurl%3D

Requested by

Host: f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com
URL: https://f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7daba3a3629a5895ad044d5af555b6f50d416314d2335db1507bba1d2bc4b6c1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e842e5b5a289052-FRA
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame 3333 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/window_focus_fy2019.js

Requested by

Host: f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com
URL: https://f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 14:56:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 82EE 1 KB
749 B 17ms
16ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com
URL: https://f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 07 Mar 2022 05:53:44 GMT
expires: Tue, 08 Mar 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 32596
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3333 124 KB
38 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com
URL: https://f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 14:57:00 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame 3333 15 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com
URL: https://f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 14:56:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3333 0
0 25ms
24ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaST7i0SBBCvEj7mSCHkufzgwDI4X1q95LEQdW1loZoScuXX-_wE-_NGzEkhgRrHzzL-CEuzAh-NlkK0MiY3uFaVPdz4ug
Requested by: Host: f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com
URL: https://f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3333 22 KB
7 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com
URL: https://f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 14:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Mar 2023 14:03:17 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 08D2 81 KB
11 KB 25ms
25ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jr7myrryjn81axw0z1a4a8h5qvs9h3vz4wk5nahzmk64vkhhvcc8q8gyk0jv38vxmen7vm5cwv0db7cp9ywb4bh5qa1cvadt0dxhfgnd29r687c5ddsryj4t9x8tfx7cghrjh35d34a9y219wgzkm87q9z2p8zg9wack880s6ceddp48dkbff7zgphm6cx5nkp9bpeznjwfg8ty0x9gcq7qnedsdfnakm29qaw68pb01rrcp4vvtdey9v77517r5fj9ga85dqvgxwt68xxhcp67arb40wkemdkhh184z6ew2qyn1kt7xvettxvvw9xbvnkzc7y6dgsp6sjrxj610832rmvttbs87hrdyn4f4j6tzsfwm4tzrs3f0cjert8km5jrx7bxhm59hwahrdpmez93jpmm1vz449d8degfxmf2etevmyd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClb3xPB0mYqesGMiBjuwP1Jq4kAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCyEd2fQYusj7gAgCoAwGqBPoBT9DkRRAiKAARMhkQZxnq9HcEBP3rd5WwM3wECA8YwAWniOlFOCA9JYNLWbk01HEqu4QmW98Ran7sTpcbtfWQeuP6X85FD9Y6VvkXxY9eMOkcWtLJvJXUC23ZPm_zJYRjVJochlIiLoHLlnszXG7CtYMSPXgUOLGwUaddr3vO-nQXawB-g7n0-dwC7jCq55yFl5J4bAUA7AmpYhKaW2TJOReJGYGShQRTzxzYf0lPOgcm30yCJQIpvAUg18BlLc2KtPXt7TrzIUVOuldWXRU8cOgx5WJwjLDNjWjRnK4Dl6oFVEF85MfScurtoKjt012LB88sk2qJa_rAiOAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3AhqbN47f59Tq4VlYF_7tJrHSsqw%26client%3Dca-pub-4903453974745530%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jr7myrryjn81axw0z1a4a8h5qvs9h3vz4wk5nahzmk64vkhhvcc8q8gyk0jv38vxmen7vm5cwv0db7cp9ywb4bh5qa1cvadt0dxhfgnd29r687c5ddsryj4t9x8tfx7cghrjh35d34a9y219wgzkm87q9z2p8zg9wack880s6ceddp48dkbff7zgphm6cx5nkp9bpeznjwfg8ty0x9gcq7qnedsdfnakm29qaw68pb01rrcp4vvtdey9v77517r5fj9ga85dqvgxwt68xxhcp67arb40wkemdkhh184z6ew2qyn1kt7xvettxvvw9xbvnkzc7y6dgsp6sjrxj610832rmvttbs87hrdyn4f4j6tzsfwm4tzrs3f0cjert8km5jrx7bxhm59hwahrdpmez93jpmm1vz449d8degfxmf2etevmyd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClb3xPB0mYqesGMiBjuwP1Jq4kAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCyEd2fQYusj7gAgCoAwGqBPoBT9DkRRAiKAARMhkQZxnq9HcEBP3rd5WwM3wECA8YwAWniOlFOCA9JYNLWbk01HEqu4QmW98Ran7sTpcbtfWQeuP6X85FD9Y6VvkXxY9eMOkcWtLJvJXUC23ZPm_zJYRjVJochlIiLoHLlnszXG7CtYMSPXgUOLGwUaddr3vO-nQXawB-g7n0-dwC7jCq55yFl5J4bAUA7AmpYhKaW2TJOReJGYGShQRTzxzYf0lPOgcm30yCJQIpvAUg18BlLc2KtPXt7TrzIUVOuldWXRU8cOgx5WJwjLDNjWjRnK4Dl6oFVEF85MfScurtoKjt012LB88sk2qJa_rAiOAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3AhqbN47f59Tq4VlYF_7tJrHSsqw%26client%3Dca-pub-4903453974745530%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1141623
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Tue, 22 Feb 2022 09:49:57 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6e842e5bdb0d9052-FRA
cf-bgj: minify

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 08D2 35 KB
13 KB 24ms
24ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jr7myrryjn81axw0z1a4a8h5qvs9h3vz4wk5nahzmk64vkhhvcc8q8gyk0jv38vxmen7vm5cwv0db7cp9ywb4bh5qa1cvadt0dxhfgnd29r687c5ddsryj4t9x8tfx7cghrjh35d34a9y219wgzkm87q9z2p8zg9wack880s6ceddp48dkbff7zgphm6cx5nkp9bpeznjwfg8ty0x9gcq7qnedsdfnakm29qaw68pb01rrcp4vvtdey9v77517r5fj9ga85dqvgxwt68xxhcp67arb40wkemdkhh184z6ew2qyn1kt7xvettxvvw9xbvnkzc7y6dgsp6sjrxj610832rmvttbs87hrdyn4f4j6tzsfwm4tzrs3f0cjert8km5jrx7bxhm59hwahrdpmez93jpmm1vz449d8degfxmf2etevmyd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClb3xPB0mYqesGMiBjuwP1Jq4kAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCyEd2fQYusj7gAgCoAwGqBPoBT9DkRRAiKAARMhkQZxnq9HcEBP3rd5WwM3wECA8YwAWniOlFOCA9JYNLWbk01HEqu4QmW98Ran7sTpcbtfWQeuP6X85FD9Y6VvkXxY9eMOkcWtLJvJXUC23ZPm_zJYRjVJochlIiLoHLlnszXG7CtYMSPXgUOLGwUaddr3vO-nQXawB-g7n0-dwC7jCq55yFl5J4bAUA7AmpYhKaW2TJOReJGYGShQRTzxzYf0lPOgcm30yCJQIpvAUg18BlLc2KtPXt7TrzIUVOuldWXRU8cOgx5WJwjLDNjWjRnK4Dl6oFVEF85MfScurtoKjt012LB88sk2qJa_rAiOAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3AhqbN47f59Tq4VlYF_7tJrHSsqw%26client%3Dca-pub-4903453974745530%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=tEZe3A==, md5=Jdq10Kok9oEWJwphx1gWLw==
date: Mon, 07 Mar 2022 14:57:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14119
x-guploader-uploadid: ADPycdsr5n4kU1rNLkiSrbRzdMb-9DabWoAfQTOrTOqZ3NYXVgPrNi4N3t5dVkDjvEN376F-ekn4TmbIv9GEx6HzMco
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 26 Jan 2022 11:00:45 GMT
server: cloudflare
etag: W/"25dab5d0aa24f68116270a61c758162f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0drKuvFRdGJBtxLZ4bbw76%2FNTco0PpaSGA%2BV3kYgn0asxomOVZw3wbBvHBimbcjynMsOZz7JqQlSqRe64U2T3wlwvGDgto%2F30ojeDWg8nakWnfHiWf0r46LJ%2BlvEyry%2Bb9siYqI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1643194845770575
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11870
cf-ray: 6e842e5bdb0f9052-FRA
expires: Mon, 07 Mar 2022 11:01:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CA37 708 B
367 B 25ms
25ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato&display=swap

Requested by

Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

230f27646f2460a7e13106d06ec50cb822acf254ae08fba4058aa06ca57b9dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 12:59:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 07 Mar 2022 14:57:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Mar 2022 14:57:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame CA37 82 KB
27 KB 23ms
23ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

1a1ceef0848eb5ea2c816e56c35b6be9fcee9295c976ac5b0da03d4552d9ac4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
server: sffe
etag: "1152 / 498 of 1000 / last-modified: 1646414401"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 07 Mar 2022 14:57:00 GMT

GET
DATA 200
OK truncated
/ Frame 3333 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fba7d2deac6fccf428cebc7a6cd114aaa711fd2c9d76eac3044d4eed40a14101

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 82EE
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKne-xMJx5nYTrqdxUN8rRU&google_cver=1&google_push=AYg5qPJqoTYKTQ0mpM4rW2A5GybMTzmMMZavWTtniUXuHDJnbmmbpuVBtAoT53PvSiPLCMehFQbBT5uwH3A1KDd0...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJqoTYKTQ0mpM4rW2A5GybMTzmMMZavWTtniUXuHDJnbmmbpuVBtAoT53PvSiPLCMehFQbBT5uwH3A1KDd05yFn5FDfPzLi

170 B
188 B

44ms
44ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJqoTYKTQ0mpM4rW2A5GybMTzmMMZavWTtniUXuHDJnbmmbpuVBtAoT53PvSiPLCMehFQbBT5uwH3A1KDd05yFn5FDfPzLi

Requested by

Host: f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com
URL: https://f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 07 Mar 2022 14:57:00 GMT
Server: MT3 4228 562d68b master zrh-pixel-x31 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJqoTYKTQ0mpM4rW2A5GybMTzmMMZavWTtniUXuHDJnbmmbpuVBtAoT53PvSiPLCMehFQbBT5uwH3A1KDd05yFn5FDfPzLi
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 07 Mar 2022 14:56:59 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 82EE
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBBzohjbmGZhQGiTGB9RSSM&google_cver=1&google_push=AYg5qPKMWvO0iMBJoXnKUOksHOzCSTtgXHTM7j8MJVgKtIk3cqHv52AQ_Ml4X67QddabjTLfKToE846eWcF87fLdK9mRjoetSmGB&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBBzohjbmGZhQGiTGB9RSSM&google_cver=1&google_push=AYg5qPKMWvO0iMBJoXnKUOksHOzCSTtgXHTM7j8MJVgKtIk3cqHv52AQ_Ml4X67QddabjTLfKToE846eWcF87fLdK9mRjoetSmG...

43 B
415 B

183ms
182ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBBzohjbmGZhQGiTGB9RSSM&google_cver=1&google_push=AYg5qPKMWvO0iMBJoXnKUOksHOzCSTtgXHTM7j8MJVgKtIk3cqHv52AQ_Ml4X67QddabjTLfKToE846eWcF87fLdK9mRjoetSmGB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKMWvO0iMBJoXnKUOksHOzCSTtgXHTM7j8MJVgKtIk3cqHv52AQ_Ml4X67QddabjTLfKToE846eWcF87fLdK9mRjoetSmGB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:01 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6e842e5e5ab491d1-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:01 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6e842e5d18cf91d1-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBBzohjbmGZhQGiTGB9RSSM&google_cver=1&google_push=AYg5qPKMWvO0iMBJoXnKUOksHOzCSTtgXHTM7j8MJVgKtIk3cqHv52AQ_Ml4X67QddabjTLfKToE846eWcF87fLdK9mRjoetSmGB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKMWvO0iMBJoXnKUOksHOzCSTtgXHTM7j8MJVgKtIk3cqHv52AQ_Ml4X67QddabjTLfKToE846eWcF87fLdK9mRjoetSmGB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 82EE
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEF3Yie-3ZYBr22aztXl9Qd4&google_cver=1&google_push=AYg5qPLBclyRGKi-Vhbxt0_2G1PkXNZPrt7a6r1tkEoJXM2JkLWPwB-YhIjB0dHUUD7OQ1n4KOlW19K47F_E5s...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA3MjM3MjQxMjY2NTE2NTk3NQ%3D%3D&google_push=AYg5qPLBclyRGKi-Vhbxt0_2G1PkXNZPrt7a6r1tkEoJXM2JkLWPwB-YhIjB0dHUUD7OQ1n4KOlW19K47F_E5sXZ5y...

170 B
188 B

47ms
47ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA3MjM3MjQxMjY2NTE2NTk3NQ%3D%3D&google_push=AYg5qPLBclyRGKi-Vhbxt0_2G1PkXNZPrt7a6r1tkEoJXM2JkLWPwB-YhIjB0dHUUD7OQ1n4KOlW19K47F_E5sXZ5yO03nYGpfk

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA3MjM3MjQxMjY2NTE2NTk3NQ%3D%3D&google_push=AYg5qPLBclyRGKi-Vhbxt0_2G1PkXNZPrt7a6r1tkEoJXM2JkLWPwB-YhIjB0dHUUD7OQ1n4KOlW19K47F_E5sXZ5yO03nYGpfk
Date: Mon, 07 Mar 2022 14:57:01 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 82EE
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEBeMVfq_6ANzAsfz1zcgRQU&google_cver=1&google_push=AYg5qPLR6gOaBQAasNcGd-p9GtytQQ_z6P6BBrfwv7WREv8sC9qU8x7T_ZFreoYGVD9vZ8F7rusOBLt5OFVvgeb43L8ISFq...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBeMVfq_6ANzAsfz1zcgRQU&google_cver=1&google_push=AYg5qPLR6gOaBQAasNcGd-p9GtytQQ_z6P6BBrfwv7WREv8sC9qU8x7T_ZFreoYGVD9vZ8F7rusOBLt5OFVvgeb43L8IS...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLR6gOaBQAasNcGd-p9GtytQQ_z6P6BBrfwv7WREv8sC9qU8x7T_ZFreoYGVD9vZ8F7rusOBLt5OFVvgeb43L8ISFqykTu_

170 B
188 B

45ms
44ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLR6gOaBQAasNcGd-p9GtytQQ_z6P6BBrfwv7WREv8sC9qU8x7T_ZFreoYGVD9vZ8F7rusOBLt5OFVvgeb43L8ISFqykTu_

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLR6gOaBQAasNcGd-p9GtytQQ_z6P6BBrfwv7WREv8sC9qU8x7T_ZFreoYGVD9vZ8F7rusOBLt5OFVvgeb43L8ISFqykTu_
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 82EE
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN4SmEtQwhRmKkuHS45pFRQ&google_cver=1&google_push=AYg5qPJMJKTB1H8w1c1DqGc45_oqGVaYCHrTWSPhEHjkOJL6sRPzet8MyoqGKWhN6RIVgIim2zjRuaSH...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc5MjIyMzA3OTA1OTk4MzAwMw&google_push=AYg5qPJMJKTB1H8w1c1DqGc45_oqGVaYCHrTWSPhEHjkOJL6sRPzet8MyoqGKWhN6RIVgIim2zjRua...

170 B
188 B

44ms
44ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc5MjIyMzA3OTA1OTk4MzAwMw&google_push=AYg5qPJMJKTB1H8w1c1DqGc45_oqGVaYCHrTWSPhEHjkOJL6sRPzet8MyoqGKWhN6RIVgIim2zjRuaSHFugzRu-mU1-fFXEpLYrT

Requested by

Host: f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com
URL: https://f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:00 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc5MjIyMzA3OTA1OTk4MzAwMw&google_push=AYg5qPJMJKTB1H8w1c1DqGc45_oqGVaYCHrTWSPhEHjkOJL6sRPzet8MyoqGKWhN6RIVgIim2zjRuaSHFugzRu-mU1-fFXEpLYrT
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 82EE
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJDG30GvJ24PIHJs9zIt_ds&google_cver=1&google_push=AYg5qPJgXz6hx8s6nh4KNbzvzBTAv039rfID-7RmyK-A_Q6aHGBVOoTI1fqYoP0u6mw15k8sU2U...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBHVFU1Vk8tMUQtR01YNQ==&google_push=AYg5qPJgXz6hx8s6nh4KNbzvzBTAv039rfID-7RmyK-A_Q6aHGBVOoTI1fqYoP0u6mw15k8sU2UZtb2-SO8POtR9RJucS8JMmhw

170 B
188 B

43ms
42ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBHVFU1Vk8tMUQtR01YNQ==&google_push=AYg5qPJgXz6hx8s6nh4KNbzvzBTAv039rfID-7RmyK-A_Q6aHGBVOoTI1fqYoP0u6mw15k8sU2UZtb2-SO8POtR9RJucS8JMmhw

Requested by

Host: f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com
URL: https://f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBHVFU1Vk8tMUQtR01YNQ==&google_push=AYg5qPJgXz6hx8s6nh4KNbzvzBTAv039rfID-7RmyK-A_Q6aHGBVOoTI1fqYoP0u6mw15k8sU2UZtb2-SO8POtR9RJucS8JMmhw
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 82EE 0
12 B 24ms
23ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L_93mZFWbDS_fyw_Sto28ZPAOgyLFWogJMj0KEY07Atc0AecO7g0hk0yAtgt3J6A

Requested by

Host: f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com
URL: https://f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame CA37 23 KB
23 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nets4.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:30:55 GMT
x-content-type-options: nosniff
age: 415565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:30:55 GMT

GET
H3 200 pubads_impl_2022030101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame CA37 365 KB
122 KB 15ms
15ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

0bc44ea79e71bea23b78759ad6113a2106a0708b2db4988b73f47f3aa10f78fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:42:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 895
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124868
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 09:35:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Mar 2023 14:42:05 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame EBB2 2 KB
2 KB 43ms
42ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0f5d370325f16a7376e58146e32dfe7ca994b883b3a0342f531c62359cd7255

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6e842e5d6ba99174-FRA
date: Mon, 07 Mar 2022 14:57:01 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqnCYIOD3Zjn7VvUGd1VkrRxGsCePpvmEuCzC8jjj1RgFUrDWR0TLyHXaO%2FxIvIbHi8WveRe5qJDl8UibKbBkvwOa42%2B4VIgQM92cAaue5YrD2QZFZo0HnB0%2Flmqv4m1Boffd2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-bjhb

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 08D2 3 KB
4 KB 159ms
35ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Mon, 07 Mar 2022 14:57:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3569302
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYP0IdrNHsbIOnXSgFK3VpggSaOXp2wKUl6Xpm0ZeqQNRqzrLrh0NMvV0oB1U0utC%2BkAwpL6oMTEgBG1lbybigNCVjlCwaknSTa7YcXLHFbMvVzLPrzMoLZqZTx0Pq8HMjyYbXm2FOaR91o9bWDZktfG"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6e842e5d1d279b46-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 7597 2 KB
2 KB 26ms
25ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdugBLBP-Vwd2B9WHPfqz7wLElCJPL4RDx_q8DQF8SE2-ZYKEh4d8NJI0q3TqTXs-Lt8QdoPKRS3lY5o3ig520BPzOfHoA
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
expires: Mon, 07 Mar 2022 15:57:00 GMT
cache-control: public, max-age=3600
last-modified: Wed, 06 May 2020 15:09:30 GMT
age: 891822
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WpW39068DCbhROwA3cECJY8IlJHowpZdYCBOLYoCaoSrRsBDZ3JWkAjag0l8tCmKlCv%2FsFP4Dg7NtedSaEwAMrYbinxSbq%2FRCpJKc8c%2BN%2F8MDt5%2Fm4w%2BuvgLnvYuqIDZL0H64o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6e842e5d1d0a9052-FRA
content-encoding: br

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EC05 0
9 B 15ms
15ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?k1IGZw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF0F 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030201&jk=2410310622912297&bg=!Q0ClQATNAAb7UztL-1M7ACkAdvg8WscEa_tKhJsPzwbrW3iddhqhddeuIcGmcfVL2l6P5Ag8Q2fW0AIAAAF_UgAAAAJoAQeZArRqHmfdAewrwf7i9xljZMlBWvn1_xQ9TKh3o9N84w0B7KGW706cGOnc_1Pl9H5ggSSz34A0jxBPH7hD3MC2C-iRbqcURSdYk-Ht47fhRwEaJ351gXNkb0OJqtiEfTIyZr-PMH4pd3uut5-tf7hhxhJOSiwNDIp1nGiAQqsfr-lfWF3IfWZ10MKAOguBUuKUx2n_nGwzgiV9gTb74hE-GQh3swJi8OPBeV6acuucJBJUBZy9U8U7lqzJRqyB-QGygjg4jSl2yeP4zgbKRi_t5g2ilR3XspS0wtLJVfrK5e7Ht_oCzhiJF9L8CDlnuT9WfRzJRSFhxLuv4kojYcqmbXGBwM1YvvoUTHU-sWpM6qMwEVzvmhinPdsDG2XBCUO16I2YJgUN3Z6DizHAnHy9I-whkNd2c2wFINYZtMz0yFiip4LWcEQnFP9IMUtk3qOZnkFmjZUQtSihGj_q8U5F3BCa-WPqPRLAr8jJcL_BZ5CJW2S_f1YwLONrxK3KQBh_wAJ7u9GWij1qiT3ETSfBj2yNfHNWoyzgqWwIJ0E0aa0wJhmrQheAo2W6TAE0LqvWAIIYXueDBHCTEEbdwCZs1d4oJqgiEOWr1davDC0Tq4ldWtWmPziFzpEzHxxeOchWKLMtOHgT8oNpcSHogX-rXxfWsipNLB_JRgeAjlJbc1R1C8Q465OFrgwn5lRePaByVRBz5jctNryi0ac5YC_i_RuzXwgWHoU_g5j1b3uYUNn39kCMXTCgjjKKI4NbkDhoh7YzPqdKKOWdzjPgeSusfQw_rb_TuTk0JY2AQ_wDUQz1mwxt9aPS-QXpieUoYZKrPiXyc1MLJeB8KDHgvdr805Ptgb3gzHmyS_t4P2sllmllPDHGzz8l-OniD3Xlm0uI4PP2z9EoGEUd-E3yskn7d94QWTDz_Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4697 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030101&jk=2968988290597184&bg=!ysmlyY3NAAb7UztL-1M7ACkAdvg8Wi3kIRWuWNtTstu1Cuo2gjxcWTHf-7tuuRMJDIZxM-dGUi9D6QIAAAHRUgAAAAFoAQcKAJdA8Tmkff6o03Gm0toDpHobkSLJcI8iQPfUwG2Sfv3ZwLl25ICuPwWAUjdibXHOi0x2oImBIc6lqXjlQVUSRh5oQHCTPm1cjR6Pf6jgEhd0cXjDlfTL-j1LuIqqgokJVX0CxIYVCBXWFl7F-Bqj7ZJsFNO0hu-czeG1cDzPR4cn6nW00pS8yidztMCl_TZy6d4j-2QJUrSamQKiTTSayHQlBRhdDjQ-dGJKT3I9erYF2CfPHYC8WZ4GaPQ6OL1_LuEinv9u12TzkhNUd5wwHXjhRmbyTNQHILowVU1CpbFCP0kuay7dIt765hrNC2ktXmPf4tIHjZcyWVaPpFmt92Vk2jk5ZOaWiCBaWvPB_ossAeRIcJ_mhzCobUIF5UyCBs5m1dPQK1yJEfHgAlAIRzBh0lKI_zDzNtPtJE9cvdehXv4NS0yH_YbLbtC42HlFK90wLsU7lsTyqZbrEmcCivnkgfxKqVcmHa3lqBuYUWGuYkWr1_6l0v3FtSuTCmOEtjKmZFyfnycpFOo3u9TnUUnzPwyPM9fRdWpfosU_Nw-N04lOTuinGwWR8hBjRERowuGl7212tJVjo06lEFodGJEjQdSQZ3ceys2p-Ewc98OTKEk3t75Eb9DZELYOSv8aiZxY9MDRgtdcukvJXyfhBVcAe9KRjvY8OHqrDCP06jJGkrjPBUCnlHeO3QfVL3YqhkCgYcnq5F8K1oLNMOCKGDGAY4wQxakhbO7cMu0Ny_ZhzYfyP_34pUBFVsTdtjMS301pYkwcJx_gG63sMZx146UhGs0eIy-MuHr00KNicRm6Z8BN1SOkrV50EZq8UvMR3NkluQlg-kV2qsLkIShiARp82Yo5wA8zVbOByHmeMl2u7ZJNsKTeBD1nPcHcYCO_JqyybGHJt4O8Yn1yl24wI9W9nbv2zz2A6tQdmslTIkUEciFrG27DsotYSdWjpo7VuWa0dYkrWXW3gzeykEhjrp21bm1KrKjYCPQCihXQ_IlQTPhbN0aoDIuizjks23T62NWdONZ9knd5uuICx1qhnCyZJ5Ynanq5Mz7Xg7ZJYWTE0skg7m-jYoe-oEY9l1-T4Fevz6C94SOCxYcCwGE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 173ms
45ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-bjhb
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FpwnrAZnDUbhjUxNv8GJ1nrjvkGRHJS%2BLcKfR%2F745WLVofoiQyT0hfw0N808ru6xng%2FtRhv3mCYef%2B8Tvr%2Bdwf3UeeyKUq4BUM9MLCgz3I1hakOBNMcr2D4rIFo%2B01dKZHgx7AU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e842e5d2ad89174-FRA

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame CA37 107 B
122 B 24ms
24ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nets4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 14:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame CA37 107 B
122 B 25ms
25ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nets4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 14:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame CA37 25 KB
11 KB 219ms
218ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1567783009156909&correlator=4481170239037485&eid=31065294%2C31065485%2C31065504%2C21068767%2C44752585&output=ldjh&gdfp_req=1&vrg=2022030101&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220307&iu_parts=22178702878%2Cpurpleapl%2Callsizes&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C320x100%7C300x250&eri=4&cookie=ID%3D8a3a6984fdd0fedd%3AT%3D1646665019%3AS%3DALNI_MZBGKVXtiM3Bb7RGYUQfzWisybbuQ&abxe=1&dt=1646665021000&dlt=1646665020766&idt=224&ea=0&biw=1600&bih=1200&isw=345&ish=85&oid=2&adxs=1244&adys=1121&ucis=2qvf1s2q69rl&adks=2992467494&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fevilmark.com&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=345x0&msz=345x0&ga_vid=1852444038.1646665018&ga_sid=1646665021&ga_hid=886380106&ga_fc=true&fws=256&ohw=0&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

1c1777ca1edcecb8c60b4e02eff466a12d967c171d491192eca2192034997018

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11268
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nets4.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A7AB 6 KB
3 KB 59ms
24ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 07 Mar 2022 14:57:01 GMT
expires: Tue, 07 Mar 2023 14:57:01 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame B704 82 KB
27 KB 25ms
25ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

1a1ceef0848eb5ea2c816e56c35b6be9fcee9295c976ac5b0da03d4552d9ac4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
server: sffe
etag: "1152 / 827 of 1000 / last-modified: 1646414401"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 07 Mar 2022 14:57:01 GMT

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 41ms
40ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-bjhb
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5bzFInobui5tqgKNyT%2Fd4pWOJ68sHrqxZkoz%2FLnLbsWU3H%2FQmVfDdT%2F4rOrUN4sgeeeKKrfFx2HMqGALHzqwoChnRMZRa8uzIamoPnX8pIAgJgN1hTmyU7mA9%2FlJIn%2BKR%2B4xSQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e842e5d9c0f9174-FRA

POST
H3 200 rs Show response
ad4m.at/ Frame 08D2 2 KB
2 KB 49ms
49ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 010dbc892a6fba63ff4bfba46a41e272caad8d790570feb3c636324aa8a52777

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6e842e5ddcb49174-FRA
date: Mon, 07 Mar 2022 14:57:01 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2B9cOvD3tc2vdYhub4ucIXEOFLZfs4I0YV8P%2Btgp%2FDqsYU0y73QsqmZDyDiXmVFBuw8OhqQGxKnTn%2FBThiDdkfc93ZHbpOcm16pg%2BSfjw%2BveRnpyYtiguQ%2BcsV%2B9oo4%2FeV%2F4ROg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-bjhb

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 1095 7 KB
4 KB 33ms
32ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=19483%2C166402%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=c61270540eccc2c9e1f0ad9fc0999eb0%2F9829051920461254654&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021045&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1htch1jkmrxdwj6jhydj7srqv63vf0fbcskktmzzdpz57hms4x1xypw9q7kh1zc9s2cm41w3xak798be2234q78162yvbfjydzwdw0zkbn12hevjhwaxd9dm7hgpen7b9yzery71g1prm7kfa2vw2yv4xjqy62k82kanf6xsj376rmwfvc8erjefp3wp3xss31q7wketp4tx6m4xs42sjg4fscd89rsaxja345zvvnpf46drmssasmmb7hcxvc9t1v54gbc27yadxzgcrktg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVNw-Ox0mYuaOPMT83wPujJ04kOGBhFy2qMKK8ALAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKABwq7o3QPIAQmpAshHdn0GLrI-4AIAqAMBqgT7AU_QbUDRO4Vehpl_JthkOSpowpg8dMNC3WpYnGprykq2z-wsdZicLJtx6-ZT5UPksptq-bfIoXLtQuP_31mmNZ2JlfWwJHSioZsGeHDonXJ3n3k4rTkFOxwv6IWZwJTL43RMRzqAPt0Bm9V6AjjHan5uHI-s0LtkLef-jQ17jFlcJRpPWUugJvB1tlsR9Gshf_kNKwbS1VZMR4VPDcXWRBRSPWZaxkRBWmQ2gALS3XhNObPuMkTw96wTrpzFPZPD5IskyLK4C-EAvfTs-hG_Fxr1bIh0r0xguTUf49Ao_vgHzodrLzIHVZAOjfIpRbE3QabRi5_Ii0U7fzm24AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3iltjcZ37znudFHI4p-4f7Tg1uTQ%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ceead46a3e055359a45fcc3d8e878159af27f049c6d4a4b10b4dc5b7441f5676

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hyvyt6bagwx1p5m0wzx37ztkyh6ctyw10zd1h02zh0ksk8dc9vaw58zdkp6597ftbmwndh29d78n0xntscj6p78ax9j3ftwsb84vcgwt1f7qzc20w5d130et1pq0erf0ymme9fdj442nmshwb3pjm638v5gxaf6g8a57gqw4nxr57cazdb7vwz4vjj9vww3fxxc6fe9fr585cmxe23664ptfgppfms95n1mjsmk1yjpws3bhtkvqfdnbcpgt8k6an9pa3vzdgby44f2vcvm8tkz6s699n75f3dsrzjbavdwp1t4am9j56ahnfr3888dx3saejxwmzayjtjsjfx7mqagzd7zjywwcwjff5t3m2bsq7dgg9yrgp1b7550t8fbbdywqby0jcyfwtwjvhe5d53m1esnz0j2y06bcan8whpmke15g6bkt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVNw-Ox0mYuaOPMT83wPujJ04kOGBhFy2qMKK8ALAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKABwq7o3QPIAQmpAshHdn0GLrI-4AIAqAMBqgT7AU_QbUDRO4Vehpl_JthkOSpowpg8dMNC3WpYnGprykq2z-wsdZicLJtx6-ZT5UPksptq-bfIoXLtQuP_31mmNZ2JlfWwJHSioZsGeHDonXJ3n3k4rTkFOxwv6IWZwJTL43RMRzqAPt0Bm9V6AjjHan5uHI-s0LtkLef-jQ17jFlcJRpPWUugJvB1tlsR9Gshf_kNKwbS1VZMR4VPDcXWRBRSPWZaxkRBWmQ2gALS3XhNObPuMkTw96wTrpzFPZPD5IskyLK4C-EAvfTs-hG_Fxr1bIh0r0xguTUf49Ao_vgHzodrLzIHVZAOjfIpRbE3QabRi5_Ii0U7fzm24AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3iltjcZ37znudFHI4p-4f7Tg1uTQ%26client%3Dca-pub-4903453974745530%26adurl%3D

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e842e5dbdf79052-FRA
content-encoding: br

GET
H3 200 pubads_impl_2022030101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B704 365 KB
122 KB 16ms
15ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

0bc44ea79e71bea23b78759ad6113a2106a0708b2db4988b73f47f3aa10f78fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:42:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 896
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124868
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 09:35:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Mar 2023 14:42:05 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CA37 13 KB
10 KB 35ms
35ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38aec58b392722657a2ca8c670d57431451060a484f264cec8e101819d4da4d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 14:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10479
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame B704 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nets4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 14:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame B704 107 B
122 B 26ms
26ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nets4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 14:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B704 26 KB
11 KB 246ms
246ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1838896244044700&correlator=4466859247348473&eid=31065435%2C31065503&output=ldjh&gdfp_req=1&vrg=2022030101&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220307&iu_parts=21902364955%3A22652385948%2Ccm_pu_nets4.com_technology_and_computing_top%2Ccm_pu_nets4.com_technology_and_computing_btf_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&eri=4&cookie=ID%3D8a3a6984fdd0fedd%3AT%3D1646665019%3AS%3DALNI_MZBGKVXtiM3Bb7RGYUQfzWisybbuQ&abxe=1&dt=1646665021125&dlt=1646665021027&idt=85&ea=0&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=294&adys=4430&ucis=aiano1agilyc&adks=471609500&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fevilmark.com&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=1852444038.1646665018&ga_sid=1646665021&ga_hid=487357009&ga_fc=true&fws=256&ohw=0&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

0344667e6d81b6d655667ea9d822973d786d6bc1417be0b1aa12ff6de4558a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11187
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nets4.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B704 13 KB
10 KB 32ms
31ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bea96e526312acbf44cb0af30dac11485b3f9886f4037cc082f92e0b0f8dd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 14:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10355
x-xss-protection: 0

GET
H2 200 container.html Show response
c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9A7B 6 KB
3 KB 61ms
24ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 07 Mar 2022 14:57:01 GMT
expires: Tue, 07 Mar 2023 14:57:01 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 1095 81 KB
11 KB 47ms
46ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19483%2C166402%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=c61270540eccc2c9e1f0ad9fc0999eb0%2F9829051920461254654&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021045&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1htch1jkmrxdwj6jhydj7srqv63vf0fbcskktmzzdpz57hms4x1xypw9q7kh1zc9s2cm41w3xak798be2234q78162yvbfjydzwdw0zkbn12hevjhwaxd9dm7hgpen7b9yzery71g1prm7kfa2vw2yv4xjqy62k82kanf6xsj376rmwfvc8erjefp3wp3xss31q7wketp4tx6m4xs42sjg4fscd89rsaxja345zvvnpf46drmssasmmb7hcxvc9t1v54gbc27yadxzgcrktg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVNw-Ox0mYuaOPMT83wPujJ04kOGBhFy2qMKK8ALAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKABwq7o3QPIAQmpAshHdn0GLrI-4AIAqAMBqgT7AU_QbUDRO4Vehpl_JthkOSpowpg8dMNC3WpYnGprykq2z-wsdZicLJtx6-ZT5UPksptq-bfIoXLtQuP_31mmNZ2JlfWwJHSioZsGeHDonXJ3n3k4rTkFOxwv6IWZwJTL43RMRzqAPt0Bm9V6AjjHan5uHI-s0LtkLef-jQ17jFlcJRpPWUugJvB1tlsR9Gshf_kNKwbS1VZMR4VPDcXWRBRSPWZaxkRBWmQ2gALS3XhNObPuMkTw96wTrpzFPZPD5IskyLK4C-EAvfTs-hG_Fxr1bIh0r0xguTUf49Ao_vgHzodrLzIHVZAOjfIpRbE3QabRi5_Ii0U7fzm24AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3iltjcZ37znudFHI4p-4f7Tg1uTQ%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=19483%2C166402%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=c61270540eccc2c9e1f0ad9fc0999eb0%2F9829051920461254654&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021045&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1htch1jkmrxdwj6jhydj7srqv63vf0fbcskktmzzdpz57hms4x1xypw9q7kh1zc9s2cm41w3xak798be2234q78162yvbfjydzwdw0zkbn12hevjhwaxd9dm7hgpen7b9yzery71g1prm7kfa2vw2yv4xjqy62k82kanf6xsj376rmwfvc8erjefp3wp3xss31q7wketp4tx6m4xs42sjg4fscd89rsaxja345zvvnpf46drmssasmmb7hcxvc9t1v54gbc27yadxzgcrktg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVNw-Ox0mYuaOPMT83wPujJ04kOGBhFy2qMKK8ALAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKABwq7o3QPIAQmpAshHdn0GLrI-4AIAqAMBqgT7AU_QbUDRO4Vehpl_JthkOSpowpg8dMNC3WpYnGprykq2z-wsdZicLJtx6-ZT5UPksptq-bfIoXLtQuP_31mmNZ2JlfWwJHSioZsGeHDonXJ3n3k4rTkFOxwv6IWZwJTL43RMRzqAPt0Bm9V6AjjHan5uHI-s0LtkLef-jQ17jFlcJRpPWUugJvB1tlsR9Gshf_kNKwbS1VZMR4VPDcXWRBRSPWZaxkRBWmQ2gALS3XhNObPuMkTw96wTrpzFPZPD5IskyLK4C-EAvfTs-hG_Fxr1bIh0r0xguTUf49Ao_vgHzodrLzIHVZAOjfIpRbE3QabRi5_Ii0U7fzm24AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3iltjcZ37znudFHI4p-4f7Tg1uTQ%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1141624
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Tue, 22 Feb 2022 09:49:57 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6e842e5e2ee79052-FRA
cf-bgj: minify

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 1095 53 KB
54 KB 33ms
32ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19483%2C166402%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=c61270540eccc2c9e1f0ad9fc0999eb0%2F9829051920461254654&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021045&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1htch1jkmrxdwj6jhydj7srqv63vf0fbcskktmzzdpz57hms4x1xypw9q7kh1zc9s2cm41w3xak798be2234q78162yvbfjydzwdw0zkbn12hevjhwaxd9dm7hgpen7b9yzery71g1prm7kfa2vw2yv4xjqy62k82kanf6xsj376rmwfvc8erjefp3wp3xss31q7wketp4tx6m4xs42sjg4fscd89rsaxja345zvvnpf46drmssasmmb7hcxvc9t1v54gbc27yadxzgcrktg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVNw-Ox0mYuaOPMT83wPujJ04kOGBhFy2qMKK8ALAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKABwq7o3QPIAQmpAshHdn0GLrI-4AIAqAMBqgT7AU_QbUDRO4Vehpl_JthkOSpowpg8dMNC3WpYnGprykq2z-wsdZicLJtx6-ZT5UPksptq-bfIoXLtQuP_31mmNZ2JlfWwJHSioZsGeHDonXJ3n3k4rTkFOxwv6IWZwJTL43RMRzqAPt0Bm9V6AjjHan5uHI-s0LtkLef-jQ17jFlcJRpPWUugJvB1tlsR9Gshf_kNKwbS1VZMR4VPDcXWRBRSPWZaxkRBWmQ2gALS3XhNObPuMkTw96wTrpzFPZPD5IskyLK4C-EAvfTs-hG_Fxr1bIh0r0xguTUf49Ao_vgHzodrLzIHVZAOjfIpRbE3QabRi5_Ii0U7fzm24AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3iltjcZ37znudFHI4p-4f7Tg1uTQ%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date: Mon, 07 Mar 2022 14:57:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34347
cf-polished: origFmt=png, origSize=115129
x-guploader-uploadid: ADPycdvKX8mGM2PnfraCC58KlQyaVbbaj30f9zqrmxIfH7eDJsqj3znY0JHzELdaMUkS21kysahRI08zn8lpUJSkCk_kHgqUfA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SxAkR4rOa1l5KfriRnUIqu0crmWSQ2P2H5ooEkcCjrF5rozm5plJq8t7Kyvj4GKpVl4igHtQIswTZ4BfyaBvRcP6g3Rv69l2Ioz7p5ao03sE7ed6XTLjJMzwmV76SWfjtVUJFgQZvnDjIJb6"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883484779402
content-type: image/webp
expires: Tue, 08 Mar 2022 14:57:01 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 115129
accept-ranges: bytes
cf-ray: 6e842e5e2c9f9bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 C0E2E65BC4D69E2C5F9D514A5041B6B0AE0E5BB863260C3B30D59861DF186AFE1011A812913038724AE6F6D9126CEA97123592CC0CACE3B08B0DF96C2064CD70
assets.ad4m.at/ Frame 1095 18 KB
18 KB 37ms
35ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/C0E2E65BC4D69E2C5F9D514A5041B6B0AE0E5BB863260C3B30D59861DF186AFE1011A812913038724AE6F6D9126CEA97123592CC0CACE3B08B0DF96C2064CD70
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19483%2C166402%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=c61270540eccc2c9e1f0ad9fc0999eb0%2F9829051920461254654&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021045&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1htch1jkmrxdwj6jhydj7srqv63vf0fbcskktmzzdpz57hms4x1xypw9q7kh1zc9s2cm41w3xak798be2234q78162yvbfjydzwdw0zkbn12hevjhwaxd9dm7hgpen7b9yzery71g1prm7kfa2vw2yv4xjqy62k82kanf6xsj376rmwfvc8erjefp3wp3xss31q7wketp4tx6m4xs42sjg4fscd89rsaxja345zvvnpf46drmssasmmb7hcxvc9t1v54gbc27yadxzgcrktg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVNw-Ox0mYuaOPMT83wPujJ04kOGBhFy2qMKK8ALAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKABwq7o3QPIAQmpAshHdn0GLrI-4AIAqAMBqgT7AU_QbUDRO4Vehpl_JthkOSpowpg8dMNC3WpYnGprykq2z-wsdZicLJtx6-ZT5UPksptq-bfIoXLtQuP_31mmNZ2JlfWwJHSioZsGeHDonXJ3n3k4rTkFOxwv6IWZwJTL43RMRzqAPt0Bm9V6AjjHan5uHI-s0LtkLef-jQ17jFlcJRpPWUugJvB1tlsR9Gshf_kNKwbS1VZMR4VPDcXWRBRSPWZaxkRBWmQ2gALS3XhNObPuMkTw96wTrpzFPZPD5IskyLK4C-EAvfTs-hG_Fxr1bIh0r0xguTUf49Ao_vgHzodrLzIHVZAOjfIpRbE3QabRi5_Ii0U7fzm24AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3iltjcZ37znudFHI4p-4f7Tg1uTQ%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34be38d133fe32063b42903021ab00b51e6ba9190777a9a331a323295e8cc4b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=Pv/FNg==, md5=webz2VYvtsFrTnTrxC/AHQ==
date: Mon, 07 Mar 2022 14:57:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13123
cf-polished: qual=85, origFmt=jpeg, origSize=44231
x-guploader-uploadid: ADPycdsT0Jomgev1G2uZUP581mlSnq1ZFpE7RF-kMRgefQe5PZzOGEgmSagCkuSXJk36HD4drHslrz-_A_gpyyp1nqxZ_Tte8w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18262
last-modified: Wed, 05 Feb 2020 14:11:28 GMT
server: cloudflare
etag: "c1e6f3d9562fb6c16b4e74ebc42fc01d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLyiOFiDtvzvfsZF1z7A2Sz%2FNzXx4xx7zA%2FqnckGjQmYeWonqVrMPplJKyPv8BAs3a%2FYCc2v3kJXJkg6CWK6pYjRYIvwfNR%2FeS2wvcM7Irm3FltDdxgaYXAaUkBz%2BVQMxlIeZaTG%2FsaS4fcg"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1580911888990293
content-type: image/webp
expires: Tue, 08 Mar 2022 14:57:01 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44231
accept-ranges: bytes
cf-ray: 6e842e5e3cca9bca-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 1095
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneid3bgFpf14UB63a7HrHAtEt997f8TWTReadoneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_...
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneid3bgFpf14UB63a7HrHAtEt997f8TWTReadoneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_cons...
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022030715570165227498483X117679V1226132702MSoneid3bgFpf14UB63a7HrHAtEt997f8TWTReadoneid__asuidydAtynF...

49 B
2 KB

96ms
31ms

Image
image/gif

46.4.62.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022030715570165227498483X117679V1226132702MSoneid3bgFpf14UB63a7HrHAtEt997f8TWTReadoneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth&spid=2022030715570165227498483X117679V1226132702MSoneid3bgFpf14UB63a7HrHAtEt997f8TWTReadoneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19483%2C166402%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=c61270540eccc2c9e1f0ad9fc0999eb0%2F9829051920461254654&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021045&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1htch1jkmrxdwj6jhydj7srqv63vf0fbcskktmzzdpz57hms4x1xypw9q7kh1zc9s2cm41w3xak798be2234q78162yvbfjydzwdw0zkbn12hevjhwaxd9dm7hgpen7b9yzery71g1prm7kfa2vw2yv4xjqy62k82kanf6xsj376rmwfvc8erjefp3wp3xss31q7wketp4tx6m4xs42sjg4fscd89rsaxja345zvvnpf46drmssasmmb7hcxvc9t1v54gbc27yadxzgcrktg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVNw-Ox0mYuaOPMT83wPujJ04kOGBhFy2qMKK8ALAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKABwq7o3QPIAQmpAshHdn0GLrI-4AIAqAMBqgT7AU_QbUDRO4Vehpl_JthkOSpowpg8dMNC3WpYnGprykq2z-wsdZicLJtx6-ZT5UPksptq-bfIoXLtQuP_31mmNZ2JlfWwJHSioZsGeHDonXJ3n3k4rTkFOxwv6IWZwJTL43RMRzqAPt0Bm9V6AjjHan5uHI-s0LtkLef-jQ17jFlcJRpPWUugJvB1tlsR9Gshf_kNKwbS1VZMR4VPDcXWRBRSPWZaxkRBWmQ2gALS3XhNObPuMkTw96wTrpzFPZPD5IskyLK4C-EAvfTs-hG_Fxr1bIh0r0xguTUf49Ao_vgHzodrLzIHVZAOjfIpRbE3QabRi5_Ii0U7fzm24AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3iltjcZ37znudFHI4p-4f7Tg1uTQ%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Server: 46.4.62.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads4.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 14:57:01 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022030715570165227498483X117679V1226132702MSoneid3bgFpf14UB63a7HrHAtEt997f8TWTReadoneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth&spid=2022030715570165227498483X117679V1226132702MSoneid3bgFpf14UB63a7HrHAtEt997f8TWTReadoneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679
date: Mon, 07 Mar 2022 14:57:01 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 1095 9 KB
10 KB 26ms
24ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19483%2C166402%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=c61270540eccc2c9e1f0ad9fc0999eb0%2F9829051920461254654&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021045&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1htch1jkmrxdwj6jhydj7srqv63vf0fbcskktmzzdpz57hms4x1xypw9q7kh1zc9s2cm41w3xak798be2234q78162yvbfjydzwdw0zkbn12hevjhwaxd9dm7hgpen7b9yzery71g1prm7kfa2vw2yv4xjqy62k82kanf6xsj376rmwfvc8erjefp3wp3xss31q7wketp4tx6m4xs42sjg4fscd89rsaxja345zvvnpf46drmssasmmb7hcxvc9t1v54gbc27yadxzgcrktg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVNw-Ox0mYuaOPMT83wPujJ04kOGBhFy2qMKK8ALAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKABwq7o3QPIAQmpAshHdn0GLrI-4AIAqAMBqgT7AU_QbUDRO4Vehpl_JthkOSpowpg8dMNC3WpYnGprykq2z-wsdZicLJtx6-ZT5UPksptq-bfIoXLtQuP_31mmNZ2JlfWwJHSioZsGeHDonXJ3n3k4rTkFOxwv6IWZwJTL43RMRzqAPt0Bm9V6AjjHan5uHI-s0LtkLef-jQ17jFlcJRpPWUugJvB1tlsR9Gshf_kNKwbS1VZMR4VPDcXWRBRSPWZaxkRBWmQ2gALS3XhNObPuMkTw96wTrpzFPZPD5IskyLK4C-EAvfTs-hG_Fxr1bIh0r0xguTUf49Ao_vgHzodrLzIHVZAOjfIpRbE3QabRi5_Ii0U7fzm24AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3iltjcZ37znudFHI4p-4f7Tg1uTQ%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date: Mon, 07 Mar 2022 14:57:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67736
cf-polished: origFmt=png, origSize=24833
x-guploader-uploadid: ADPycdsnq_FxRBPAGIWlTVT4MNIcFxhwg1N84t25Pi2je_gf7vRha94_rBT7F7-AVwbeX5gDh9kywQ70MbRa47q0RGx-OBETbg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9258
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3V0%2F90XdgCd6cvZltQ9Amhf1TgULiySh9NFGbwXrVnSNDXHJORKMv5kwJuB%2BSKmiOyW0mw0xxp3ZHXQmppAhEgkQCvHSWZ3FaAy0euhuzJeqFvjrHepBT%2F6TkaNBUOQMpV%2Fefp%2ByrNTrrFQ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883517528266
content-type: image/webp
expires: Tue, 08 Mar 2022 14:57:01 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 24833
accept-ranges: bytes
cf-ray: 6e842e5e3ccb9bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
assets.ad4m.at/product_image/ Frame 1095 19 KB
19 KB 36ms
35ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19483%2C166402%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=c61270540eccc2c9e1f0ad9fc0999eb0%2F9829051920461254654&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021045&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1htch1jkmrxdwj6jhydj7srqv63vf0fbcskktmzzdpz57hms4x1xypw9q7kh1zc9s2cm41w3xak798be2234q78162yvbfjydzwdw0zkbn12hevjhwaxd9dm7hgpen7b9yzery71g1prm7kfa2vw2yv4xjqy62k82kanf6xsj376rmwfvc8erjefp3wp3xss31q7wketp4tx6m4xs42sjg4fscd89rsaxja345zvvnpf46drmssasmmb7hcxvc9t1v54gbc27yadxzgcrktg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVNw-Ox0mYuaOPMT83wPujJ04kOGBhFy2qMKK8ALAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKABwq7o3QPIAQmpAshHdn0GLrI-4AIAqAMBqgT7AU_QbUDRO4Vehpl_JthkOSpowpg8dMNC3WpYnGprykq2z-wsdZicLJtx6-ZT5UPksptq-bfIoXLtQuP_31mmNZ2JlfWwJHSioZsGeHDonXJ3n3k4rTkFOxwv6IWZwJTL43RMRzqAPt0Bm9V6AjjHan5uHI-s0LtkLef-jQ17jFlcJRpPWUugJvB1tlsR9Gshf_kNKwbS1VZMR4VPDcXWRBRSPWZaxkRBWmQ2gALS3XhNObPuMkTw96wTrpzFPZPD5IskyLK4C-EAvfTs-hG_Fxr1bIh0r0xguTUf49Ao_vgHzodrLzIHVZAOjfIpRbE3QabRi5_Ii0U7fzm24AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3iltjcZ37znudFHI4p-4f7Tg1uTQ%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=1aKs/g==, md5=nBaxji7Rcg1LrHhoV5P3TA==
date: Mon, 07 Mar 2022 14:57:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 131926
cf-polished: qual=85, origFmt=jpeg, origSize=84530
x-guploader-uploadid: ADPycdsKss453dL_hIPM9BUQWqnIyYtJ_c952NWKm04R0qPBPMOfrW2cXxO175z4-eaAe3USd2ywi2_JzDQgCibGtuc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19022
last-modified: Wed, 10 Nov 2021 15:00:52 GMT
server: cloudflare
etag: "9c16b18e2ed1720d4bac78685793f74c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EKizhC5K3FO6WaH7bUwPi3K%2Bxgs17VyemnopoHorCRGRh%2BKk06mUxhXBEx90w7FEjWZl8FyWHeVoDZVpuC7SAYiHue2pRBn52eHToiEOAHxTFedcRxc42kmYgq3OydO0bDD5QH4wDBYPjnvO"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1636556452656256
content-type: image/webp
expires: Tue, 08 Mar 2022 14:57:01 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 84530
accept-ranges: bytes
cf-ray: 6e842e5e3cd39bca-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame 1095
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr...
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_con...
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022030715570165227498485X113752V1225131106MSoneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidydAtynFk...

49 B
1 KB

83ms
24ms

Image
image/gif

46.4.41.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022030715570165227498485X113752V1225131106MSoneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19483%2C166402%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=c61270540eccc2c9e1f0ad9fc0999eb0%2F9829051920461254654&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021045&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1htch1jkmrxdwj6jhydj7srqv63vf0fbcskktmzzdpz57hms4x1xypw9q7kh1zc9s2cm41w3xak798be2234q78162yvbfjydzwdw0zkbn12hevjhwaxd9dm7hgpen7b9yzery71g1prm7kfa2vw2yv4xjqy62k82kanf6xsj376rmwfvc8erjefp3wp3xss31q7wketp4tx6m4xs42sjg4fscd89rsaxja345zvvnpf46drmssasmmb7hcxvc9t1v54gbc27yadxzgcrktg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVNw-Ox0mYuaOPMT83wPujJ04kOGBhFy2qMKK8ALAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKABwq7o3QPIAQmpAshHdn0GLrI-4AIAqAMBqgT7AU_QbUDRO4Vehpl_JthkOSpowpg8dMNC3WpYnGprykq2z-wsdZicLJtx6-ZT5UPksptq-bfIoXLtQuP_31mmNZ2JlfWwJHSioZsGeHDonXJ3n3k4rTkFOxwv6IWZwJTL43RMRzqAPt0Bm9V6AjjHan5uHI-s0LtkLef-jQ17jFlcJRpPWUugJvB1tlsR9Gshf_kNKwbS1VZMR4VPDcXWRBRSPWZaxkRBWmQ2gALS3XhNObPuMkTw96wTrpzFPZPD5IskyLK4C-EAvfTs-hG_Fxr1bIh0r0xguTUf49Ao_vgHzodrLzIHVZAOjfIpRbE3QabRi5_Ii0U7fzm24AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3iltjcZ37znudFHI4p-4f7Tg1uTQ%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Server: 46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads2.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 14:57:01 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022030715570165227498485X113752V1225131106MSoneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth
date: Mon, 07 Mar 2022 14:57:01 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 1095 12 KB
12 KB 35ms
34ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19483%2C166402%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=c61270540eccc2c9e1f0ad9fc0999eb0%2F9829051920461254654&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021045&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1htch1jkmrxdwj6jhydj7srqv63vf0fbcskktmzzdpz57hms4x1xypw9q7kh1zc9s2cm41w3xak798be2234q78162yvbfjydzwdw0zkbn12hevjhwaxd9dm7hgpen7b9yzery71g1prm7kfa2vw2yv4xjqy62k82kanf6xsj376rmwfvc8erjefp3wp3xss31q7wketp4tx6m4xs42sjg4fscd89rsaxja345zvvnpf46drmssasmmb7hcxvc9t1v54gbc27yadxzgcrktg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVNw-Ox0mYuaOPMT83wPujJ04kOGBhFy2qMKK8ALAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKABwq7o3QPIAQmpAshHdn0GLrI-4AIAqAMBqgT7AU_QbUDRO4Vehpl_JthkOSpowpg8dMNC3WpYnGprykq2z-wsdZicLJtx6-ZT5UPksptq-bfIoXLtQuP_31mmNZ2JlfWwJHSioZsGeHDonXJ3n3k4rTkFOxwv6IWZwJTL43RMRzqAPt0Bm9V6AjjHan5uHI-s0LtkLef-jQ17jFlcJRpPWUugJvB1tlsR9Gshf_kNKwbS1VZMR4VPDcXWRBRSPWZaxkRBWmQ2gALS3XhNObPuMkTw96wTrpzFPZPD5IskyLK4C-EAvfTs-hG_Fxr1bIh0r0xguTUf49Ao_vgHzodrLzIHVZAOjfIpRbE3QabRi5_Ii0U7fzm24AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3iltjcZ37znudFHI4p-4f7Tg1uTQ%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date: Mon, 07 Mar 2022 14:57:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12543
cf-polished: qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid: ADPycdsw4V7uFzc8rNueY7l7JKylrjFAscbSPqUT74zWmyojKhcLae2o1XQbQqFyspEx5v-wdq_-zPwnJfBmT-Lv4_Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12110
last-modified: Thu, 25 Jun 2020 11:29:58 GMT
server: cloudflare
etag: "ede1d9155590baa798351884fc949bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWG2zqnzuNYGUQ81tnCqI1miX38RpXai0SJqIu9u%2FojWwLfv6xcuw4pcjK4I1f26Oz12ZJxpRaQAdyCw0PQw25MGNg3NnaV2loOqRxCYnBag6k%2BmSbmsL6McO5f3LZCKv2sx4Lasg%2Fh72sg0"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593084598972955
content-type: image/webp
expires: Tue, 08 Mar 2022 14:57:01 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 42488
accept-ranges: bytes
cf-ray: 6e842e5e3cd59bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1BBE26EDBCDBCA83F6FC5982E78609DD993CBC5A877E96B16262445B5D5F827FF241EDC353E519B59B7B45AAB552B2BD1049C4DF410A0448B841F76C0CCED257
assets.ad4m.at/product_image/ Frame 1095 42 KB
42 KB 113ms
112ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1BBE26EDBCDBCA83F6FC5982E78609DD993CBC5A877E96B16262445B5D5F827FF241EDC353E519B59B7B45AAB552B2BD1049C4DF410A0448B841F76C0CCED257
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19483%2C166402%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=c61270540eccc2c9e1f0ad9fc0999eb0%2F9829051920461254654&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021045&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1htch1jkmrxdwj6jhydj7srqv63vf0fbcskktmzzdpz57hms4x1xypw9q7kh1zc9s2cm41w3xak798be2234q78162yvbfjydzwdw0zkbn12hevjhwaxd9dm7hgpen7b9yzery71g1prm7kfa2vw2yv4xjqy62k82kanf6xsj376rmwfvc8erjefp3wp3xss31q7wketp4tx6m4xs42sjg4fscd89rsaxja345zvvnpf46drmssasmmb7hcxvc9t1v54gbc27yadxzgcrktg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVNw-Ox0mYuaOPMT83wPujJ04kOGBhFy2qMKK8ALAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKABwq7o3QPIAQmpAshHdn0GLrI-4AIAqAMBqgT7AU_QbUDRO4Vehpl_JthkOSpowpg8dMNC3WpYnGprykq2z-wsdZicLJtx6-ZT5UPksptq-bfIoXLtQuP_31mmNZ2JlfWwJHSioZsGeHDonXJ3n3k4rTkFOxwv6IWZwJTL43RMRzqAPt0Bm9V6AjjHan5uHI-s0LtkLef-jQ17jFlcJRpPWUugJvB1tlsR9Gshf_kNKwbS1VZMR4VPDcXWRBRSPWZaxkRBWmQ2gALS3XhNObPuMkTw96wTrpzFPZPD5IskyLK4C-EAvfTs-hG_Fxr1bIh0r0xguTUf49Ao_vgHzodrLzIHVZAOjfIpRbE3QabRi5_Ii0U7fzm24AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3iltjcZ37znudFHI4p-4f7Tg1uTQ%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f75a001bec4bdf424466cdc150b0aac769554195c5bf3105cd369a9861aa7103

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=4e5XkA==, md5=IApgItXE/tw7TfHLo2DKwQ==
date: Mon, 07 Mar 2022 14:57:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11914
cf-polished: origFmt=png, origSize=68898
x-guploader-uploadid: ADPycdt6qJtmDPoE1h5K-cC2QobQsC2ADHO6uH8Yt6i0iBbw9m-tnaOvCo2wfPmacrPxeOaX11uFcpwadx1o_cSrl2I
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42816
last-modified: Wed, 09 Feb 2022 14:47:59 GMT
server: cloudflare
etag: "200a6022d5c4fedc3b4df1cba360cac1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HA9G2uVKf%2FVA7oSD24L7uPeorrXTP3igmoZEGxrhkqYHpF6ySeCHda5fUmSI%2B0Vl1gCZFlV0NVwhHfta7tTRFmdjNY4Y2i%2FCvOvS3d9b90WmXFievcfSEXUzA%2BAqmpRqRS6o9FuDZQBtKEra"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1644418079055001
content-type: image/webp
expires: Tue, 08 Mar 2022 14:57:01 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 68898
accept-ranges: bytes
cf-ray: 6e842e5e3cd89bca-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CA37 17 KB
6 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 14:57:01 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 1111 7 KB
4 KB 46ms
46ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=182000%2C22451%2C43785&b=Y2jcrfG3f5BXkfVH9HetQtReGtAT1TK1Tr%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2CY2jcrfG3fwB9SVH9HetQt1R1fAT1TK1Tr&f=qGXsmf1WUJ5zAhZHgHDtRCXwgFPTgTq4s3%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CqGXsmf1WUE5bcZHgHDtRCMXMcPTgTq4s3&c=728&d=90&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=48063622d7ce825fce4247ce71f8fa38%2F13023955997220530089&i=20703%2C25174%2C27987&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021118&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmvgs7f3p6h696n5xcxkjte7s1d1x6qfwrd8xsk5hsgwj5khpe47bt3bv04kwr0bgxwj32t964x66pyaacktpsg4dk3zew8hb2hbp5hmdabs7js84bqba09s2e3194e7r3g72kv5pn974tpbd1mv9rfx192skkhnta41dqmvnfrrze5adp4wztxfyasj0jwn2e7nedgyf3z30q9ak2pavrxrjmngmqb6enntcsvjckt08jv9cwrch9x18gf1sdg23w959xsryyea12k69qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClb3xPB0mYqesGMiBjuwP1Jq4kAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCyEd2fQYusj7gAgCoAwGqBPoBT9DkRRAiKAARMhkQZxnq9HcEBP3rd5WwM3wECA8YwAWniOlFOCA9JYNLWbk01HEqu4QmW98Ran7sTpcbtfWQeuP6X85FD9Y6VvkXxY9eMOkcWtLJvJXUC23ZPm_zJYRjVJochlIiLoHLlnszXG7CtYMSPXgUOLGwUaddr3vO-nQXawB-g7n0-dwC7jCq55yFl5J4bAUA7AmpYhKaW2TJOReJGYGShQRTzxzYf0lPOgcm30yCJQIpvAUg18BlLc2KtPXt7TrzIUVOuldWXRU8cOgx5WJwjLDNjWjRnK4Dl6oFVEF85MfScurtoKjt012LB88sk2qJa_rAiOAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3AhqbN47f59Tq4VlYF_7tJrHSsqw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d9bee9a179c5d9116ab92d1dff21528f32697675765ac98b0905a81b4c735a0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jr7myrryjn81axw0z1a4a8h5qvs9h3vz4wk5nahzmk64vkhhvcc8q8gyk0jv38vxmen7vm5cwv0db7cp9ywb4bh5qa1cvadt0dxhfgnd29r687c5ddsryj4t9x8tfx7cghrjh35d34a9y219wgzkm87q9z2p8zg9wack880s6ceddp48dkbff7zgphm6cx5nkp9bpeznjwfg8ty0x9gcq7qnedsdfnakm29qaw68pb01rrcp4vvtdey9v77517r5fj9ga85dqvgxwt68xxhcp67arb40wkemdkhh184z6ew2qyn1kt7xvettxvvw9xbvnkzc7y6dgsp6sjrxj610832rmvttbs87hrdyn4f4j6tzsfwm4tzrs3f0cjert8km5jrx7bxhm59hwahrdpmez93jpmm1vz449d8degfxmf2etevmyd0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClb3xPB0mYqesGMiBjuwP1Jq4kAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCyEd2fQYusj7gAgCoAwGqBPoBT9DkRRAiKAARMhkQZxnq9HcEBP3rd5WwM3wECA8YwAWniOlFOCA9JYNLWbk01HEqu4QmW98Ran7sTpcbtfWQeuP6X85FD9Y6VvkXxY9eMOkcWtLJvJXUC23ZPm_zJYRjVJochlIiLoHLlnszXG7CtYMSPXgUOLGwUaddr3vO-nQXawB-g7n0-dwC7jCq55yFl5J4bAUA7AmpYhKaW2TJOReJGYGShQRTzxzYf0lPOgcm30yCJQIpvAUg18BlLc2KtPXt7TrzIUVOuldWXRU8cOgx5WJwjLDNjWjRnK4Dl6oFVEF85MfScurtoKjt012LB88sk2qJa_rAiOAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3AhqbN47f59Tq4VlYF_7tJrHSsqw%26client%3Dca-pub-4903453974745530%26adurl%3D

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e842e5f49239052-FRA
content-encoding: br

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B704 17 KB
6 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 14:57:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 88D9 13 KB
5 KB 17ms
17ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Mar 2022 14:40:04 GMT
expires: Tue, 07 Mar 2023 14:40:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 1017
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 39F9 783 B
532 B 29ms
28ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4a6244895663207f4110ca60f1ebba7436a865408cb88d04a6f9b729cb234640

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LlpTchRM+tsTitzaOZ1HMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 07 Mar 2022 14:57:01 GMT
date: Mon, 07 Mar 2022 14:57:01 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-LlpTchRM+tsTitzaOZ1HMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 1095 1 KB
2 KB 320ms
143ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3247651&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j7eq37ze2b7kcw2ptv1fch0dsbxr50ysj2pnxvjpn68nzb612hxf29vvnhcbvvc0jp5tfbq1q38bybn71bj9ryz2wqbft4034yvgs45z8pp28kk144rw0k5e8cskj3vrp2ddstt13m4dqf8nr7z7717nwnrdragg4ezry9xegfk8pykyr0x2h39cf1h3k9p92gcvxjm36dts4w5609wnhek1vjegcgh6h8yevy22c357eatf08tckp38jecda2a9j96n01bwavnzn292nxdc7e1mqaz7wgsdjzevhfs8p3zg1cqsm6b7sr%26a%3D&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19483%2C166402%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=c61270540eccc2c9e1f0ad9fc0999eb0%2F9829051920461254654&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021045&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1htch1jkmrxdwj6jhydj7srqv63vf0fbcskktmzzdpz57hms4x1xypw9q7kh1zc9s2cm41w3xak798be2234q78162yvbfjydzwdw0zkbn12hevjhwaxd9dm7hgpen7b9yzery71g1prm7kfa2vw2yv4xjqy62k82kanf6xsj376rmwfvc8erjefp3wp3xss31q7wketp4tx6m4xs42sjg4fscd89rsaxja345zvvnpf46drmssasmmb7hcxvc9t1v54gbc27yadxzgcrktg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVNw-Ox0mYuaOPMT83wPujJ04kOGBhFy2qMKK8ALAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKABwq7o3QPIAQmpAshHdn0GLrI-4AIAqAMBqgT7AU_QbUDRO4Vehpl_JthkOSpowpg8dMNC3WpYnGprykq2z-wsdZicLJtx6-ZT5UPksptq-bfIoXLtQuP_31mmNZ2JlfWwJHSioZsGeHDonXJ3n3k4rTkFOxwv6IWZwJTL43RMRzqAPt0Bm9V6AjjHan5uHI-s0LtkLef-jQ17jFlcJRpPWUugJvB1tlsR9Gshf_kNKwbS1VZMR4VPDcXWRBRSPWZaxkRBWmQ2gALS3XhNObPuMkTw96wTrpzFPZPD5IskyLK4C-EAvfTs-hG_Fxr1bIh0r0xguTUf49Ao_vgHzodrLzIHVZAOjfIpRbE3QabRi5_Ii0U7fzm24AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3iltjcZ37znudFHI4p-4f7Tg1uTQ%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 2599883cd30abc246c3be0ea1094d1ba189cbdd7e2295e4d7dcfc2856a837bc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 14:57:01 GMT
Last-Modified: Mon, 07 Mar 2022 14:57:01 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1455
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 container.html Show response
1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4BA7 6 KB
3 KB 18ms
17ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Mar 2022 14:57:01 GMT
expires: Tue, 07 Mar 2023 14:57:01 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 i Show response
api.purpleads.io/x/a/3c1925c210d9e9eb285a6e58c4fb12bb:9e4b84de232d54bf66f2d86033967dcb43fa666200a8751da8dbaa1961b2b98c7e26c0790f6f49d98640a6f2d5f907fb9564a4a3ec227df69d7e6496b92cca30eff4b03cc3449bd... 0
199 B 556ms
556ms Fetch 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/a/3c1925c210d9e9eb285a6e58c4fb12bb:9e4b84de232d54bf66f2d86033967dcb43fa666200a8751da8dbaa1961b2b98c7e26c0790f6f49d98640a6f2d5f907fb9564a4a3ec227df69d7e6496b92cca30eff4b03cc3449bd71bdf31db9a1cd3cb1647e6314c4d8b34e2f68a6867ccb521/i?id=bb694769-de0f-4428-a64e-83c588930f07&ts=1646665021232
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2V2aWxtYXJrLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 0.4.13

Response headers

access-control-allow-origin: https://nets4.com
date: Mon, 07 Mar 2022 14:57:01 GMT
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials: true
x-request-id: b694eb23-9f7e-405a-88f2-5cd510a50ecc

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ADF3 0
20 B 53ms
52ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030201&jk=2588779079999851&bg=!tbaltvLNAAb7UztL-1M7ACkAdvg8Wuiittm1HuYtp4nhByb7Q6xXyfW_3vG-u9rrk8YbEbwLOdCsZgIAAADpUgAAAAJoAQeZArKTcEE3-TdazlLi0NcNyCFP5JIU7TsFx5arVfC20p24Dpa54u9qOLogQSrq5bGfG5azTSVDxZHloFDEV3IV3gTPWtLCj0ZwD5i8gJehm0WOehkNr8pF_JncT-yQKkhGkmZr71PXHy6_ZDLsNosM0DvA0vBOGAPGGaHBrTvNx1ADQOZAcTOD_8FMTUA0Tlz73dmB_i80Y_VMx65KyEHgdyXqrfC6pZGOOg18Q3Gr1TCOO3CyRaYqEfQ_oCyXT5T4ZrDl7nuKv06W6qIw-3QZ7VqdmCbqQu9YX4yvzGG6HxIphvdA0rU4IWlfdLBN-9Ij_LgOFZBvW85pGTb_NR2v_eaYpDrwgsW5xtOOlZJMwnh4h4kkl8Ouj6Zd0QvzoZmZSZG_ZJ33wK1vxAMIV3I86dkuiYtlmr9cQDKwdLBDSwINbEcIHoHhjQkM72uAdXOKkmyZSISXlrKAc-0FzKpb2DVGFktf7kc3T6TI8rALD5G49zaEurA7SmelDJmFCPP6KRsIGwvRvRN24gQkhE9C5zR86BTAUzqb252FsRakYv0VxZGO2xVfxrCX5NI5aMgYs77MB65zV7O1oNPr5JbE6e5QWTTCNuiA-6NOLnrhv_EqOYcBT50zBLu7h_eAL7zo0Nj_My2caM4igTjYXDB8w2vFdpR9KRoCUg7NZI1OKEPjptppA-TXZ9KOlrwP_hj1QrI-tkqPXfx7t9q63wdNJ6L2DLumxZDcz91GFeL2DBzw9wajGK7DmBcVpN0YSD-hokvkqeyOOWxT3N6CO6iS7iLPvPj9qE3S0-Sb-Nk0oAjlCZhpYUx0tzps8awTMhQs6xvAhih-XnvCzpXHifFEN57LGwa3e4QtXqs9Ej5J_GHfiRm1hphfYCJrEJZFNsKsP_nYA6qt2kW2eao0BsR4Xko353E

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6C2E 13 KB
5 KB 17ms
17ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Mar 2022 14:40:04 GMT
expires: Tue, 07 Mar 2023 14:40:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 1017
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F401 783 B
533 B 29ms
28ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

876ccb211e3a93132198570fa504d84ad347f1d905df6b5e7240be49a127a9af

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WtqKtKei3bOqGtE3UitqRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 07 Mar 2022 14:57:01 GMT
date: Mon, 07 Mar 2022 14:57:01 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-WtqKtKei3bOqGtE3UitqRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 i
api.purpleads.io/x/a/3c1925c210d9e9eb285a6e58c4fb12bb:9e4b84de232d54bf66f2d86033967dcb43fa666200a8751da8dbaa1961b2b98c7e26c0790f6f49d98640a6f2d5f907fb9564a4a3ec227df69d7e6496b92cca30eff4b03cc3449bd... Frame 0
0 104ms
103ms Preflight 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/a/3c1925c210d9e9eb285a6e58c4fb12bb:9e4b84de232d54bf66f2d86033967dcb43fa666200a8751da8dbaa1961b2b98c7e26c0790f6f49d98640a6f2d5f907fb9564a4a3ec227df69d7e6496b92cca30eff4b03cc3449bd71bdf31db9a1cd3cb1647e6314c4d8b34e2f68a6867ccb521/i?id=bb694769-de0f-4428-a64e-83c588930f07&ts=1646665021232
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 55f64280-ff46-4e3b-b5da-76d530fd4cf0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4BA7 0
0 91ms
91ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CTtRFPR0mYtSaA4-NrASi0Lj4CMme0rFc1Z2R93DAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKAB1bbS6gPIAQmpAvxqb-QeN7I-4AIAqAMBqgT5AU_QsoZfvjyRYGxXToWqCuZ8pcT2Hps_mi0uFg07ClD8yNpzVqjH_UXG5rqh5AIMl39ZtRP8SWFo-XNdAIcVXXT5f-Wn3mBp_nSf0ysUeMJTGdVzP2Ts-tTNhjEVfqB9mOrXnhFN4KiqLEvI_tEr_x92_W301IyRqNJBRwruruV1lBcm616R2ghLffkZkwt1gteUaFQ9Dk3WzFOtsKztridPRmWrQuGArTu1J98xIMquwQ0so0Idf8bcUQjin6-aC6rjopy93tWc1vLHwXKitAf8Ty4fOowACSrJqYID2rjGv1iVGWR9parnUUz6bQ2RDnvO0wA86ao3ueAEAYAGpfyj5rOD5JY7oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDkwMzQ1Mzk3NDc0NTUzMBiLuXc&sigh=nPrsPClYBtc&uach_m=[UACH]&cid=CAQSPACNIrLMsWok9woGRWqaese5SlWtr7zpmNJitCGIx2FtMSzBrznctcZJotJYEhVlCANOwKq_-M3lXAGUwBgB
Requested by: Host: nets4.com
URL: https://nets4.com/domain/evilmark.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 4BA7 0
0 22ms
22ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UKSXEsc1rAL6AZ2DYgICAAAAwkAV-YOvCIAQPB0mYs46NeCOFCarP90mABI&wp=YiYdPQAAzVQKiwaPAA4oIqV6rzSAfh048nMODg

Requested by

Host: nets4.com
URL: https://nets4.com/domain/evilmark.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
server: Kestrel
server-processing-duration-in-ticks: 189204
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame AE50 165 KB
50 KB 164ms
158ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YiYdPQAAzVQKiwaPAA4oIqV6rzSAfh048nMODg&u=%7C8CscHVVsa7Q%2Ffg5Cyj9EWtaW50PDvovk7UN4J5xI5kE%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV2JtZM_Ei5tSPQXcRS1ssTUS_8xvR11yLNH_ueoquGVVe1eYPGXpdJNZAJReCsFY2B_RfUvewNsUWM4sSqFS0Wx1VleLF67T2VhutK8V4JXox3K-8F5JQ_obQqb--WlNOEx9GCFruAjSXEpNPYj8mfYn4a8WIgcphGbm_oEvg4n4jDCrYr7eY-ZMMk_R8-0aAFq7VR8qpm66qqTaBYqKPbwbSzNz-tFr3_awpoUCzg-9sN37_9xzeaqj3hzhYQJMfVoG6jaVGVKTLDisbBBHDWJZdhFQhc-ufOP4Ft3AHlFasQWTCXqWTxo4bqm2asVDxfyAAMgiRIAcc-KbacX4T5QV7BkRJJ6cMy3lFS7KRWOaIN2HYcGl0XJjSylYqMWjOp0loxPvCcHltx_dYcA6wGndQRt4thUpzeYbbH4zkUPcFTbDdddiPdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_WWpPR0mYtSaA4-NrASi0Lj4CMme0rFc1Z2R93DAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKAB1bbS6gPIAQmpAvxqb-QeN7I-4AIAqAMBqgT8AU_QsoZfvjyRYGxXToWqCuZ8pcT2Hps_mi0uFg07ClD8yNpzVqjH_UXG5rqh5AIMl39ZtRP8SWFo-XNdAIcVXXT5f-Wn3mBp_nSf0ysUeMJTGdVzP2Ts-tTNhjEVfqB9mOrXnhFN4KiqLEvI_tEr_x92_W301IyRqNJBRwruruV1lBcm616R2ghLffkZkwt1gteUaFQ9Dk3WzFOtsKztridPRmWrQuGArTu1J98xIMquwQ0so0Idf8bcUQjin6-aC6rjopy93tWc1vLHwXKitAf8Ty5dOK2SjqVVuj2fzhsWgv5tEHB3E6DJSc5OpTA3_MTQ_xi5Qy4kBpQYCOAEAYAGpfyj5rOD5JY7oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2J76TmTLO87xJ9Trn7D4Eg7KdmtA%26client%3Dca-pub-4903453974745530%26adurl%3D

Requested by

Host: 1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com
URL: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

81113be959d836136f0e260fa7043a881e992753ffdd7cd9d9fd5a61c59106a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/

Response headers

date: Mon, 07 Mar 2022 14:57:00 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=8isW94olLF3Qt7ARyiiW818enn5fLEMQ73x6mu9-9hkF9EsUpmhtRo7YSF6b9OwHe4Xb9JIVf9R5Jh0-utk2UtEa7mGHhQFD9Afo03Z4rYZanTDc3gjCAii5SBn3bnE8B_Fq4GbsgVcqxJLLwWGcXft4ktT6xgJTQOMWgcdLFB8AK18Kr6vCit3esG3u5GTAQ7UztNwjpR6o0cWqBuWcKKFwuHeIA9Tu7RGZywmviIEw5rTyXLYgwlxmmQhqqg9lLJ_AiQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 136678290
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame 4BA7 2 KB
1 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/window_focus_fy2019.js

Requested by

Host: 1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com
URL: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 14:56:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E52A 1 KB
749 B 22ms
16ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com
URL: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 07 Mar 2022 05:53:44 GMT
expires: Tue, 08 Mar 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 32597
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4BA7 124 KB
38 KB 44ms
41ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com
URL: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 14:57:01 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame 4BA7 15 KB
6 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com
URL: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 14:56:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4BA7 0
0 27ms
24ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSIngK2kZq3iClL34ULMAUsDCp1zhLtpxAEEKlYcwQP0OzP4dhUf8dqgsDooW86FGp-Sut_TdS5XhRbRoZ5KU-iQ9Ubzg
Requested by: Host: 1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com
URL: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4BA7 22 KB
7 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com
URL: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 14:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Mar 2023 14:03:17 GMT

GET
H3 200 container.html Show response
c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4F16 6 KB
3 KB 16ms
16ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Mar 2022 14:57:01 GMT
expires: Tue, 07 Mar 2023 14:57:01 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 i
api.purpleads.io/x/a/e4d4853b9c6953a2b6c3b1429360b922:9cd24fd97ba09d1664ebc0b34be090dbf5885dc7581f7003771c7b2e83a8f38b877dabdec3a29f30679a95a860aadc9824ca80cabe9aa21289aca4652eec41736e9c92c6a5ca5d6... Frame 0
0 103ms
103ms Preflight 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/a/e4d4853b9c6953a2b6c3b1429360b922:9cd24fd97ba09d1664ebc0b34be090dbf5885dc7581f7003771c7b2e83a8f38b877dabdec3a29f30679a95a860aadc9824ca80cabe9aa21289aca4652eec41736e9c92c6a5ca5d64bd5eded121a67ce6c7775c49dbb9033694b589de6ef71581bb87a7a11c167629f85d83e67f9b9f2fab90b55ee6173810c38c491e2cbac62274d4e27b437b118c9f582f48c2058ccb7d8ad1439458b8a72b3e72d5543343f5/i?id=d4f921e5-51b4-49fb-9bfc-ecff38d1a312&ts=1646665021395
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Origin: https://nets4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
access-control-allow-origin: https://nets4.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 2351e827-0b06-4a62-9e19-b7066ba8ab56

GET
H2 200 i Show response
api.purpleads.io/x/a/e4d4853b9c6953a2b6c3b1429360b922:9cd24fd97ba09d1664ebc0b34be090dbf5885dc7581f7003771c7b2e83a8f38b877dabdec3a29f30679a95a860aadc9824ca80cabe9aa21289aca4652eec41736e9c92c6a5ca5d6... 0
199 B 501ms
498ms Fetch 34.227.128.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/a/e4d4853b9c6953a2b6c3b1429360b922:9cd24fd97ba09d1664ebc0b34be090dbf5885dc7581f7003771c7b2e83a8f38b877dabdec3a29f30679a95a860aadc9824ca80cabe9aa21289aca4652eec41736e9c92c6a5ca5d64bd5eded121a67ce6c7775c49dbb9033694b589de6ef71581bb87a7a11c167629f85d83e67f9b9f2fab90b55ee6173810c38c491e2cbac62274d4e27b437b118c9f582f48c2058ccb7d8ad1439458b8a72b3e72d5543343f5/i?id=d4f921e5-51b4-49fb-9bfc-ecff38d1a312&ts=1646665021395
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-233.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Authorization: Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url: aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2V2aWxtYXJrLmNvbQ==
Accept: application/json
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
x-purpleads-version: 2.0.26

Response headers

access-control-allow-origin: https://nets4.com
date: Mon, 07 Mar 2022 14:57:01 GMT
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials: true
x-request-id: bac14419-831b-4095-8d92-84b0f1ad89cb

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 1111 81 KB
11 KB 30ms
29ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182000%2C22451%2C43785&b=Y2jcrfG3f5BXkfVH9HetQtReGtAT1TK1Tr%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2CY2jcrfG3fwB9SVH9HetQt1R1fAT1TK1Tr&f=qGXsmf1WUJ5zAhZHgHDtRCXwgFPTgTq4s3%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CqGXsmf1WUE5bcZHgHDtRCMXMcPTgTq4s3&c=728&d=90&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=48063622d7ce825fce4247ce71f8fa38%2F13023955997220530089&i=20703%2C25174%2C27987&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021118&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmvgs7f3p6h696n5xcxkjte7s1d1x6qfwrd8xsk5hsgwj5khpe47bt3bv04kwr0bgxwj32t964x66pyaacktpsg4dk3zew8hb2hbp5hmdabs7js84bqba09s2e3194e7r3g72kv5pn974tpbd1mv9rfx192skkhnta41dqmvnfrrze5adp4wztxfyasj0jwn2e7nedgyf3z30q9ak2pavrxrjmngmqb6enntcsvjckt08jv9cwrch9x18gf1sdg23w959xsryyea12k69qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClb3xPB0mYqesGMiBjuwP1Jq4kAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCyEd2fQYusj7gAgCoAwGqBPoBT9DkRRAiKAARMhkQZxnq9HcEBP3rd5WwM3wECA8YwAWniOlFOCA9JYNLWbk01HEqu4QmW98Ran7sTpcbtfWQeuP6X85FD9Y6VvkXxY9eMOkcWtLJvJXUC23ZPm_zJYRjVJochlIiLoHLlnszXG7CtYMSPXgUOLGwUaddr3vO-nQXawB-g7n0-dwC7jCq55yFl5J4bAUA7AmpYhKaW2TJOReJGYGShQRTzxzYf0lPOgcm30yCJQIpvAUg18BlLc2KtPXt7TrzIUVOuldWXRU8cOgx5WJwjLDNjWjRnK4Dl6oFVEF85MfScurtoKjt012LB88sk2qJa_rAiOAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3AhqbN47f59Tq4VlYF_7tJrHSsqw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=182000%2C22451%2C43785&b=Y2jcrfG3f5BXkfVH9HetQtReGtAT1TK1Tr%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2CY2jcrfG3fwB9SVH9HetQt1R1fAT1TK1Tr&f=qGXsmf1WUJ5zAhZHgHDtRCXwgFPTgTq4s3%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CqGXsmf1WUE5bcZHgHDtRCMXMcPTgTq4s3&c=728&d=90&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=48063622d7ce825fce4247ce71f8fa38%2F13023955997220530089&i=20703%2C25174%2C27987&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021118&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmvgs7f3p6h696n5xcxkjte7s1d1x6qfwrd8xsk5hsgwj5khpe47bt3bv04kwr0bgxwj32t964x66pyaacktpsg4dk3zew8hb2hbp5hmdabs7js84bqba09s2e3194e7r3g72kv5pn974tpbd1mv9rfx192skkhnta41dqmvnfrrze5adp4wztxfyasj0jwn2e7nedgyf3z30q9ak2pavrxrjmngmqb6enntcsvjckt08jv9cwrch9x18gf1sdg23w959xsryyea12k69qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClb3xPB0mYqesGMiBjuwP1Jq4kAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCyEd2fQYusj7gAgCoAwGqBPoBT9DkRRAiKAARMhkQZxnq9HcEBP3rd5WwM3wECA8YwAWniOlFOCA9JYNLWbk01HEqu4QmW98Ran7sTpcbtfWQeuP6X85FD9Y6VvkXxY9eMOkcWtLJvJXUC23ZPm_zJYRjVJochlIiLoHLlnszXG7CtYMSPXgUOLGwUaddr3vO-nQXawB-g7n0-dwC7jCq55yFl5J4bAUA7AmpYhKaW2TJOReJGYGShQRTzxzYf0lPOgcm30yCJQIpvAUg18BlLc2KtPXt7TrzIUVOuldWXRU8cOgx5WJwjLDNjWjRnK4Dl6oFVEF85MfScurtoKjt012LB88sk2qJa_rAiOAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3AhqbN47f59Tq4VlYF_7tJrHSsqw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1141624
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Tue, 22 Feb 2022 09:49:57 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6e842e5fda0e9052-FRA
cf-bgj: minify

GET
H3 200 C46E36494CD11571AD6096436563A935A4EF86E9E013CC4B9F0AD882C02907C50D011AD030C69BCB573604CFA07F783CB4ADC16C72A9B72EB614A2172586C052
assets.ad4m.at/logo/ Frame 1111 39 KB
40 KB 42ms
42ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C46E36494CD11571AD6096436563A935A4EF86E9E013CC4B9F0AD882C02907C50D011AD030C69BCB573604CFA07F783CB4ADC16C72A9B72EB614A2172586C052
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182000%2C22451%2C43785&b=Y2jcrfG3f5BXkfVH9HetQtReGtAT1TK1Tr%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2CY2jcrfG3fwB9SVH9HetQt1R1fAT1TK1Tr&f=qGXsmf1WUJ5zAhZHgHDtRCXwgFPTgTq4s3%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CqGXsmf1WUE5bcZHgHDtRCMXMcPTgTq4s3&c=728&d=90&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=48063622d7ce825fce4247ce71f8fa38%2F13023955997220530089&i=20703%2C25174%2C27987&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021118&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmvgs7f3p6h696n5xcxkjte7s1d1x6qfwrd8xsk5hsgwj5khpe47bt3bv04kwr0bgxwj32t964x66pyaacktpsg4dk3zew8hb2hbp5hmdabs7js84bqba09s2e3194e7r3g72kv5pn974tpbd1mv9rfx192skkhnta41dqmvnfrrze5adp4wztxfyasj0jwn2e7nedgyf3z30q9ak2pavrxrjmngmqb6enntcsvjckt08jv9cwrch9x18gf1sdg23w959xsryyea12k69qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClb3xPB0mYqesGMiBjuwP1Jq4kAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCyEd2fQYusj7gAgCoAwGqBPoBT9DkRRAiKAARMhkQZxnq9HcEBP3rd5WwM3wECA8YwAWniOlFOCA9JYNLWbk01HEqu4QmW98Ran7sTpcbtfWQeuP6X85FD9Y6VvkXxY9eMOkcWtLJvJXUC23ZPm_zJYRjVJochlIiLoHLlnszXG7CtYMSPXgUOLGwUaddr3vO-nQXawB-g7n0-dwC7jCq55yFl5J4bAUA7AmpYhKaW2TJOReJGYGShQRTzxzYf0lPOgcm30yCJQIpvAUg18BlLc2KtPXt7TrzIUVOuldWXRU8cOgx5WJwjLDNjWjRnK4Dl6oFVEF85MfScurtoKjt012LB88sk2qJa_rAiOAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3AhqbN47f59Tq4VlYF_7tJrHSsqw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dded8f8315bfa1c937330c6d23a5883248d37e189635b093e93e096e594ad5d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=E3pl4w==, md5=aKDSgUdJtYIMnFy3kSz8CQ==
date: Mon, 07 Mar 2022 14:57:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 137297
cf-polished: origFmt=png, origSize=59160
x-guploader-uploadid: ADPycdt-Bd-tqYfP2Z5cGqQqGIcDNzyLpkMyVEG7-XSA9c5L2UcGzbZgi8T9oZsl2JmP4zr8_9jujSqQ8_1MXMtxduEnZMCbcw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39746
last-modified: Wed, 12 Feb 2020 10:33:43 GMT
server: cloudflare
etag: "68a0d2814749b5820c9c5cb7912cfc09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zt5RN%2Bx2R1qy71HPuW1wjNfF%2B%2FFvpuh%2BS4AC48kHSSyIJo4DhT%2FFT%2FJSFcLiHj4F6z%2FJzcvu4J7TfpPwQZn5E2hAIxmoVsNUWLGR2MxvVEWsRNHWM7W4yw0kzbeX2kawiv8n0bw8GZZiox69"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1581503623525394
content-type: image/webp
expires: Tue, 08 Mar 2022 14:57:01 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 59160
accept-ranges: bytes
cf-ray: 6e842e5fda119052-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 3A1416EE928727CAA262D55B41C53B838E063DB8190E91AD28C25ED5A196521B7E995F4FF8A87D4E3E3AE2959912A928F43AB1C2988064014D978C88D75E9BD5
assets.ad4m.at/product_image/ Frame 1111 381 KB
382 KB 45ms
44ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/3A1416EE928727CAA262D55B41C53B838E063DB8190E91AD28C25ED5A196521B7E995F4FF8A87D4E3E3AE2959912A928F43AB1C2988064014D978C88D75E9BD5
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182000%2C22451%2C43785&b=Y2jcrfG3f5BXkfVH9HetQtReGtAT1TK1Tr%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2CY2jcrfG3fwB9SVH9HetQt1R1fAT1TK1Tr&f=qGXsmf1WUJ5zAhZHgHDtRCXwgFPTgTq4s3%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CqGXsmf1WUE5bcZHgHDtRCMXMcPTgTq4s3&c=728&d=90&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=48063622d7ce825fce4247ce71f8fa38%2F13023955997220530089&i=20703%2C25174%2C27987&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021118&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmvgs7f3p6h696n5xcxkjte7s1d1x6qfwrd8xsk5hsgwj5khpe47bt3bv04kwr0bgxwj32t964x66pyaacktpsg4dk3zew8hb2hbp5hmdabs7js84bqba09s2e3194e7r3g72kv5pn974tpbd1mv9rfx192skkhnta41dqmvnfrrze5adp4wztxfyasj0jwn2e7nedgyf3z30q9ak2pavrxrjmngmqb6enntcsvjckt08jv9cwrch9x18gf1sdg23w959xsryyea12k69qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClb3xPB0mYqesGMiBjuwP1Jq4kAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCyEd2fQYusj7gAgCoAwGqBPoBT9DkRRAiKAARMhkQZxnq9HcEBP3rd5WwM3wECA8YwAWniOlFOCA9JYNLWbk01HEqu4QmW98Ran7sTpcbtfWQeuP6X85FD9Y6VvkXxY9eMOkcWtLJvJXUC23ZPm_zJYRjVJochlIiLoHLlnszXG7CtYMSPXgUOLGwUaddr3vO-nQXawB-g7n0-dwC7jCq55yFl5J4bAUA7AmpYhKaW2TJOReJGYGShQRTzxzYf0lPOgcm30yCJQIpvAUg18BlLc2KtPXt7TrzIUVOuldWXRU8cOgx5WJwjLDNjWjRnK4Dl6oFVEF85MfScurtoKjt012LB88sk2qJa_rAiOAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3AhqbN47f59Tq4VlYF_7tJrHSsqw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9003fef55e3576f4a0a0238398fe166e7ee41975e55dd3ba079066eea0fb291d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=7K8YCA==, md5=h7XbqynNpVDqQyWo3WfcwA==
date: Mon, 07 Mar 2022 14:57:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 397866
cf-polished: origFmt=png, origSize=609525
x-guploader-uploadid: ADPycdvXf_4OMzyRtOov4htiQk_mU7NKCrlqAOPNmK9U7zi360nmsLwX5GF7vliRbrUxPT4-fRW8ghMnX4w7Qshg9dhGOlqPSA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 390038
last-modified: Wed, 23 Feb 2022 15:34:53 GMT
server: cloudflare
etag: "87b5dbab29cda550ea4325a8dd67dcc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibWeS1d50DzksITq8smtaXd6cB%2FokAS0brnYPQae9I9YXSLHwn8ZWbShj0wmy3TVIS8kyc02Qlhg4TVF%2BOFsWoRhlIZdygDFip5V0Be%2FKBPsJbF5n7CAjeRcFoLckuex%2BnxhClApA%2BeU57aA"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1645630493382906
content-type: image/webp
expires: Tue, 08 Mar 2022 14:57:01 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 609525
accept-ranges: bytes
cf-ray: 6e842e5fea449052-FRA
cf-bgj: imgq:85,h2pri

GET
H2

200

/
www.euromaster.de/ Frame 1111
Redirect Chain

https://www.awin1.com/cread.php?s=2480620&v=14363&q=359541&r=412871&pv=1&pref3=oneidY2jcrfG3f5BXkfVH9HetQtReGtAT1TK1Troneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRota...
https://shop.euromaster.de/?awc=14363_1646665021_0d0d8497ae2c2f078900432029c0e6d7
https://www.euromaster.de/?awc=14363_1646665021_0d0d8497ae2c2f078900432029c0e6d7

0
0

142ms
127ms

Image
text/html

2600:9000:225f:7600:12:7deb:8f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.euromaster.de/?awc=14363_1646665021_0d0d8497ae2c2f078900432029c0e6d7
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182000%2C22451%2C43785&b=Y2jcrfG3f5BXkfVH9HetQtReGtAT1TK1Tr%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2CY2jcrfG3fwB9SVH9HetQt1R1fAT1TK1Tr&f=qGXsmf1WUJ5zAhZHgHDtRCXwgFPTgTq4s3%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CqGXsmf1WUE5bcZHgHDtRCMXMcPTgTq4s3&c=728&d=90&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=48063622d7ce825fce4247ce71f8fa38%2F13023955997220530089&i=20703%2C25174%2C27987&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021118&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmvgs7f3p6h696n5xcxkjte7s1d1x6qfwrd8xsk5hsgwj5khpe47bt3bv04kwr0bgxwj32t964x66pyaacktpsg4dk3zew8hb2hbp5hmdabs7js84bqba09s2e3194e7r3g72kv5pn974tpbd1mv9rfx192skkhnta41dqmvnfrrze5adp4wztxfyasj0jwn2e7nedgyf3z30q9ak2pavrxrjmngmqb6enntcsvjckt08jv9cwrch9x18gf1sdg23w959xsryyea12k69qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClb3xPB0mYqesGMiBjuwP1Jq4kAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCyEd2fQYusj7gAgCoAwGqBPoBT9DkRRAiKAARMhkQZxnq9HcEBP3rd5WwM3wECA8YwAWniOlFOCA9JYNLWbk01HEqu4QmW98Ran7sTpcbtfWQeuP6X85FD9Y6VvkXxY9eMOkcWtLJvJXUC23ZPm_zJYRjVJochlIiLoHLlnszXG7CtYMSPXgUOLGwUaddr3vO-nQXawB-g7n0-dwC7jCq55yFl5J4bAUA7AmpYhKaW2TJOReJGYGShQRTzxzYf0lPOgcm30yCJQIpvAUg18BlLc2KtPXt7TrzIUVOuldWXRU8cOgx5WJwjLDNjWjRnK4Dl6oFVEF85MfScurtoKjt012LB88sk2qJa_rAiOAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3AhqbN47f59Tq4VlYF_7tJrHSsqw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol: H2
Server: 2600:9000:225f:7600:12:7deb:8f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

content-security-policy: upgrade-insecure-requests
via: 1.1 64ff1e6af494771d4212cf7d4543447e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: TXL50-P2
x-cache: Miss from cloudfront
content-length: 287
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache
x-frame-options: SAMEORIGIN
date: Mon, 07 Mar 2022 14:57:01 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: text/html; charset=iso-8859-1
location: https://www.euromaster.de?awc=14363_1646665021_0d0d8497ae2c2f078900432029c0e6d7
permissions-policy: geolocation=(self), camera=(self)
x-amz-cf-id: J4zjjOm0sBSO1_2BZlOZrDR5eD1u0LtfHc_Pl0ElNc_Sfl3SttSKOA==

GET
H3 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 1111 8 KB
9 KB 96ms
95ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182000%2C22451%2C43785&b=Y2jcrfG3f5BXkfVH9HetQtReGtAT1TK1Tr%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2CY2jcrfG3fwB9SVH9HetQt1R1fAT1TK1Tr&f=qGXsmf1WUJ5zAhZHgHDtRCXwgFPTgTq4s3%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CqGXsmf1WUE5bcZHgHDtRCMXMcPTgTq4s3&c=728&d=90&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=48063622d7ce825fce4247ce71f8fa38%2F13023955997220530089&i=20703%2C25174%2C27987&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021118&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmvgs7f3p6h696n5xcxkjte7s1d1x6qfwrd8xsk5hsgwj5khpe47bt3bv04kwr0bgxwj32t964x66pyaacktpsg4dk3zew8hb2hbp5hmdabs7js84bqba09s2e3194e7r3g72kv5pn974tpbd1mv9rfx192skkhnta41dqmvnfrrze5adp4wztxfyasj0jwn2e7nedgyf3z30q9ak2pavrxrjmngmqb6enntcsvjckt08jv9cwrch9x18gf1sdg23w959xsryyea12k69qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClb3xPB0mYqesGMiBjuwP1Jq4kAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCyEd2fQYusj7gAgCoAwGqBPoBT9DkRRAiKAARMhkQZxnq9HcEBP3rd5WwM3wECA8YwAWniOlFOCA9JYNLWbk01HEqu4QmW98Ran7sTpcbtfWQeuP6X85FD9Y6VvkXxY9eMOkcWtLJvJXUC23ZPm_zJYRjVJochlIiLoHLlnszXG7CtYMSPXgUOLGwUaddr3vO-nQXawB-g7n0-dwC7jCq55yFl5J4bAUA7AmpYhKaW2TJOReJGYGShQRTzxzYf0lPOgcm30yCJQIpvAUg18BlLc2KtPXt7TrzIUVOuldWXRU8cOgx5WJwjLDNjWjRnK4Dl6oFVEF85MfScurtoKjt012LB88sk2qJa_rAiOAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3AhqbN47f59Tq4VlYF_7tJrHSsqw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Mon, 07 Mar 2022 14:57:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 148142
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdsrFP1IbI1QH0XfzoPSZgbR8JLTS243eRYtk4OCXct3pcmyhmjHiehmJk2_6Mw42x_29mbTV7DyzNWqsgtX37W75YJA2w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2COHh%2FAQ33SJRbwLMF%2BQZY1q18ToSDeJK9l8TBfP1OdO2l9k475iOs5oOs9QFT%2BsPSDZaeD56M25HuAokTfnXJI0YZD53wib8AROHFFtMpIN7IVzHrZpIRDX5vlMP05RjsIrtCt9RynfYQR"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Tue, 08 Mar 2022 14:57:01 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 6e842e5fea469052-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 1111 30 KB
30 KB 97ms
95ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182000%2C22451%2C43785&b=Y2jcrfG3f5BXkfVH9HetQtReGtAT1TK1Tr%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2CY2jcrfG3fwB9SVH9HetQt1R1fAT1TK1Tr&f=qGXsmf1WUJ5zAhZHgHDtRCXwgFPTgTq4s3%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CqGXsmf1WUE5bcZHgHDtRCMXMcPTgTq4s3&c=728&d=90&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=48063622d7ce825fce4247ce71f8fa38%2F13023955997220530089&i=20703%2C25174%2C27987&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021118&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmvgs7f3p6h696n5xcxkjte7s1d1x6qfwrd8xsk5hsgwj5khpe47bt3bv04kwr0bgxwj32t964x66pyaacktpsg4dk3zew8hb2hbp5hmdabs7js84bqba09s2e3194e7r3g72kv5pn974tpbd1mv9rfx192skkhnta41dqmvnfrrze5adp4wztxfyasj0jwn2e7nedgyf3z30q9ak2pavrxrjmngmqb6enntcsvjckt08jv9cwrch9x18gf1sdg23w959xsryyea12k69qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClb3xPB0mYqesGMiBjuwP1Jq4kAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCyEd2fQYusj7gAgCoAwGqBPoBT9DkRRAiKAARMhkQZxnq9HcEBP3rd5WwM3wECA8YwAWniOlFOCA9JYNLWbk01HEqu4QmW98Ran7sTpcbtfWQeuP6X85FD9Y6VvkXxY9eMOkcWtLJvJXUC23ZPm_zJYRjVJochlIiLoHLlnszXG7CtYMSPXgUOLGwUaddr3vO-nQXawB-g7n0-dwC7jCq55yFl5J4bAUA7AmpYhKaW2TJOReJGYGShQRTzxzYf0lPOgcm30yCJQIpvAUg18BlLc2KtPXt7TrzIUVOuldWXRU8cOgx5WJwjLDNjWjRnK4Dl6oFVEF85MfScurtoKjt012LB88sk2qJa_rAiOAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3AhqbN47f59Tq4VlYF_7tJrHSsqw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date: Mon, 07 Mar 2022 14:57:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 155898
cf-polished: qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid: ADPycdvq24uOnHS0Gid_OdopCI2h7Orz5kL52_UJ7xIXtd9S83HO68TP9AUmaYBC9duTtTRftD3zRt7v7wPwBWldshE3ZZXByA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30226
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9R8X6SfKbeccFzWwNilNKBpoqF%2FEruKDiQ3QwGiJbCD76KA256if2ClsuGfcagK%2F9wCq%2BjhOtPwWZhOPIiGubfTabHC9PGJtRapSol%2FuQH%2FU4ap39NfUi2lNn7weAFMk9IL3ic34gK43kQIy"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1586422222365290
content-type: image/webp
expires: Tue, 08 Mar 2022 14:57:01 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 81547
accept-ranges: bytes
cf-ray: 6e842e5fea479052-FRA
cf-bgj: imgq:85,h2pri

GET

/
banner.congstar.de/cookie/ Frame 1111
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=COKLrZ2htPYCFUuaewodAvgD1w;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRot...
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1646665021_d84b1d72-9e26-11ec-81bc-2262d3a2196d

0
0

GET
H3 200 17CEAFA57CF0EB4F3069EAE8D23FE167593560E41B1D4ACF9EA368C712201CF0631191FEA59C395794280C31337CACB3DB0E71604147FCA767859B9D335D03C8
assets.ad4m.at/logo/ Frame 1111 16 KB
17 KB 97ms
96ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/17CEAFA57CF0EB4F3069EAE8D23FE167593560E41B1D4ACF9EA368C712201CF0631191FEA59C395794280C31337CACB3DB0E71604147FCA767859B9D335D03C8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182000%2C22451%2C43785&b=Y2jcrfG3f5BXkfVH9HetQtReGtAT1TK1Tr%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2CY2jcrfG3fwB9SVH9HetQt1R1fAT1TK1Tr&f=qGXsmf1WUJ5zAhZHgHDtRCXwgFPTgTq4s3%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CqGXsmf1WUE5bcZHgHDtRCMXMcPTgTq4s3&c=728&d=90&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=48063622d7ce825fce4247ce71f8fa38%2F13023955997220530089&i=20703%2C25174%2C27987&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021118&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmvgs7f3p6h696n5xcxkjte7s1d1x6qfwrd8xsk5hsgwj5khpe47bt3bv04kwr0bgxwj32t964x66pyaacktpsg4dk3zew8hb2hbp5hmdabs7js84bqba09s2e3194e7r3g72kv5pn974tpbd1mv9rfx192skkhnta41dqmvnfrrze5adp4wztxfyasj0jwn2e7nedgyf3z30q9ak2pavrxrjmngmqb6enntcsvjckt08jv9cwrch9x18gf1sdg23w959xsryyea12k69qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClb3xPB0mYqesGMiBjuwP1Jq4kAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCyEd2fQYusj7gAgCoAwGqBPoBT9DkRRAiKAARMhkQZxnq9HcEBP3rd5WwM3wECA8YwAWniOlFOCA9JYNLWbk01HEqu4QmW98Ran7sTpcbtfWQeuP6X85FD9Y6VvkXxY9eMOkcWtLJvJXUC23ZPm_zJYRjVJochlIiLoHLlnszXG7CtYMSPXgUOLGwUaddr3vO-nQXawB-g7n0-dwC7jCq55yFl5J4bAUA7AmpYhKaW2TJOReJGYGShQRTzxzYf0lPOgcm30yCJQIpvAUg18BlLc2KtPXt7TrzIUVOuldWXRU8cOgx5WJwjLDNjWjRnK4Dl6oFVEF85MfScurtoKjt012LB88sk2qJa_rAiOAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3AhqbN47f59Tq4VlYF_7tJrHSsqw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7c9abd88817d3f494884827fa4f2aa3a61ef4b4b869290f1c74fb5b947835f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=+FXcLQ==, md5=TNunwZpDAHtc50PiZ9v3sg==
date: Mon, 07 Mar 2022 14:57:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255585
cf-polished: origFmt=png, origSize=30481
x-guploader-uploadid: ADPycdtmCmlgKDVe5qU3OMNnK8jlX1zWAZh2sSyoelxabFpqRckOs06sVxW_vzaT9nkixFR6G1_tSbqgRLUAUTgLASWL5Tj9NQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16634
last-modified: Fri, 15 Jan 2021 15:58:09 GMT
server: cloudflare
etag: "4cdba7c19a43007b5ce743e267dbf7b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gqPbEdLlrDJbWyR%2BFm4jMjXkOtbsaGTC%2BmJO4AnR1ChbQodhLUrISympHlDuBCJvXr2tDJDwnpCPFsfDQAK4xm3PsAtDXbsXHIXlVjlqPXo12SYWBl3mOgf5ku9wBfUDpafsQ4Eo7EyuLJdv"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1610726289780766
content-type: image/webp
expires: Tue, 08 Mar 2022 14:57:01 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 30481
accept-ranges: bytes
cf-ray: 6e842e5fea489052-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 23202546F26C6755F7EFB25556CD5B3513FA219B9C6E025CFF044DB731B5F536FA2863A6E03AA05F3BFE181D0BF8BE0BC9BFCD16397F463E028839DE479FD565
assets.ad4m.at/product_image/ Frame 1111 138 KB
139 KB 28ms
27ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/23202546F26C6755F7EFB25556CD5B3513FA219B9C6E025CFF044DB731B5F536FA2863A6E03AA05F3BFE181D0BF8BE0BC9BFCD16397F463E028839DE479FD565
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182000%2C22451%2C43785&b=Y2jcrfG3f5BXkfVH9HetQtReGtAT1TK1Tr%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2CY2jcrfG3fwB9SVH9HetQt1R1fAT1TK1Tr&f=qGXsmf1WUJ5zAhZHgHDtRCXwgFPTgTq4s3%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CqGXsmf1WUE5bcZHgHDtRCMXMcPTgTq4s3&c=728&d=90&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=48063622d7ce825fce4247ce71f8fa38%2F13023955997220530089&i=20703%2C25174%2C27987&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021118&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmvgs7f3p6h696n5xcxkjte7s1d1x6qfwrd8xsk5hsgwj5khpe47bt3bv04kwr0bgxwj32t964x66pyaacktpsg4dk3zew8hb2hbp5hmdabs7js84bqba09s2e3194e7r3g72kv5pn974tpbd1mv9rfx192skkhnta41dqmvnfrrze5adp4wztxfyasj0jwn2e7nedgyf3z30q9ak2pavrxrjmngmqb6enntcsvjckt08jv9cwrch9x18gf1sdg23w959xsryyea12k69qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClb3xPB0mYqesGMiBjuwP1Jq4kAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCyEd2fQYusj7gAgCoAwGqBPoBT9DkRRAiKAARMhkQZxnq9HcEBP3rd5WwM3wECA8YwAWniOlFOCA9JYNLWbk01HEqu4QmW98Ran7sTpcbtfWQeuP6X85FD9Y6VvkXxY9eMOkcWtLJvJXUC23ZPm_zJYRjVJochlIiLoHLlnszXG7CtYMSPXgUOLGwUaddr3vO-nQXawB-g7n0-dwC7jCq55yFl5J4bAUA7AmpYhKaW2TJOReJGYGShQRTzxzYf0lPOgcm30yCJQIpvAUg18BlLc2KtPXt7TrzIUVOuldWXRU8cOgx5WJwjLDNjWjRnK4Dl6oFVEF85MfScurtoKjt012LB88sk2qJa_rAiOAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3AhqbN47f59Tq4VlYF_7tJrHSsqw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bbac18d33c3b76898e24031512a0be1effe32f0bc8220ffa59009f729130073

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=/wJR9g==, md5=6jFqIy9iehknhXquzpbwlA==
date: Mon, 07 Mar 2022 14:57:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 138094
cf-polished: origFmt=png, origSize=230406
x-guploader-uploadid: ADPycds4KMC-oCdNF_6kKgektr7H9XUFrA6wifYKDyNc6-1jG1S1ZD9IuUDnYw04gR9_AXQ46-WvXX2Z2IfnVxAXmxfcFEkxPg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 141096
last-modified: Fri, 18 Sep 2020 09:15:08 GMT
server: cloudflare
etag: "ea316a232f627a1927857aaece96f094"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KArCsirB0WXa7rWGlvMGnzjQ24r7FdrYk85uNLE4XWFnaTTdFxDgo16ekiBqmCybtKiAC%2BhcKPjhGSCohBmc%2BLFtVCl%2BdeigIe2BCjfNF1v6dOf9ZwurM1EVB1bdfb4B%2BjNO2XQmmoPg9j%2FW"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600420508755813
content-type: image/webp
expires: Tue, 08 Mar 2022 14:57:01 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 230406
accept-ranges: bytes
cf-ray: 6e842e5fea499052-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 88D9 35 KB
14 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 14:17:22 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0653 42 B
64 B 51ms
51ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscX7ioDzSP4Xtol8x5Ahq7IW4U42pRXmkStlZVwFihlytGyyIcZIm2ZaZTLMPibNsW80pZlo2ZXmYVXtIJxnjf0fNB2RxAB4zmxDzp97ZnLaXsIsFmig&sai=AMfl-YSDSD5U23oA_DnTdl6__7iYM5aQ9QPICYqBiPmX-9jE7VsT_maLIizkEa8g5B7IxbdmeXoTeZDlrfWArZvwSaMo422ZY-zrz_RUdkqqyPbj9n_TlvR6re-u-bw0DzI&sig=Cg0ArKJSzKEmqCnUnatsEAE&id=ampim&o=294,507&d=728,200&ss=1600,1200&bs=1600,1200&mcvt=1022&mtos=0,0,1022,1022,1022&tos=0,0,1022,0,0&tfs=393&tls=1415&g=100&h=100&tt=1415&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=471609500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 39F9 0
0 70ms
69ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030101&jk=1567783009156909&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F401 0
0 69ms
69ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030101&jk=1838896244044700&rc=null
Requested by: Host: nets4.com
URL: https://nets4.com/domain/evilmark.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 6C2E 35 KB
14 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 14:17:22 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AED5 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030201&jk=462823231518315&bg=!XV6lXhrNAAb7UztL-1M7ACkAdvg8WtrbvLyD89Fj-VrT2lQDl59Fv0tC-O5sJTD3RuLj6OnIb9cdRAIAAACfUgAAAAJoAQcKAGmYXrE4C0thmprq9Iqz4KmZ9lDHylePQ4yqg6_PdXt8jMBLwFz7bZtwlOgdsvBVkQp3xLh-AzDrSQwEXWf0vq1nbeb2a34H7NRDhNlrZELMAeR8_dKHm22H2q-_eBkNjYwkneRdhR_f5m6ZAr8UQ08CDBF4uFJ1CEzt_K1Ffgras8lJ4cROdS06R-0G6qVFcGyu6Cf26cIf2ucu9xjBUh58EjrrFTvP5jD5pJ2UsqWs0XiyqIk4BfjJMO2ClTqktM8L4yvYH2vYqT1vLMvhiStbbkJJi7093HR_gn5Tw87T3pX90pXubUwQXs0DdK6pI67h7jRGc_Kw0iHdHxRiEvZxIJkH-XJZe9XaHOX49ww397Oqdx7M-vdlVNPhffeXKOkaeF2YHLTQaVeJNfbgTMFTNLb6v2XOLwaCI3KPnEofuNdqdCcN4i36ArpawQCaIJlWemnnsXV_C5FaUfLUvbTQ-6uNrbdp0xqNTWAJIwrrUMj9VadntkQ0O9gIGoB7eJZz8mJ-Ur8rGPm7hlDnVEPUXp7i89XwZVI7rO52d3fJOeNtFqXOACV1620t4JRu_g5F7h1uy4t-aVLrLs0k-zWYXavKuATtZEhPWuD8ssUv2TCH9E0pIuR7qEdG2egfwdvdIshQodwMDUBTnrSnRQDfItjvDgLVquD1KMA4GFjAUjMsSmgR5FfRkQSvhtvlT9s4T4NlnQvq-69nqU-7cbb_2iaCduUHT52YSz9z4eM3KMXYNzVaAQCJtRL0Sm0rT5s7TrVLrtXoI1UXoqfwXfoz1VsoELikSqQK6OHOYmmv6sT5KH1OtKbiGek6ivL6vcHJJ8hvGgogQeU7M4UtuYTbRonpjx2u3GSAJkWIJdGhAhGymLlej8l_e_OxDIedU6575rWsDdICWYzNZWBiLRUxZJV5CEPOVKHonad4uYPs3YkwDIWYv1uFRCBl8CVcY1-DBQh8vpD0qybNrAl_mRmFKB8cwuFXxF1ETrf5ehACKkaU5TOFkL39l-sa3rjSSU-TiaS085ImA8-4K58QuHc2ZHz-7Vi_vCIxeNvmS4Vp7OV8yimUUyR721WC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame E52A
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJG3RLLlpC3LH4xDGgi6ugo&google_cver=1&google_push=AYg5qPIixRCdLvTanflo2HKSEs8GjYa1uIj3AK554AUElr95LyrcYuMYtVXJE92CKJvppv7jXdfzOx7kFvo6-kWZucefOnWmzYc
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzU5NDE0OTUyMDExMTMzMTM3OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJG3RLLlpC3LH4xDGgi6ugo&google_cver=1

43 B
398 B

28ms
22ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJG3RLLlpC3LH4xDGgi6ugo&google_cver=1
Requested by: Host: 1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com
URL: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:01 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJG3RLLlpC3LH4xDGgi6ugo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame E52A 35 B
464 B 65ms
19ms Image
image/gif 2620:116:800d:21:3175:5196:e3fd:8c1d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED3gP6wxMmMrY3sO_HpNH7U&google_cver=1&google_push=AYg5qPJ2mJ-AYCnIChdlc8YBbCf6X9ZRk2AmWccxS731E8XMdnORrgbbaAxLBFLDAaArkJwfKB9i7DUMQ1ig_V1nXO_5Z7-yolM

Requested by

Host: 1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com
URL: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:01 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E52A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBdBvHC1fciVnQODIB-miR4&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBdBvHC1fciVnQODIB-miR4&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YVlqcVBuRkgxTnJlTmY1&google_gid=CAESEBdBvHC1fciVnQODIB-miR4&google_cver=1&google_push=AYg5qPIlpyQ8nHg3KbpVknXOGRdK3_Z3IAx4h0iqwoy0-7X...

170 B
188 B

44ms
43ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YVlqcVBuRkgxTnJlTmY1&google_gid=CAESEBdBvHC1fciVnQODIB-miR4&google_cver=1&google_push=AYg5qPIlpyQ8nHg3KbpVknXOGRdK3_Z3IAx4h0iqwoy0-7X8q85Vc3BSxbrsATFOngCMN5Swg1Hvxd3UkxVJoc7W_X3kBbrNFg

Requested by

Host: 1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com
URL: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 14:57:01 GMT
Server: PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-04fd973f611872bb0@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YVlqcVBuRkgxTnJlTmY1&google_gid=CAESEBdBvHC1fciVnQODIB-miR4&google_cver=1&google_push=AYg5qPIlpyQ8nHg3KbpVknXOGRdK3_Z3IAx4h0iqwoy0-7X8q85Vc3BSxbrsATFOngCMN5Swg1Hvxd3UkxVJoc7W_X3kBbrNFg
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame E52A 0
173 B 66ms
23ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEByIPTW54sxNZ3Y8GIbb5y4&google_cver=1&google_push=AYg5qPIWI0jPdV7eHx-flanqqttoBBq51B7RDFmlkfD0xATVR93zI_02wNzROPISo908JGl1X-HNYmL3Z42gGoi7XhWUR1mMbnU
Requested by: Host: 1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com
URL: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 dds
rtb.openx.net/sync/ Frame E52A 43 B
351 B 67ms
25ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEGBVcANKmGRPe_2MoliHajU&google_cver=1&google_push=AYg5qPLkSJpWZBrfn3pv40uIGcDk0V8LzxQoYWRwZgA9r43_MgSAruJozYqOxeB45S3zVqbCu3itc2L5m0m9xzTSpaglwVGNw4s
Requested by: Host: 1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com
URL: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:01 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: tn3jtg9fn7apn1pjnq3liungjpdal19v

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E52A
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELzNa6GEqkXsEzXlQiuPe8Y&google_cver=1&google_push=AYg5qPJB-eQsOziyLRLpwuI-ed7IXpl2fVfQVcOUsR6SQEAEI1sSSrzD81htqUGt5mS-AVEaRgCcqqBnXwBiYniC...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJB-eQsOziyLRLpwuI-ed7IXpl2fVfQVcOUsR6SQEAEI1sSSrzD81htqUGt5mS-AVEaRgCcqqBnXwBiYniCC0FMNKxIzg

170 B
188 B

43ms
43ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJB-eQsOziyLRLpwuI-ed7IXpl2fVfQVcOUsR6SQEAEI1sSSrzD81htqUGt5mS-AVEaRgCcqqBnXwBiYniCC0FMNKxIzg

Requested by

Host: 1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com
URL: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 07 Mar 2022 14:57:01 GMT
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: ZRH50-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJB-eQsOziyLRLpwuI-ed7IXpl2fVfQVcOUsR6SQEAEI1sSSrzD81htqUGt5mS-AVEaRgCcqqBnXwBiYniCC0FMNKxIzg
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: F7sYoDOQCHwBBOvjiHjkipVKJi7XR6XBpu7hs_SPDa76iypm1202GQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E52A
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOv9QCV-9LjrQmJDvraCLNI&google_cver=1&google_push=AYg5qPIPteBe6NiOgSjFkoR7rsoS0ByaVy0mVhiHxABlFe_5Nze178Y-Vd2LpX54YMkm8xN7QTG9eoJZ1q7Z9O5KXgNbGwWEdsU
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPIPteBe6NiOgSjFkoR7rsoS0ByaVy0mVhiHxABlFe_5Nze178Y-Vd2LpX54YMkm8xN7QTG9eoJZ1q7Z9O5KXgNbGwWEdsU&googl...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTEyNDA3MzkzNzYwNjIzMjg3MDY2&google_push=AYg5qPIPteBe6NiOgSjFkoR7rsoS0ByaVy0mVhiHxABlFe_5Nze178Y-Vd2LpX54...

170 B
188 B

43ms
43ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTEyNDA3MzkzNzYwNjIzMjg3MDY2&google_push=AYg5qPIPteBe6NiOgSjFkoR7rsoS0ByaVy0mVhiHxABlFe_5Nze178Y-Vd2LpX54YMkm8xN7QTG9eoJZ1q7Z9O5KXgNbGwWEdsU

Requested by

Host: 1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com
URL: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTEyNDA3MzkzNzYwNjIzMjg3MDY2&google_push=AYg5qPIPteBe6NiOgSjFkoR7rsoS0ByaVy0mVhiHxABlFe_5Nze178Y-Vd2LpX54YMkm8xN7QTG9eoJZ1q7Z9O5KXgNbGwWEdsU
date: Mon, 07 Mar 2022 14:57:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E52A 0
12 B 25ms
24ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JoG9br-IQK8Ailqo99_Mo-OQZBpUJIWP0pddr-AUm_pPMWpMBjlY-oJrAAl8XF9iIrWQKM

Requested by

Host: 1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com
URL: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4F16 0
0 88ms
87ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CyIznPR0mYvzcCpGYrAS89Z-wA5DhgYRctqjCivACwI23ARABIABglYKAgKAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQL8am_kHjeyPuACAKgDAaoEygJP0OfM7kky6SuXECbjzDteZ_pDHK8OmK31vxon91MoESpDaqq4sqJbAdsqjozrHMXKzW6cyPlWJXpWCY2RnQ3C-d5cRfqa2TzW3w0NEaO0bcRf6Czu1qlnH5w4VbJ9wo935cbMAhHPi1Kbr1bNm0Lm2TJ39aroYySBAgIEzd2XC4Rfvyv3oc8FmvoPAlPJVNuSI307Nv0hjSYxuPN7CjSk72UIPF5Oti4Ll4wxHw3RbbsAm2Zf2RM2OicJU_zONpK3uDBRMGd6XrJTzM7rZiKs1GJeSdeL_FA5_uWYdEWr051X5Do_mmzAgG3tXTgQjsuBMFo-Hd-DqGiF6w_GAO71qdldj1hpL93jc__nmC5FtN5U4gV5EPQ-gudqCTQpk76p71JgSAw15FKNELoOlGGti1LCkNyJ9Tf42NpD9CCx98U0nix3byP--dzgBAGABr_Lica30_nRW6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU0MTMzMjk1NDQwNDA5NDcYwYx0&sigh=L9vRJIsSFeU&uach_m=[UACH]&cid=CAQSPACNIrLMYUhy6tUts7CDnqnx4WR0UHH8A37xYb6Gwoh00FopLYRiN70Eq9zp79dm5YAQnSRPWYBpltNn2hgB
Requested by: Host: nets4.com
URL: https://nets4.com/domain/evilmark.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame 4F16 0
0 25ms
25ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hhc5ntgczh304fetpkvsjdc5bnt419qgg1fv5qyfr15ar5jreg93qhnj721e20ycp6tnbrp7d2kkpg0t3jw7n461efy6gnjsafvc3wwssp06h841pgebq7nqdkqea371zcz2vw9ygnw4wr3qqxy5j1vn3dh2cbjxtnz6y0x7j3725edkafqp311979dxr6jk4n3p367rk2gfn6p1bt2f0sjccyg9b39gp4dm68chzfx7vg4m4c3w9f8k60z9381td2h6841vay8g1z38v62jhs73r0k0zak0a05rrj65vx8ws8kcqaws1j2nynhkkk1krv5jdzpabmxmv021efkxdhyvk57dxcg6we83hpy4y1t1wmwjnvz7h44xzs8x1x485gtce8gwck04yz8nb6efn8&b=YiYdPQACrnwKiwwRAAf6vDxXn_20hRn_UFHX_g
Requested by: Host: nets4.com
URL: https://nets4.com/domain/evilmark.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 07 Mar 2022 14:57:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 7115 2 KB
3 KB 65ms
63ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jf5t9q3xyybexfm3mwehcf2v7wd3mgr96ac6hst9f8nmknk5fxn09jkrhqfby1qq5870xyrwaxmbt1v6y4jrd8f6gmzde6tggtg7eyx28x61a6tq1f1vw64k18ae1q650w4f8pz3r4ycegdc1ab84d1km80fk4chf9srwnwspkrygms2bvmhhyv5vbzackzp4b4xx8hsh2kt5z9760049y920pdsyv2mbb5vk0g0rn6hddgb6wmbwz16e3m68p1k1dhhrj6w5380k1v56yamg707e57rcz0mrw7cx4ntac6dv0z4766m2r56yv6f7jpfatc13yzwcwcm5p3ze34ts9vqt8hye27pq43mqda27vaqc798bgvwzwbs94nhhyp6d8d222f4hhknc36xfmejkvymqj692ef&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZNIDPR0mYvzcCpGYrAS89Z-wA5DhgYRctqjCivACwI23ARABIABglYKAgKAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQL8am_kHjeyPuACAKgDAaoEzQJP0OfM7kky6SuXECbjzDteZ_pDHK8OmK31vxon91MoESpDaqq4sqJbAdsqjozrHMXKzW6cyPlWJXpWCY2RnQ3C-d5cRfqa2TzW3w0NEaO0bcRf6Czu1qlnH5w4VbJ9wo935cbMAhHPi1Kbr1bNm0Lm2TJ39aroYySBAgIEzd2XC4Rfvyv3oc8FmvoPAlPJVNuSI307Nv0hjSYxuPN7CjSk72UIPF5Oti4Ll4wxHw3RbbsAm2Zf2RM2OicJU_zONpK3uDBRMGd6XrJTzM7rZiKs1GJeSdeL_FA5_uWYdEWr051X5Do_mmzAgG3tXTgQjsuBMFo-Hd-DqGiF6w_GAO71qdldj1hpL93jc__nmC5FtN5U4gV5EPQ-gudqCTQpk76p71JgCg4UdoV0l_rGEyk7URtQYuWd_5ry9sKedOL4ZT2ggABvuv9huRQwMK7gBAGABr_Lica30_nRW6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oEBsv1AqsSAfWVzL4Qau7Yy3L9A%26client%3Dca-pub-5413329544040947%26adurl%3D

Requested by

Host: c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com
URL: https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b16e0ab1b42b99579073c659fea962ba72b07bd208c798d9ee1bc0e91336dce3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e842e602ab49052-FRA
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame 4F16 2 KB
1 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/window_focus_fy2019.js

Requested by

Host: c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com
URL: https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 14:56:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0156 1 KB
749 B 17ms
16ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com
URL: https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 07 Mar 2022 05:53:44 GMT
expires: Tue, 08 Mar 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 32597
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F16 124 KB
38 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com
URL: https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 14:57:01 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame 4F16 15 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com
URL: https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 14:56:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4F16 0
0 25ms
24ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR9kk-mkB9RJ5WbrPl8hxu2-GbTkieZFESTraSWQXQzLYjM8Zmh3EUafUA7fUd-EZfwCLT9O1E-bZNVlXkHYXYPhajcOQ
Requested by: Host: c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com
URL: https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4F16 22 KB
7 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com
URL: https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 14:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Mar 2023 14:03:17 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 1111 1 KB
2 KB 230ms
151ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3326481&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hyd325rb8zzcwzr3vajhrc14bd6j42e9pm9d93jfpvg306gvr6n5rnmywxb92j4bmbz50wxphzpsrrq1f6s0n9hq7yvwdqm53t2ptka00daq5k333xsfj9tczjk5efxdg6wn0xhvmn4gthqfjqhmnke020qtkt7jbc58ks9e08qba2pvkhk8s24htcf41nj4h5vb4fwwsqzwgp4taxffv3rfxyncatgvnfhv6tcvn36q2qaa9233fv4w651bhyehewff5an2a46m8pqcc9hccq8ff8adyjxcyze6gxr2bpr0c5emfzpfd20%26a%3D&clickref=oneidqGXsmf1WUE5bcZHgHDtRCMXMcPTgTq4s3oneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidY2jcrfG3fwB9SVH9HetQt1R1fAT1TK1Troneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182000%2C22451%2C43785&b=Y2jcrfG3f5BXkfVH9HetQtReGtAT1TK1Tr%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2CY2jcrfG3fwB9SVH9HetQt1R1fAT1TK1Tr&f=qGXsmf1WUJ5zAhZHgHDtRCXwgFPTgTq4s3%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CqGXsmf1WUE5bcZHgHDtRCMXMcPTgTq4s3&c=728&d=90&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=48063622d7ce825fce4247ce71f8fa38%2F13023955997220530089&i=20703%2C25174%2C27987&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021118&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmvgs7f3p6h696n5xcxkjte7s1d1x6qfwrd8xsk5hsgwj5khpe47bt3bv04kwr0bgxwj32t964x66pyaacktpsg4dk3zew8hb2hbp5hmdabs7js84bqba09s2e3194e7r3g72kv5pn974tpbd1mv9rfx192skkhnta41dqmvnfrrze5adp4wztxfyasj0jwn2e7nedgyf3z30q9ak2pavrxrjmngmqb6enntcsvjckt08jv9cwrch9x18gf1sdg23w959xsryyea12k69qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClb3xPB0mYqesGMiBjuwP1Jq4kAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCyEd2fQYusj7gAgCoAwGqBPoBT9DkRRAiKAARMhkQZxnq9HcEBP3rd5WwM3wECA8YwAWniOlFOCA9JYNLWbk01HEqu4QmW98Ran7sTpcbtfWQeuP6X85FD9Y6VvkXxY9eMOkcWtLJvJXUC23ZPm_zJYRjVJochlIiLoHLlnszXG7CtYMSPXgUOLGwUaddr3vO-nQXawB-g7n0-dwC7jCq55yFl5J4bAUA7AmpYhKaW2TJOReJGYGShQRTzxzYf0lPOgcm30yCJQIpvAUg18BlLc2KtPXt7TrzIUVOuldWXRU8cOgx5WJwjLDNjWjRnK4Dl6oFVEF85MfScurtoKjt012LB88sk2qJa_rAiOAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3AhqbN47f59Tq4VlYF_7tJrHSsqw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: afa7c59b72927d60532942129144c0d38f58ad9e955f1b485806dc02a6f3440e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 14:57:01 GMT
Last-Modified: Mon, 07 Mar 2022 14:57:01 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1464
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 4BA7 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 263bd4e22b75c26f3b632aa39d7eba5260f9ec1c4ca9e706ff5c167ddad1d189

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0156
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJG3RLLlpC3LH4xDGgi6ugo&google_cver=1&google_push=AYg5qPISscF3Y2x_0kRz3SgsMOWJy5lq8ZxsFGuENrLIQIwxIEkOQG6nRGnuapcRvIqSSkSniVbgcYWU9iJNskxMoxZUMOQKIQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzU5NDE0OTUyMDExMTMzMTM3OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJG3RLLlpC3LH4xDGgi6ugo&google_cver=1

43 B
398 B

22ms
22ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJG3RLLlpC3LH4xDGgi6ugo&google_cver=1
Requested by: Host: c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com
URL: https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:01 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJG3RLLlpC3LH4xDGgi6ugo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 0156 0
104 B 122ms
40ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOkxTplgMXaU0bmP5H5E6Go&google_cver=1&google_push=AYg5qPIgQ7dfOmhTNJV3kGGdjcjFRG7DxPNrFl84_fMiAi0fyb5c9SYvCmtBmAdmA9zle-28cEegjFh4C5-0Sz_-s6fEnf_mKeI
Requested by: Host: c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com
URL: https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:01 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0156
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEBeMVfq_6ANzAsfz1zcgRQU&google_cver=1&google_push=AYg5qPKpSetePoffY3dKjQfFB4VRCBxTTW7ske0yxyd9Fq4JlfkpRNg_mmg1wOdJC3nUtcMRpqqLvZpc4q91bGrsNWUujP-Azw
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKpSetePoffY3dKjQfFB4VRCBxTTW7ske0yxyd9Fq4JlfkpRNg_mmg1wOdJC3nUtcMRpqqLvZpc4q91bGrsNWUujP-Azw

170 B
188 B

46ms
45ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKpSetePoffY3dKjQfFB4VRCBxTTW7ske0yxyd9Fq4JlfkpRNg_mmg1wOdJC3nUtcMRpqqLvZpc4q91bGrsNWUujP-Azw

Requested by

Host: c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com
URL: https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKpSetePoffY3dKjQfFB4VRCBxTTW7ske0yxyd9Fq4JlfkpRNg_mmg1wOdJC3nUtcMRpqqLvZpc4q91bGrsNWUujP-Azw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0156
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN4SmEtQwhRmKkuHS45pFRQ&google_cver=1&google_push=AYg5qPK6T75jVQW83MsGYiBVoOM2w9I1dH2MvKOYNJ9OKOQE8mXZbwhSKyN-WmtjmBuyQ2NbR0t648i9...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc5MjIyMzA3OTA1OTk4MzAwMw&google_push=AYg5qPK6T75jVQW83MsGYiBVoOM2w9I1dH2MvKOYNJ9OKOQE8mXZbwhSKyN-WmtjmBuyQ2NbR0t648...

170 B
188 B

44ms
43ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc5MjIyMzA3OTA1OTk4MzAwMw&google_push=AYg5qPK6T75jVQW83MsGYiBVoOM2w9I1dH2MvKOYNJ9OKOQE8mXZbwhSKyN-WmtjmBuyQ2NbR0t648i91iF4I4E0-LP6alt-BKo

Requested by

Host: c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com
URL: https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:01 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc5MjIyMzA3OTA1OTk4MzAwMw&google_push=AYg5qPK6T75jVQW83MsGYiBVoOM2w9I1dH2MvKOYNJ9OKOQE8mXZbwhSKyN-WmtjmBuyQ2NbR0t648i91iF4I4E0-LP6alt-BKo
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET

pixel
cm.g.doubleclick.net/ Frame 0156
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESECHelNNTX_o2Hzky_fAFhAA&google_cver=1&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-NqAFu3...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESECHelNNTX_o2Hzky_fAFhAA&google_cver=1&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0156
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIKDJU70-ndkZBHbjHoUKiE&google_cver=1&google_push=AYg5qPK0IodjAAXkQb1Qfnvb6mDTWnV41856Ow6TaNUB8q2ijx24DhBw3JpKMZutE5loo6dQHm...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1NdUNjZEMxRTJ1R2FKVGFVaHRjV1FNcHRfNUszampqX35B&google_push=AYg5qPK0IodjAAXkQb1Qfnvb6mDTWnV41856Ow6TaNUB8q2ijx24DhBw3...

170 B
188 B

48ms
46ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1NdUNjZEMxRTJ1R2FKVGFVaHRjV1FNcHRfNUszampqX35B&google_push=AYg5qPK0IodjAAXkQb1Qfnvb6mDTWnV41856Ow6TaNUB8q2ijx24DhBw3JpKMZutE5loo6dQHmizvF5p2O7-kGnEX-OJMqrHVlMu

Requested by

Host: c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com
URL: https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1NdUNjZEMxRTJ1R2FKVGFVaHRjV1FNcHRfNUszampqX35B&google_push=AYg5qPK0IodjAAXkQb1Qfnvb6mDTWnV41856Ow6TaNUB8q2ijx24DhBw3JpKMZutE5loo6dQHmizvF5p2O7-kGnEX-OJMqrHVlMu
date: Mon, 07 Mar 2022 14:57:01 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0156 0
12 B 24ms
23ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KXhFNMReNXPLQAQuWXoAkdeakn3h-SDRLZ7YPqzURK2-v9nFUupAbkXY_Ia2UFWlo

Requested by

Host: c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com
URL: https://c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 7115 81 KB
11 KB 30ms
29ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jf5t9q3xyybexfm3mwehcf2v7wd3mgr96ac6hst9f8nmknk5fxn09jkrhqfby1qq5870xyrwaxmbt1v6y4jrd8f6gmzde6tggtg7eyx28x61a6tq1f1vw64k18ae1q650w4f8pz3r4ycegdc1ab84d1km80fk4chf9srwnwspkrygms2bvmhhyv5vbzackzp4b4xx8hsh2kt5z9760049y920pdsyv2mbb5vk0g0rn6hddgb6wmbwz16e3m68p1k1dhhrj6w5380k1v56yamg707e57rcz0mrw7cx4ntac6dv0z4766m2r56yv6f7jpfatc13yzwcwcm5p3ze34ts9vqt8hye27pq43mqda27vaqc798bgvwzwbs94nhhyp6d8d222f4hhknc36xfmejkvymqj692ef&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZNIDPR0mYvzcCpGYrAS89Z-wA5DhgYRctqjCivACwI23ARABIABglYKAgKAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQL8am_kHjeyPuACAKgDAaoEzQJP0OfM7kky6SuXECbjzDteZ_pDHK8OmK31vxon91MoESpDaqq4sqJbAdsqjozrHMXKzW6cyPlWJXpWCY2RnQ3C-d5cRfqa2TzW3w0NEaO0bcRf6Czu1qlnH5w4VbJ9wo935cbMAhHPi1Kbr1bNm0Lm2TJ39aroYySBAgIEzd2XC4Rfvyv3oc8FmvoPAlPJVNuSI307Nv0hjSYxuPN7CjSk72UIPF5Oti4Ll4wxHw3RbbsAm2Zf2RM2OicJU_zONpK3uDBRMGd6XrJTzM7rZiKs1GJeSdeL_FA5_uWYdEWr051X5Do_mmzAgG3tXTgQjsuBMFo-Hd-DqGiF6w_GAO71qdldj1hpL93jc__nmC5FtN5U4gV5EPQ-gudqCTQpk76p71JgCg4UdoV0l_rGEyk7URtQYuWd_5ry9sKedOL4ZT2ggABvuv9huRQwMK7gBAGABr_Lica30_nRW6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oEBsv1AqsSAfWVzL4Qau7Yy3L9A%26client%3Dca-pub-5413329544040947%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jf5t9q3xyybexfm3mwehcf2v7wd3mgr96ac6hst9f8nmknk5fxn09jkrhqfby1qq5870xyrwaxmbt1v6y4jrd8f6gmzde6tggtg7eyx28x61a6tq1f1vw64k18ae1q650w4f8pz3r4ycegdc1ab84d1km80fk4chf9srwnwspkrygms2bvmhhyv5vbzackzp4b4xx8hsh2kt5z9760049y920pdsyv2mbb5vk0g0rn6hddgb6wmbwz16e3m68p1k1dhhrj6w5380k1v56yamg707e57rcz0mrw7cx4ntac6dv0z4766m2r56yv6f7jpfatc13yzwcwcm5p3ze34ts9vqt8hye27pq43mqda27vaqc798bgvwzwbs94nhhyp6d8d222f4hhknc36xfmejkvymqj692ef&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZNIDPR0mYvzcCpGYrAS89Z-wA5DhgYRctqjCivACwI23ARABIABglYKAgKAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQL8am_kHjeyPuACAKgDAaoEzQJP0OfM7kky6SuXECbjzDteZ_pDHK8OmK31vxon91MoESpDaqq4sqJbAdsqjozrHMXKzW6cyPlWJXpWCY2RnQ3C-d5cRfqa2TzW3w0NEaO0bcRf6Czu1qlnH5w4VbJ9wo935cbMAhHPi1Kbr1bNm0Lm2TJ39aroYySBAgIEzd2XC4Rfvyv3oc8FmvoPAlPJVNuSI307Nv0hjSYxuPN7CjSk72UIPF5Oti4Ll4wxHw3RbbsAm2Zf2RM2OicJU_zONpK3uDBRMGd6XrJTzM7rZiKs1GJeSdeL_FA5_uWYdEWr051X5Do_mmzAgG3tXTgQjsuBMFo-Hd-DqGiF6w_GAO71qdldj1hpL93jc__nmC5FtN5U4gV5EPQ-gudqCTQpk76p71JgCg4UdoV0l_rGEyk7URtQYuWd_5ry9sKedOL4ZT2ggABvuv9huRQwMK7gBAGABr_Lica30_nRW6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oEBsv1AqsSAfWVzL4Qau7Yy3L9A%26client%3Dca-pub-5413329544040947%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1141624
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Tue, 22 Feb 2022 09:49:57 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6e842e613c929052-FRA
cf-bgj: minify

GET
H3 200 fxpcopuw.js Show response
ad4m.at/ Frame 7115 36 KB
13 KB 34ms
32ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jf5t9q3xyybexfm3mwehcf2v7wd3mgr96ac6hst9f8nmknk5fxn09jkrhqfby1qq5870xyrwaxmbt1v6y4jrd8f6gmzde6tggtg7eyx28x61a6tq1f1vw64k18ae1q650w4f8pz3r4ycegdc1ab84d1km80fk4chf9srwnwspkrygms2bvmhhyv5vbzackzp4b4xx8hsh2kt5z9760049y920pdsyv2mbb5vk0g0rn6hddgb6wmbwz16e3m68p1k1dhhrj6w5380k1v56yamg707e57rcz0mrw7cx4ntac6dv0z4766m2r56yv6f7jpfatc13yzwcwcm5p3ze34ts9vqt8hye27pq43mqda27vaqc798bgvwzwbs94nhhyp6d8d222f4hhknc36xfmejkvymqj692ef&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZNIDPR0mYvzcCpGYrAS89Z-wA5DhgYRctqjCivACwI23ARABIABglYKAgKAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQL8am_kHjeyPuACAKgDAaoEzQJP0OfM7kky6SuXECbjzDteZ_pDHK8OmK31vxon91MoESpDaqq4sqJbAdsqjozrHMXKzW6cyPlWJXpWCY2RnQ3C-d5cRfqa2TzW3w0NEaO0bcRf6Czu1qlnH5w4VbJ9wo935cbMAhHPi1Kbr1bNm0Lm2TJ39aroYySBAgIEzd2XC4Rfvyv3oc8FmvoPAlPJVNuSI307Nv0hjSYxuPN7CjSk72UIPF5Oti4Ll4wxHw3RbbsAm2Zf2RM2OicJU_zONpK3uDBRMGd6XrJTzM7rZiKs1GJeSdeL_FA5_uWYdEWr051X5Do_mmzAgG3tXTgQjsuBMFo-Hd-DqGiF6w_GAO71qdldj1hpL93jc__nmC5FtN5U4gV5EPQ-gudqCTQpk76p71JgCg4UdoV0l_rGEyk7URtQYuWd_5ry9sKedOL4ZT2ggABvuv9huRQwMK7gBAGABr_Lica30_nRW6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oEBsv1AqsSAfWVzL4Qau7Yy3L9A%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f814ae53e4e56ab50d90620668b86e9ecbdcebb5c09d0388bfc11382f6343b35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=R9R6+A==, md5=bUQJC2AXaq9KF8thwT+19A==
date: Mon, 07 Mar 2022 14:57:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18398
x-guploader-uploadid: ADPycdvOmVOFqA25S1hYMa0U3F_PaeKK0Tt6C4ErmdJOcbbT1Rk3VqdQKMkjNnpH7PKMc8nJENRYhk2UmuL3PxLT1A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 26 Jan 2022 09:49:04 GMT
server: cloudflare
etag: W/"6d44090b60176aaf4a17cb61c13fb5f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vrJxNcw%2FkW86WeJKB3SHYRPzpzQ9h7S%2BzdJc9Rpe9uCc0jgJcVXQTYjz%2FMsmmQLc1Lj139Qr2htDngeMIW54a%2FrDstkIHYsBBGmLrEKtgwyngQZbDTpnlEzUMxgNe3DUDsq4dk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1643190544814630
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11906
cf-ray: 6e842e613c959052-FRA
expires: Mon, 07 Mar 2022 09:50:23 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame AE50 2 KB
1 KB 22ms
22ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YiYdPQAAzVQKiwaPAA4oIqV6rzSAfh048nMODg&u=%7C8CscHVVsa7Q%2Ffg5Cyj9EWtaW50PDvovk7UN4J5xI5kE%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV2JtZM_Ei5tSPQXcRS1ssTUS_8xvR11yLNH_ueoquGVVe1eYPGXpdJNZAJReCsFY2B_RfUvewNsUWM4sSqFS0Wx1VleLF67T2VhutK8V4JXox3K-8F5JQ_obQqb--WlNOEx9GCFruAjSXEpNPYj8mfYn4a8WIgcphGbm_oEvg4n4jDCrYr7eY-ZMMk_R8-0aAFq7VR8qpm66qqTaBYqKPbwbSzNz-tFr3_awpoUCzg-9sN37_9xzeaqj3hzhYQJMfVoG6jaVGVKTLDisbBBHDWJZdhFQhc-ufOP4Ft3AHlFasQWTCXqWTxo4bqm2asVDxfyAAMgiRIAcc-KbacX4T5QV7BkRJJ6cMy3lFS7KRWOaIN2HYcGl0XJjSylYqMWjOp0loxPvCcHltx_dYcA6wGndQRt4thUpzeYbbH4zkUPcFTbDdddiPdw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_WWpPR0mYtSaA4-NrASi0Lj4CMme0rFc1Z2R93DAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKAB1bbS6gPIAQmpAvxqb-QeN7I-4AIAqAMBqgT8AU_QsoZfvjyRYGxXToWqCuZ8pcT2Hps_mi0uFg07ClD8yNpzVqjH_UXG5rqh5AIMl39ZtRP8SWFo-XNdAIcVXXT5f-Wn3mBp_nSf0ysUeMJTGdVzP2Ts-tTNhjEVfqB9mOrXnhFN4KiqLEvI_tEr_x92_W301IyRqNJBRwruruV1lBcm616R2ghLffkZkwt1gteUaFQ9Dk3WzFOtsKztridPRmWrQuGArTu1J98xIMquwQ0so0Idf8bcUQjin6-aC6rjopy93tWc1vLHwXKitAf8Ty5dOK2SjqVVuj2fzhsWgv5tEHB3E6DJSc5OpTA3_MTQ_xi5Qy4kBpQYCOAEAYAGpfyj5rOD5JY7oAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2J76TmTLO87xJ9Trn7D4Eg7KdmtA%26client%3Dca-pub-4903453974745530%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Mar 2023 14:57:01 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame AE50 2 KB
1 KB 23ms
23ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Mar 2023 14:57:01 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame AE50 308 B
636 B 30ms
28ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 02 Mar 2023 14:57:01 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame AE50 507 B
835 B 25ms
23ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Thu, 02 Mar 2023 14:57:01 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame AE50 43 B
347 B 27ms
26ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=pjxnDVSAA-cFCRk7JJBu3zPH7o4i8GulTJaTidwPs_D5EvSvmeE-TVU3lrZXLU8i8UvxZWB0eouW9TxoG-ozedQhoa7vJQMPKvVOTORHBokdi1RXOy5EkWIuKmnBhlP4kf-OFY0-bA0zHl2TiceN0F_Z_e_vvskh6likvucZ0T9CD8tNpzKdr4pQop92tpoJUH0-hjnEoFj-R8ZZlkTZBtauVl9WYMexy6JjFPwopYZtqdeUx4HqyK4feLkJnbV7Vx-kxFAuP6XgMn5RWyJ31-HCfBWdMS62bvx7ZZTG_pLIWsxqXIk9azwj40XO4hdXbyihI3tgrCC9-QpRlEVhHkUNDmOU4M_YEt9gKWcCt2Mn8hPk_vZ1SAIuFq3qNSpbX_nfyYS59iUjP-iJrjdYPW6PeqQwn5DayklBgxI9_ae2HxdxLvQPtKaunkHYi2UX1r2URA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:01 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2333176
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 1095 51 KB
51 KB 108ms
32ms Script
application/javascript 13.224.89.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247651&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j7eq37ze2b7kcw2ptv1fch0dsbxr50ysj2pnxvjpn68nzb612hxf29vvnhcbvvc0jp5tfbq1q38bybn71bj9ryz2wqbft4034yvgs45z8pp28kk144rw0k5e8cskj3vrp2ddstt13m4dqf8nr7z7717nwnrdragg4ezry9xegfk8pykyr0x2h39cf1h3k9p92gcvxjm36dts4w5609wnhek1vjegcgh6h8yevy22c357eatf08tckp38jecda2a9j96n01bwavnzn292nxdc7e1mqaz7wgsdjzevhfs8p3zg1cqsm6b7sr%26a%3D&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-12.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 36245
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 07 Mar 2022 04:52:58 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: 26DFcV5cmha0IZquP3H2TO63dB_Z9Dn3Iy9_UtU1_U1rLur-Gluohg==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 1095 5 KB
6 KB 128ms
44ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidzgQJHRfYf781fpHBHMtqtgVbtVSZtg36SWoneid__asuidywrfeEj1EVfFAaNklnN3-bwyHQ-s5dZRasuid__adalliance_advancedad_728x90&wglinkid=3247651
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19483%2C166402%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CbwqTQfYZs5K2bfYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=c61270540eccc2c9e1f0ad9fc0999eb0%2F9829051920461254654&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021045&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1htch1jkmrxdwj6jhydj7srqv63vf0fbcskktmzzdpz57hms4x1xypw9q7kh1zc9s2cm41w3xak798be2234q78162yvbfjydzwdw0zkbn12hevjhwaxd9dm7hgpen7b9yzery71g1prm7kfa2vw2yv4xjqy62k82kanf6xsj376rmwfvc8erjefp3wp3xss31q7wketp4tx6m4xs42sjg4fscd89rsaxja345zvvnpf46drmssasmmb7hcxvc9t1v54gbc27yadxzgcrktg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVNw-Ox0mYuaOPMT83wPujJ04kOGBhFy2qMKK8ALAjbcBEAEgAGCVgoCAoAeCARdjYS1wdWItNDkwMzQ1Mzk3NDc0NTUzMKABwq7o3QPIAQmpAshHdn0GLrI-4AIAqAMBqgT7AU_QbUDRO4Vehpl_JthkOSpowpg8dMNC3WpYnGprykq2z-wsdZicLJtx6-ZT5UPksptq-bfIoXLtQuP_31mmNZ2JlfWwJHSioZsGeHDonXJ3n3k4rTkFOxwv6IWZwJTL43RMRzqAPt0Bm9V6AjjHan5uHI-s0LtkLef-jQ17jFlcJRpPWUugJvB1tlsR9Gshf_kNKwbS1VZMR4VPDcXWRBRSPWZaxkRBWmQ2gALS3XhNObPuMkTw96wTrpzFPZPD5IskyLK4C-EAvfTs-hG_Fxr1bIh0r0xguTUf49Ao_vgHzodrLzIHVZAOjfIpRbE3QabRi5_Ii0U7fzm24AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzb6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3iltjcZ37znudFHI4p-4f7Tg1uTQ%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: d5d02a818edad774ea1d79f1ca4bf972a9d5f6b4dfa5c757f578145be90a0f23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 14:57:01 GMT
Last-Modified: Mon, 07 Mar 2022 14:57:01 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Content-Length: 5257
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 4F16 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97bcfb70181eee261bad37ebddf14130d2b1c6fa0b6af6f5e8e65158d2e360b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame AE50 12 KB
6 KB 28ms
27ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Mar 2023 14:57:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame AE50 29 KB
29 KB 34ms
34ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=76&m=0&partner=87447&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F87447%2F211224%2F3ccc5ab91e8347b5b96defaed8d5ca0e_naturtreu-logo-neu-fuer-header_175591c4-1c90-4e89-9c39-5bb9833e2de7_360x-2x.png&v=3&w=596&s=IJ9WchMccN7-Svoe6xwkAdEy

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8ec08f505d56561c0d567f0f0f70cc07c7bea91516f6b4272d94181621681c69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30802088
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 29209
expires: Mon, 27 Feb 2023 03:05:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame AE50 28 KB
28 KB 30ms
29ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=87447&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0185%2F9905%2F1364%2Fproducts%2FNaturtreu_Wechselwunder_Yamswurzel-Komplex_vegan_Titelbild.jpg%3Fv%3D1645104643&v=3&w=400&s=royKNnFNVt9Ga9qBWJ6kMiM6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

799cada1d1d8ae72cba81c3b2d192ffa233716a7ae9efa0da4b68c2edef5aeb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30054211
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 28754
expires: Sat, 18 Feb 2023 11:20:33 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame AE50 22 KB
23 KB 30ms
30ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=87447&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0185%2F9905%2F1364%2Fproducts%2FMockUp-Set_Druesenschild_01_1.jpg%3Fv%3D1641897396&v=3&w=400&s=xmcujgO7a2OyWSyMb6gKrcEP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

25c3fa13fbe0829b70a3791712f170560d1169b7eb8db17d114ef3072940b283

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29546535
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 23006
expires: Sun, 12 Feb 2023 14:19:16 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame AE50 22 KB
22 KB 33ms
33ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=87447&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0185%2F9905%2F1364%2Fproducts%2FFlammengarde_01_1.jpg%3Fv%3D1645192958&v=3&w=400&s=yotgn3r4Z0OT1SqlWvC4XBC4&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ef56f134b679906602abb496159b39087f8901fea7ea9d2ab8a408ab8ff7862f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30226938
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 22648
expires: Mon, 20 Feb 2023 11:19:20 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame AE50 0
127 B 30ms
30ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=8isW94olLF3Qt7ARyiiW818enn5fLEMQ73x6mu9-9hkF9EsUpmhtRo7YSF6b9OwHe4Xb9JIVf9R5Jh0-utk2UtEa7mGHhQFD9Afo03Z4rYZanTDc3gjCAii5SBn3bnE8B_Fq4GbsgVcqxJLLwWGcXft4ktT6xgJTQOMWgcdLFB8AK18Kr6vCit3esG3u5GTAQ7UztNwjpR6o0cWqBuWcKKFwuHeIA9Tu7RGZywmviIEw5rTyXLYgwlxmmQhqqg9lLJ_AiQ&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 07 Mar 2022 14:57:01 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame AE50 2 KB
1 KB 27ms
27ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Mar 2023 14:57:01 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame AE50 2 KB
1 KB 26ms
26ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Mar 2023 14:57:01 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 88D9 0
9 B 15ms
15ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Bjdlhg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 204 collect Show response
k.clarity.ms/ 0
48 B 211ms
211ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: k.clarity.ms
URL: https://k.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://nets4.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://nets4.com
date: Mon, 07 Mar 2022 14:57:01 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 7115 3 KB
4 KB 26ms
25ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Mon, 07 Mar 2022 14:57:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3569303
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQ2XLvOh%2FXCAN7%2BTu%2Bpc7ZtsMR1ClW3DG3Ii1PqkLYepSP7Rdw%2BhnB1Y9P9%2FQf33lqq%2FxObotHU9q5Wjy7Dh0m%2BVe%2Fmn8gqlEFhIu4DiAp%2BQsvwarNW%2BnZCDIwmqAePfh4Ra%2Fw46iw8RVR4cWlsT49yi"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6e842e621ec49b46-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 1111 51 KB
51 KB 26ms
25ms Script
application/javascript 13.224.89.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3326481&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hyd325rb8zzcwzr3vajhrc14bd6j42e9pm9d93jfpvg306gvr6n5rnmywxb92j4bmbz50wxphzpsrrq1f6s0n9hq7yvwdqm53t2ptka00daq5k333xsfj9tczjk5efxdg6wn0xhvmn4gthqfjqhmnke020qtkt7jbc58ks9e08qba2pvkhk8s24htcf41nj4h5vb4fwwsqzwgp4taxffv3rfxyncatgvnfhv6tcvn36q2qaa9233fv4w651bhyehewff5an2a46m8pqcc9hccq8ff8adyjxcyze6gxr2bpr0c5emfzpfd20%26a%3D&clickref=oneidqGXsmf1WUE5bcZHgHDtRCMXMcPTgTq4s3oneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidY2jcrfG3fwB9SVH9HetQt1R1fAT1TK1Troneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-12.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 36245
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 07 Mar 2022 04:52:58 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: MW5rq2wiDLbghPpUBuoUqvw5OTnG_ABWw8qbb_z_MxppKh6R0s1GXA==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 1111 46 KB
47 KB 119ms
43ms Image
image/jpeg 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidY2jcrfG3fwB9SVH9HetQt1R1fAT1TK1Troneid__asuid7yEvyuODTEDc3Lm1ZO3d_WzGBtFhboJIasuid__suite_Netmix_Reach43_TopRotaMonth&wglinkid=3326481
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182000%2C22451%2C43785&b=Y2jcrfG3f5BXkfVH9HetQtReGtAT1TK1Tr%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2CY2jcrfG3fwB9SVH9HetQt1R1fAT1TK1Tr&f=qGXsmf1WUJ5zAhZHgHDtRCXwgFPTgTq4s3%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CqGXsmf1WUE5bcZHgHDtRCMXMcPTgTq4s3&c=728&d=90&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=48063622d7ce825fce4247ce71f8fa38%2F13023955997220530089&i=20703%2C25174%2C27987&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1646665021118&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gmvgs7f3p6h696n5xcxkjte7s1d1x6qfwrd8xsk5hsgwj5khpe47bt3bv04kwr0bgxwj32t964x66pyaacktpsg4dk3zew8hb2hbp5hmdabs7js84bqba09s2e3194e7r3g72kv5pn974tpbd1mv9rfx192skkhnta41dqmvnfrrze5adp4wztxfyasj0jwn2e7nedgyf3z30q9ak2pavrxrjmngmqb6enntcsvjckt08jv9cwrch9x18gf1sdg23w959xsryyea12k69qg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DClb3xPB0mYqesGMiBjuwP1Jq4kAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCyEd2fQYusj7gAgCoAwGqBPoBT9DkRRAiKAARMhkQZxnq9HcEBP3rd5WwM3wECA8YwAWniOlFOCA9JYNLWbk01HEqu4QmW98Ran7sTpcbtfWQeuP6X85FD9Y6VvkXxY9eMOkcWtLJvJXUC23ZPm_zJYRjVJochlIiLoHLlnszXG7CtYMSPXgUOLGwUaddr3vO-nQXawB-g7n0-dwC7jCq55yFl5J4bAUA7AmpYhKaW2TJOReJGYGShQRTzxzYf0lPOgcm30yCJQIpvAUg18BlLc2KtPXt7TrzIUVOuldWXRU8cOgx5WJwjLDNjWjRnK4Dl6oFVEF85MfScurtoKjt012LB88sk2qJa_rAiOAEAYAGo-Ho6_ns5Nf3AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3AhqbN47f59Tq4VlYF_7tJrHSsqw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 70ae853142e138bb30d5817f6dfcdd2ce14708f4da3e1f40ddaf4c7180f84546

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 14:57:01 GMT
Last-Modified: Mon, 07 Mar 2022 14:57:01 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/jpeg
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame FB92 2 KB
2 KB 24ms
23ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdugBLBP-Vwd2B9WHPfqz7wLElCJPL4RDx_q8DQF8SE2-ZYKEh4d8NJI0q3TqTXs-Lt8QdoPKRS3lY5o3ig520BPzOfHoA
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
expires: Mon, 07 Mar 2022 15:57:01 GMT
cache-control: public, max-age=3600
last-modified: Wed, 06 May 2020 15:09:30 GMT
age: 891823
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ftzd9affKB74n5AvacyrP0Dz5vLrSpenruTE8SkfdmD0i%2FnW7PKZ%2FV%2BA9DZr816NS1mnQUoAye90VwwonFi%2FhpdITD8Z8Y19dIbqjy5lTFeZKvcZsvu%2BX75%2BsRnQ%2B77NpgRAISw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6e842e623ea69052-FRA
content-encoding: br

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6C2E 0
9 B 15ms
15ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QXSX9g
Requested by: Host: nets4.com
URL: https://nets4.com/domain/evilmark.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 200 rs Show response
ad4m.at/ Frame 7115 2 KB
2 KB 79ms
79ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9ab631fa5ba69e94f330e3d5bf08e2273d8c598b39afa0e32c4f37dccc23e99

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6e842e62e9f99174-FRA
date: Mon, 07 Mar 2022 14:57:01 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Vu4dPk7Fk4XcT9yO6C8VH2wTmLZd5sd0ucwnGjvnhzIym2AAB%2BF9R6lsPPBj1bmMYeL%2FtGWP%2BazlFxQcpCmV71sSnJgB98pkZRIgatMuXug9Jyu2gdLlLkh7g66gsmlKUekOtg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-bjhb

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 55ms
54ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-bjhb
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CsJXbWSaWXdxZ2me1GbUqL7zfL20BkfZF7YpbNGMVhk%2BIF9VnMiGWAyax6QejsHwo%2BwyrmJFrFGTTRjKYwByyqbRA08chndVN4LkMWiL1c93%2BwV3VHJIEZB2lHViTb9SKdvC0es%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e842e6289019174-FRA

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 5FDE 6 KB
4 KB 30ms
30ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C15255%2C823&b=XxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2CXxVfzfrf3bf6H4HetqtMGQtQSkTXKPfJ&f=e7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2C62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Ce7RC3fVfYpcjHZHet2CbrzUwSQTx8Ja1&c=728&d=90&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=d22730ed93be70b2754da1c6fe28122b%2F3581078912661162303&i=25007%2C25174%2C9719&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1646665021955&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jg6nkbevx295n869432ttxq6nkeasf4bvgkctbyzt39k0bdezmfnj73fhvavkg730hkfz4spd8812b9ngnnjfye86e42fswpe5hv5nx53r5x1r4t6zzzyaz3x9eke8vyadqxxqtbf2d8efk5pnhw3z5ybxy3kx4tq511n6243y8xzxefmj7v070erkh7a86k1bz8p4vs879rc7yaxhgzvrt3cbcdg4zeasvas76r82r4d41wsrs03f045727rppq3s8p5ysp4f3g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZNIDPR0mYvzcCpGYrAS89Z-wA5DhgYRctqjCivACwI23ARABIABglYKAgKAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQL8am_kHjeyPuACAKgDAaoEzQJP0OfM7kky6SuXECbjzDteZ_pDHK8OmK31vxon91MoESpDaqq4sqJbAdsqjozrHMXKzW6cyPlWJXpWCY2RnQ3C-d5cRfqa2TzW3w0NEaO0bcRf6Czu1qlnH5w4VbJ9wo935cbMAhHPi1Kbr1bNm0Lm2TJ39aroYySBAgIEzd2XC4Rfvyv3oc8FmvoPAlPJVNuSI307Nv0hjSYxuPN7CjSk72UIPF5Oti4Ll4wxHw3RbbsAm2Zf2RM2OicJU_zONpK3uDBRMGd6XrJTzM7rZiKs1GJeSdeL_FA5_uWYdEWr051X5Do_mmzAgG3tXTgQjsuBMFo-Hd-DqGiF6w_GAO71qdldj1hpL93jc__nmC5FtN5U4gV5EPQ-gudqCTQpk76p71JgCg4UdoV0l_rGEyk7URtQYuWd_5ry9sKedOL4ZT2ggABvuv9huRQwMK7gBAGABr_Lica30_nRW6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1oEBsv1AqsSAfWVzL4Qau7Yy3L9A%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83d385d50390dfa709e85619c2ff2ebb54d6e0652acb0afcc194123c7e2805e7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jf5t9q3xyybexfm3mwehcf2v7wd3mgr96ac6hst9f8nmknk5fxn09jkrhqfby1qq5870xyrwaxmbt1v6y4jrd8f6gmzde6tggtg7eyx28x61a6tq1f1vw64k18ae1q650w4f8pz3r4ycegdc1ab84d1km80fk4chf9srwnwspkrygms2bvmhhyv5vbzackzp4b4xx8hsh2kt5z9760049y920pdsyv2mbb5vk0g0rn6hddgb6wmbwz16e3m68p1k1dhhrj6w5380k1v56yamg707e57rcz0mrw7cx4ntac6dv0z4766m2r56yv6f7jpfatc13yzwcwcm5p3ze34ts9vqt8hye27pq43mqda27vaqc798bgvwzwbs94nhhyp6d8d222f4hhknc36xfmejkvymqj692ef&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZNIDPR0mYvzcCpGYrAS89Z-wA5DhgYRctqjCivACwI23ARABIABglYKAgKAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQL8am_kHjeyPuACAKgDAaoEzQJP0OfM7kky6SuXECbjzDteZ_pDHK8OmK31vxon91MoESpDaqq4sqJbAdsqjozrHMXKzW6cyPlWJXpWCY2RnQ3C-d5cRfqa2TzW3w0NEaO0bcRf6Czu1qlnH5w4VbJ9wo935cbMAhHPi1Kbr1bNm0Lm2TJ39aroYySBAgIEzd2XC4Rfvyv3oc8FmvoPAlPJVNuSI307Nv0hjSYxuPN7CjSk72UIPF5Oti4Ll4wxHw3RbbsAm2Zf2RM2OicJU_zONpK3uDBRMGd6XrJTzM7rZiKs1GJeSdeL_FA5_uWYdEWr051X5Do_mmzAgG3tXTgQjsuBMFo-Hd-DqGiF6w_GAO71qdldj1hpL93jc__nmC5FtN5U4gV5EPQ-gudqCTQpk76p71JgCg4UdoV0l_rGEyk7URtQYuWd_5ry9sKedOL4ZT2ggABvuv9huRQwMK7gBAGABr_Lica30_nRW6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oEBsv1AqsSAfWVzL4Qau7Yy3L9A%26client%3Dca-pub-5413329544040947%26adurl%3D

Response headers

date: Mon, 07 Mar 2022 14:57:01 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e842e6369169052-FRA
content-encoding: br

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 5FDE 81 KB
11 KB 30ms
30ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C15255%2C823&b=XxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2CXxVfzfrf3bf6H4HetqtMGQtQSkTXKPfJ&f=e7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2C62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Ce7RC3fVfYpcjHZHet2CbrzUwSQTx8Ja1&c=728&d=90&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=d22730ed93be70b2754da1c6fe28122b%2F3581078912661162303&i=25007%2C25174%2C9719&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1646665021955&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jg6nkbevx295n869432ttxq6nkeasf4bvgkctbyzt39k0bdezmfnj73fhvavkg730hkfz4spd8812b9ngnnjfye86e42fswpe5hv5nx53r5x1r4t6zzzyaz3x9eke8vyadqxxqtbf2d8efk5pnhw3z5ybxy3kx4tq511n6243y8xzxefmj7v070erkh7a86k1bz8p4vs879rc7yaxhgzvrt3cbcdg4zeasvas76r82r4d41wsrs03f045727rppq3s8p5ysp4f3g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZNIDPR0mYvzcCpGYrAS89Z-wA5DhgYRctqjCivACwI23ARABIABglYKAgKAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQL8am_kHjeyPuACAKgDAaoEzQJP0OfM7kky6SuXECbjzDteZ_pDHK8OmK31vxon91MoESpDaqq4sqJbAdsqjozrHMXKzW6cyPlWJXpWCY2RnQ3C-d5cRfqa2TzW3w0NEaO0bcRf6Czu1qlnH5w4VbJ9wo935cbMAhHPi1Kbr1bNm0Lm2TJ39aroYySBAgIEzd2XC4Rfvyv3oc8FmvoPAlPJVNuSI307Nv0hjSYxuPN7CjSk72UIPF5Oti4Ll4wxHw3RbbsAm2Zf2RM2OicJU_zONpK3uDBRMGd6XrJTzM7rZiKs1GJeSdeL_FA5_uWYdEWr051X5Do_mmzAgG3tXTgQjsuBMFo-Hd-DqGiF6w_GAO71qdldj1hpL93jc__nmC5FtN5U4gV5EPQ-gudqCTQpk76p71JgCg4UdoV0l_rGEyk7URtQYuWd_5ry9sKedOL4ZT2ggABvuv9huRQwMK7gBAGABr_Lica30_nRW6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1oEBsv1AqsSAfWVzL4Qau7Yy3L9A%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14044%2C15255%2C823&b=XxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2CXxVfzfrf3bf6H4HetqtMGQtQSkTXKPfJ&f=e7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2C62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Ce7RC3fVfYpcjHZHet2CbrzUwSQTx8Ja1&c=728&d=90&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=d22730ed93be70b2754da1c6fe28122b%2F3581078912661162303&i=25007%2C25174%2C9719&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1646665021955&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jg6nkbevx295n869432ttxq6nkeasf4bvgkctbyzt39k0bdezmfnj73fhvavkg730hkfz4spd8812b9ngnnjfye86e42fswpe5hv5nx53r5x1r4t6zzzyaz3x9eke8vyadqxxqtbf2d8efk5pnhw3z5ybxy3kx4tq511n6243y8xzxefmj7v070erkh7a86k1bz8p4vs879rc7yaxhgzvrt3cbcdg4zeasvas76r82r4d41wsrs03f045727rppq3s8p5ysp4f3g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZNIDPR0mYvzcCpGYrAS89Z-wA5DhgYRctqjCivACwI23ARABIABglYKAgKAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQL8am_kHjeyPuACAKgDAaoEzQJP0OfM7kky6SuXECbjzDteZ_pDHK8OmK31vxon91MoESpDaqq4sqJbAdsqjozrHMXKzW6cyPlWJXpWCY2RnQ3C-d5cRfqa2TzW3w0NEaO0bcRf6Czu1qlnH5w4VbJ9wo935cbMAhHPi1Kbr1bNm0Lm2TJ39aroYySBAgIEzd2XC4Rfvyv3oc8FmvoPAlPJVNuSI307Nv0hjSYxuPN7CjSk72UIPF5Oti4Ll4wxHw3RbbsAm2Zf2RM2OicJU_zONpK3uDBRMGd6XrJTzM7rZiKs1GJeSdeL_FA5_uWYdEWr051X5Do_mmzAgG3tXTgQjsuBMFo-Hd-DqGiF6w_GAO71qdldj1hpL93jc__nmC5FtN5U4gV5EPQ-gudqCTQpk76p71JgCg4UdoV0l_rGEyk7URtQYuWd_5ry9sKedOL4ZT2ggABvuv9huRQwMK7gBAGABr_Lica30_nRW6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1oEBsv1AqsSAfWVzL4Qau7Yy3L9A%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:02 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1141625
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Tue, 22 Feb 2022 09:49:57 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6e842e63a9bf9052-FRA
cf-bgj: minify

GET
H3 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 5FDE 18 KB
19 KB 31ms
31ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C15255%2C823&b=XxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2CXxVfzfrf3bf6H4HetqtMGQtQSkTXKPfJ&f=e7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2C62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Ce7RC3fVfYpcjHZHet2CbrzUwSQTx8Ja1&c=728&d=90&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=d22730ed93be70b2754da1c6fe28122b%2F3581078912661162303&i=25007%2C25174%2C9719&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1646665021955&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jg6nkbevx295n869432ttxq6nkeasf4bvgkctbyzt39k0bdezmfnj73fhvavkg730hkfz4spd8812b9ngnnjfye86e42fswpe5hv5nx53r5x1r4t6zzzyaz3x9eke8vyadqxxqtbf2d8efk5pnhw3z5ybxy3kx4tq511n6243y8xzxefmj7v070erkh7a86k1bz8p4vs879rc7yaxhgzvrt3cbcdg4zeasvas76r82r4d41wsrs03f045727rppq3s8p5ysp4f3g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZNIDPR0mYvzcCpGYrAS89Z-wA5DhgYRctqjCivACwI23ARABIABglYKAgKAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQL8am_kHjeyPuACAKgDAaoEzQJP0OfM7kky6SuXECbjzDteZ_pDHK8OmK31vxon91MoESpDaqq4sqJbAdsqjozrHMXKzW6cyPlWJXpWCY2RnQ3C-d5cRfqa2TzW3w0NEaO0bcRf6Czu1qlnH5w4VbJ9wo935cbMAhHPi1Kbr1bNm0Lm2TJ39aroYySBAgIEzd2XC4Rfvyv3oc8FmvoPAlPJVNuSI307Nv0hjSYxuPN7CjSk72UIPF5Oti4Ll4wxHw3RbbsAm2Zf2RM2OicJU_zONpK3uDBRMGd6XrJTzM7rZiKs1GJeSdeL_FA5_uWYdEWr051X5Do_mmzAgG3tXTgQjsuBMFo-Hd-DqGiF6w_GAO71qdldj1hpL93jc__nmC5FtN5U4gV5EPQ-gudqCTQpk76p71JgCg4UdoV0l_rGEyk7URtQYuWd_5ry9sKedOL4ZT2ggABvuv9huRQwMK7gBAGABr_Lica30_nRW6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1oEBsv1AqsSAfWVzL4Qau7Yy3L9A%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Mon, 07 Mar 2022 14:57:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 256344
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdtHkWHdzroEGsWViy5gktA2tR2wpUG7h6cYu8GPtlY4RiHvuXMdCRNfw82uGmJNBALPWED92btzvufTbYpbJV8lH4Xq8w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auKVlRElDfp6bEe%2BGX8JnLvxa0EmgmLIC88LxtZCadVCeU0p1GD4ZEWCc7CUbEEY01xwR4pO8QkHRvjVrd1YrekbSE7Q%2FEoOWS8EBTSERaU9fXMp81cOg%2Bk5OlKoYECoClaJxa42mntk09Ia"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Tue, 08 Mar 2022 14:57:02 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 6e842e63a9c29052-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame 5FDE 9 KB
10 KB 33ms
33ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C15255%2C823&b=XxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2CXxVfzfrf3bf6H4HetqtMGQtQSkTXKPfJ&f=e7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2C62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Ce7RC3fVfYpcjHZHet2CbrzUwSQTx8Ja1&c=728&d=90&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=d22730ed93be70b2754da1c6fe28122b%2F3581078912661162303&i=25007%2C25174%2C9719&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1646665021955&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jg6nkbevx295n869432ttxq6nkeasf4bvgkctbyzt39k0bdezmfnj73fhvavkg730hkfz4spd8812b9ngnnjfye86e42fswpe5hv5nx53r5x1r4t6zzzyaz3x9eke8vyadqxxqtbf2d8efk5pnhw3z5ybxy3kx4tq511n6243y8xzxefmj7v070erkh7a86k1bz8p4vs879rc7yaxhgzvrt3cbcdg4zeasvas76r82r4d41wsrs03f045727rppq3s8p5ysp4f3g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZNIDPR0mYvzcCpGYrAS89Z-wA5DhgYRctqjCivACwI23ARABIABglYKAgKAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQL8am_kHjeyPuACAKgDAaoEzQJP0OfM7kky6SuXECbjzDteZ_pDHK8OmK31vxon91MoESpDaqq4sqJbAdsqjozrHMXKzW6cyPlWJXpWCY2RnQ3C-d5cRfqa2TzW3w0NEaO0bcRf6Czu1qlnH5w4VbJ9wo935cbMAhHPi1Kbr1bNm0Lm2TJ39aroYySBAgIEzd2XC4Rfvyv3oc8FmvoPAlPJVNuSI307Nv0hjSYxuPN7CjSk72UIPF5Oti4Ll4wxHw3RbbsAm2Zf2RM2OicJU_zONpK3uDBRMGd6XrJTzM7rZiKs1GJeSdeL_FA5_uWYdEWr051X5Do_mmzAgG3tXTgQjsuBMFo-Hd-DqGiF6w_GAO71qdldj1hpL93jc__nmC5FtN5U4gV5EPQ-gudqCTQpk76p71JgCg4UdoV0l_rGEyk7URtQYuWd_5ry9sKedOL4ZT2ggABvuv9huRQwMK7gBAGABr_Lica30_nRW6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1oEBsv1AqsSAfWVzL4Qau7Yy3L9A%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=FPfkEg==, md5=cNeMaybSTgOMvyODLhu1OA==
date: Mon, 07 Mar 2022 14:57:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 402469
cf-polished: qual=85, origFmt=jpeg, origSize=83479
x-guploader-uploadid: ADPycdtXsHcFbbaUPZpBElxHFtOGnMkrok-4JshcjgCyBYdGdKcY9J2IFy2X90IOOOWNvI_tB6WdB8G5zA45xnN2H3oU_xE8OA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9260
last-modified: Mon, 29 Nov 2021 15:03:15 GMT
server: cloudflare
etag: "70d78c6b26d24e038cbf23832e1bb538"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0T7X3F1N7pNdDlLpVZXEbDyBvgczeVnDFuomUtAz0M0uzOa5US4Ptm23DgspqCZVnM7XFe64afRF1teLIjotHdToqJa2yp%2B58TxetlaDnbbJAuXRynz8s7D1Toi0ZDq14PaGOqoF3e9Ab4b"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1638198195167024
content-type: image/webp
expires: Tue, 08 Mar 2022 14:57:02 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 83479
accept-ranges: bytes
cf-ray: 6e842e63b9c89052-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 5FDE 43 B
702 B 37ms
36ms Image
image/gif 104.92.94.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidXxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJoneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-94-3.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 14:57:02 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 5FDE 8 KB
9 KB 29ms
27ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C15255%2C823&b=XxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2CXxVfzfrf3bf6H4HetqtMGQtQSkTXKPfJ&f=e7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2C62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Ce7RC3fVfYpcjHZHet2CbrzUwSQTx8Ja1&c=728&d=90&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=d22730ed93be70b2754da1c6fe28122b%2F3581078912661162303&i=25007%2C25174%2C9719&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1646665021955&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jg6nkbevx295n869432ttxq6nkeasf4bvgkctbyzt39k0bdezmfnj73fhvavkg730hkfz4spd8812b9ngnnjfye86e42fswpe5hv5nx53r5x1r4t6zzzyaz3x9eke8vyadqxxqtbf2d8efk5pnhw3z5ybxy3kx4tq511n6243y8xzxefmj7v070erkh7a86k1bz8p4vs879rc7yaxhgzvrt3cbcdg4zeasvas76r82r4d41wsrs03f045727rppq3s8p5ysp4f3g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZNIDPR0mYvzcCpGYrAS89Z-wA5DhgYRctqjCivACwI23ARABIABglYKAgKAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQL8am_kHjeyPuACAKgDAaoEzQJP0OfM7kky6SuXECbjzDteZ_pDHK8OmK31vxon91MoESpDaqq4sqJbAdsqjozrHMXKzW6cyPlWJXpWCY2RnQ3C-d5cRfqa2TzW3w0NEaO0bcRf6Czu1qlnH5w4VbJ9wo935cbMAhHPi1Kbr1bNm0Lm2TJ39aroYySBAgIEzd2XC4Rfvyv3oc8FmvoPAlPJVNuSI307Nv0hjSYxuPN7CjSk72UIPF5Oti4Ll4wxHw3RbbsAm2Zf2RM2OicJU_zONpK3uDBRMGd6XrJTzM7rZiKs1GJeSdeL_FA5_uWYdEWr051X5Do_mmzAgG3tXTgQjsuBMFo-Hd-DqGiF6w_GAO71qdldj1hpL93jc__nmC5FtN5U4gV5EPQ-gudqCTQpk76p71JgCg4UdoV0l_rGEyk7URtQYuWd_5ry9sKedOL4ZT2ggABvuv9huRQwMK7gBAGABr_Lica30_nRW6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1oEBsv1AqsSAfWVzL4Qau7Yy3L9A%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Mon, 07 Mar 2022 14:57:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 148143
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdsrFP1IbI1QH0XfzoPSZgbR8JLTS243eRYtk4OCXct3pcmyhmjHiehmJk2_6Mw42x_29mbTV7DyzNWqsgtX37W75YJA2w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BirMcvCRA%2FI%2FxMe60F7Iw7aCEUrfttkkqzBrv%2B6LW4G04ig6EUIFfZ32O%2BVJLwBkIon%2BYbQpdoQHjdRipAe8SedZa7zsjuaIPbN6KYPxMsl9nKLtK0yDgsXRbGV9CV%2FIgDzBzospkbbY%2B8iS"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Tue, 08 Mar 2022 14:57:02 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 6e842e63b9cc9052-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
assets.ad4m.at/ Frame 5FDE 35 KB
36 KB 40ms
39ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C15255%2C823&b=XxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2CXxVfzfrf3bf6H4HetqtMGQtQSkTXKPfJ&f=e7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2C62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Ce7RC3fVfYpcjHZHet2CbrzUwSQTx8Ja1&c=728&d=90&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=d22730ed93be70b2754da1c6fe28122b%2F3581078912661162303&i=25007%2C25174%2C9719&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1646665021955&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jg6nkbevx295n869432ttxq6nkeasf4bvgkctbyzt39k0bdezmfnj73fhvavkg730hkfz4spd8812b9ngnnjfye86e42fswpe5hv5nx53r5x1r4t6zzzyaz3x9eke8vyadqxxqtbf2d8efk5pnhw3z5ybxy3kx4tq511n6243y8xzxefmj7v070erkh7a86k1bz8p4vs879rc7yaxhgzvrt3cbcdg4zeasvas76r82r4d41wsrs03f045727rppq3s8p5ysp4f3g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZNIDPR0mYvzcCpGYrAS89Z-wA5DhgYRctqjCivACwI23ARABIABglYKAgKAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQL8am_kHjeyPuACAKgDAaoEzQJP0OfM7kky6SuXECbjzDteZ_pDHK8OmK31vxon91MoESpDaqq4sqJbAdsqjozrHMXKzW6cyPlWJXpWCY2RnQ3C-d5cRfqa2TzW3w0NEaO0bcRf6Czu1qlnH5w4VbJ9wo935cbMAhHPi1Kbr1bNm0Lm2TJ39aroYySBAgIEzd2XC4Rfvyv3oc8FmvoPAlPJVNuSI307Nv0hjSYxuPN7CjSk72UIPF5Oti4Ll4wxHw3RbbsAm2Zf2RM2OicJU_zONpK3uDBRMGd6XrJTzM7rZiKs1GJeSdeL_FA5_uWYdEWr051X5Do_mmzAgG3tXTgQjsuBMFo-Hd-DqGiF6w_GAO71qdldj1hpL93jc__nmC5FtN5U4gV5EPQ-gudqCTQpk76p71JgCg4UdoV0l_rGEyk7URtQYuWd_5ry9sKedOL4ZT2ggABvuv9huRQwMK7gBAGABr_Lica30_nRW6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1oEBsv1AqsSAfWVzL4Qau7Yy3L9A%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=DWwdxw==, md5=nrQF3oFd2dnh8eRzIt323A==
date: Mon, 07 Mar 2022 14:57:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 256346
cf-polished: qual=85, origFmt=jpeg, origSize=40264
x-guploader-uploadid: ADPycdsQc1ExtrIGay65zQ9FephAEMYfQkECLAR0vPRui88_LjiXkEmdxxgrTXYgE1Wi32fHdc38ijtrit2ZMb48doI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35504
last-modified: Wed, 19 Feb 2020 17:37:15 GMT
server: cloudflare
etag: "9eb405de815dd9d9e1f1e47322ddf6dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bq47SwygX%2BrtWH7J9SHJ2HCg1wCMxiYOl7Xu%2FoIp01mWgYrFuFi2RoYSeQxiPiJQyV15srMuc%2BLou%2B%2B8tgVEq327XRsMro9YDWjnNO8fLUaRYrUUP32yPLgbBYX3FUd9DarPXcaOVlxHbTVG"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1582133835673152
content-type: image/webp
expires: Tue, 08 Mar 2022 14:57:02 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 40264
accept-ranges: bytes
cf-ray: 6e842e63b9cf9052-FRA
cf-bgj: imgq:85,h2pri

GET

/
banner.congstar.de/cookie/ Frame 5FDE
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMe_z52htPYCFZaHgwcdCZwIVQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3oneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__dc_reach_suite02wkz&gdpr_co...
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1646665022_d891c361-9e26-11ec-81bc-2262d3a2196d

0
0

GET
H3 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 5FDE 38 KB
39 KB 36ms
35ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C15255%2C823&b=XxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2CXxVfzfrf3bf6H4HetqtMGQtQSkTXKPfJ&f=e7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2C62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Ce7RC3fVfYpcjHZHet2CbrzUwSQTx8Ja1&c=728&d=90&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=d22730ed93be70b2754da1c6fe28122b%2F3581078912661162303&i=25007%2C25174%2C9719&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1646665021955&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jg6nkbevx295n869432ttxq6nkeasf4bvgkctbyzt39k0bdezmfnj73fhvavkg730hkfz4spd8812b9ngnnjfye86e42fswpe5hv5nx53r5x1r4t6zzzyaz3x9eke8vyadqxxqtbf2d8efk5pnhw3z5ybxy3kx4tq511n6243y8xzxefmj7v070erkh7a86k1bz8p4vs879rc7yaxhgzvrt3cbcdg4zeasvas76r82r4d41wsrs03f045727rppq3s8p5ysp4f3g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZNIDPR0mYvzcCpGYrAS89Z-wA5DhgYRctqjCivACwI23ARABIABglYKAgKAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQL8am_kHjeyPuACAKgDAaoEzQJP0OfM7kky6SuXECbjzDteZ_pDHK8OmK31vxon91MoESpDaqq4sqJbAdsqjozrHMXKzW6cyPlWJXpWCY2RnQ3C-d5cRfqa2TzW3w0NEaO0bcRf6Czu1qlnH5w4VbJ9wo935cbMAhHPi1Kbr1bNm0Lm2TJ39aroYySBAgIEzd2XC4Rfvyv3oc8FmvoPAlPJVNuSI307Nv0hjSYxuPN7CjSk72UIPF5Oti4Ll4wxHw3RbbsAm2Zf2RM2OicJU_zONpK3uDBRMGd6XrJTzM7rZiKs1GJeSdeL_FA5_uWYdEWr051X5Do_mmzAgG3tXTgQjsuBMFo-Hd-DqGiF6w_GAO71qdldj1hpL93jc__nmC5FtN5U4gV5EPQ-gudqCTQpk76p71JgCg4UdoV0l_rGEyk7URtQYuWd_5ry9sKedOL4ZT2ggABvuv9huRQwMK7gBAGABr_Lica30_nRW6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1oEBsv1AqsSAfWVzL4Qau7Yy3L9A%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Mon, 07 Mar 2022 14:57:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 151770
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdu4ywlfL1c3FmjS7AWalcLY8WclZQjgvT8_DQ6NlaO6pJRtLDLKYvr2stqSXtLCmZ4fKMPUWSBZy7UenerGSbfV6-2MXg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SOY2Wc3be9czhSitih1RMqe8xLwzqUeL87tklkCOda3gxijQHlliut7QsakhzfxVBT6SVDEtJBRmeWqPp8AMCxtj9rx7Ycp8hfeLVG%2BfTdG6OFpxPWtO2nK4eYOUPCXM5TOlubp%2BA56mI5u"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Tue, 08 Mar 2022 14:57:02 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 6e842e63b9d09052-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 5FDE 113 KB
113 KB 41ms
40ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C15255%2C823&b=XxVfzfrfqw7U6H4HetqtxD7UQSkTXKPfJ%2CMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2CXxVfzfrf3bf6H4HetqtMGQtQSkTXKPfJ&f=e7RC3fVfxBVcjHZHet2CeW3swSQTx8Ja1%2C62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Ce7RC3fVfYpcjHZHet2CbrzUwSQTx8Ja1&c=728&d=90&e=ydAtynFkq4i7hBsaB8CPT5sdoHopqmXw&g=d22730ed93be70b2754da1c6fe28122b%2F3581078912661162303&i=25007%2C25174%2C9719&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1646665021955&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jg6nkbevx295n869432ttxq6nkeasf4bvgkctbyzt39k0bdezmfnj73fhvavkg730hkfz4spd8812b9ngnnjfye86e42fswpe5hv5nx53r5x1r4t6zzzyaz3x9eke8vyadqxxqtbf2d8efk5pnhw3z5ybxy3kx4tq511n6243y8xzxefmj7v070erkh7a86k1bz8p4vs879rc7yaxhgzvrt3cbcdg4zeasvas76r82r4d41wsrs03f045727rppq3s8p5ysp4f3g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZNIDPR0mYvzcCpGYrAS89Z-wA5DhgYRctqjCivACwI23ARABIABglYKAgKAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQL8am_kHjeyPuACAKgDAaoEzQJP0OfM7kky6SuXECbjzDteZ_pDHK8OmK31vxon91MoESpDaqq4sqJbAdsqjozrHMXKzW6cyPlWJXpWCY2RnQ3C-d5cRfqa2TzW3w0NEaO0bcRf6Czu1qlnH5w4VbJ9wo935cbMAhHPi1Kbr1bNm0Lm2TJ39aroYySBAgIEzd2XC4Rfvyv3oc8FmvoPAlPJVNuSI307Nv0hjSYxuPN7CjSk72UIPF5Oti4Ll4wxHw3RbbsAm2Zf2RM2OicJU_zONpK3uDBRMGd6XrJTzM7rZiKs1GJeSdeL_FA5_uWYdEWr051X5Do_mmzAgG3tXTgQjsuBMFo-Hd-DqGiF6w_GAO71qdldj1hpL93jc__nmC5FtN5U4gV5EPQ-gudqCTQpk76p71JgCg4UdoV0l_rGEyk7URtQYuWd_5ry9sKedOL4ZT2ggABvuv9huRQwMK7gBAGABr_Lica30_nRW6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1oEBsv1AqsSAfWVzL4Qau7Yy3L9A%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Mon, 07 Mar 2022 14:57:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 152022
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdvHiJ64b6kHCh3x8naKf6TwlIipZSPv_QTRkNKRFofthWYMTnggaHKUu1a1NFeX_4fUHmBdfbTu1PsAQoB0afq0y-SFmA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RnQWiIJOGaDH0MuTyLSlnwGUK1PIbwGuR1FB1MpJGaAHuyT3oJhaoZz5dRsZ%2FDlFxNhCcB%2BkxbXp5o3vMSIz6OfGKriYYfzH5AxEdHNyj6uKdnov5wZigHgkuLoRxC5AB%2FpvFUuHR%2BNa3OlM"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Tue, 08 Mar 2022 14:57:02 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 6e842e63b9d29052-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 5FDE 43 B
705 B 56ms
27ms Image
image/gif 104.92.94.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidXxVfzfrf3bf6H4HetqtMGQtQSkTXKPfJoneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-94-3.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 14:57:02 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame F133 0
127 B 26ms
26ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 07 Mar 2022 14:57:01 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4BA7 42 B
64 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3lPLAEOsWbZtmz7w8yV2ZL8vxfeoDwAT8eYdQIUghjoq2_qOvZHz6V9-bDd5gcPh83FWIeV7o9yArxC5Ew--Y&sig=Cg0ArKJSzEHAPBSucimvEAE&cid=CAASF-RoGDvUgOdFX8bFHuQ7vxeE4dZXVSMS&id=lidar2&mcvt=1098&p=939,1289,1189,1589&mtos=1098,1098,1098,1098,1098&tos=1098,0,0,0,0&v=20220302&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2992467494&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646665021229&rpt=242&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CA37 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030101&jk=1567783009156909&bg=!WlmlWR3NAAb7UztL-1M7ACkAdvg8WuzdrdJqJZkSw0IP-cOPLLf0zvxMYUyNosiHVOWy5mPvhHI9PAIAAAEsUgAAAAJoAQcKAMerDrwmIPFSRlS8XO5G_ffKhsvUeMz1BW0kEfGblNznHdHZ-MiVedxEl0En-8IgXOIc12KL_sG-IazskleuTpVBgBqkyg2kg2V8qFo0PpI6dYvsxCaTcIAoAHBJS8wC1-cxIRmMljvGavjwHulbs7gks5rUWoU-GPS_SyzWG5xu9eilWnpDv_h-CJyVE-9iMFCEt0EqXTB831BZ20FVbTPn0Y7PVNd2gXf2CLy6TsyUDzhKC3_h-WTL6PjQrKZbIg2DWcmiGloYmQKyBwKKU6__ovcRDjd7K-wAWi180keYX34oOYw7UFHQ3VqA9xbDGpThcBeaUixy-24pC3FDy_Zq1BsfG5Vg9pKK8scwwmvLOWnjtJTw0r0s8vA-eNgQH0vdVx_EEkSdXAJQZcoppS6cDReAQer3Awe6K98IdZeLJsAZm1YZH0kL0tL8swRtOcNAHVnvr_wUdWBhu0ulTXqa2UzwEVRDu_-t-SSOU6bsnB4AiNqRW7NaZZZ3aTySP5Dc5SazlYlBU2XKf8ZwENpaRkMo1cosglFvK-WYp7QbTXxE46VIBt-F-wXbKaWRdNQfjGvd_Rp2yrZ5dGyGnsXuhMFq3pZPDDtfgwtL9kP3Lr0qnMJTFO7vPEBnjpkkudjZe9Hnhd47zAUwWaaRFAIEG7IRm_ZRtlpebE3hO6dig5e1_6Ix7EV7i4O9NTsjyAKFY8dxvZFaYbikEyIozJ4oNmx3MNFXpyvRkVKdHJ_RuUYXwWvJCdH9eHEI7NzDA51g2owrFoJATpLY6BV5Oo3GEvR-gEQUELsodplgTN6-uIKnqmGhVzJwjMKYt9hTSF97y-ZHRXDtMBDCab9Va6ZvHUX0_xmH1c17IANfXXxf_MVWPYQwIUrY-SubIxlEMiDAfvQ0JNy_cIQ-uK1Vl05O3Kpaj_RVzF8Ja9M8qINV1-v6eCo7dhoFWXaGRK6jLRoqauEvguyizO9IAK0lBGIdk6WDKeNtJZ7ioa3VPKEZ5sYUsLFtArAK7KLzFXvqMwkOIWVAqDGQqYO23tTp-xl4nrGetMUXNpEvd5JyUBUtseAIDm8JHxkWrwXqkbOlsDAwohZoC7id66jEsdgFFMZUyf58qkUXLpKgignqbxU-7WWPqNzW6mrUDbUI29mX31lN-4W6D8DpfRMLhrPFL_xNxNlF49kf9tRFnQh7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 1095 16 B
232 B 98ms
98ms Fetch
application/json 52.30.107.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-107-253.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 07 Mar 2022 14:57:02 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 159ms
40ms Preflight 52.30.107.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 14:57:02 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B704 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030101&jk=1838896244044700&bg=!wsGlwYXNAAb7UztL-1M7ACkAdvg8Wi6R0y9PH--hqLmCwVNfblM9jhbyHBhEci3_N054Qy-UOVePdAIAAAErUgAAAAloAQcKAI0A1Pg-7yh3m1Yzjh7C0cAHan0s0r_BvDuMSVcKrp0eOj3uIBn6PH96AZH6sofgGlv2pnHNKa8BCCuIDJBKqCvWRo4YuynOpjjHzPz6CThi37HTU0ZzDQNhqwtcTs4L8_CigaFzJq8lAZMAHwzbaB1G0WzF0-covM-N7PwPD2Hvis8gTliuGwJKdvb4NF2ZAq1LCpCPaMdCB60teaE44z2_-iPTbXrTWaRhMIHX0NTMjnziuFZIcqiaVZgOBePeANOpnmJGhBQPKMzFp1od-3BHH9yhrl90sUhDnYCBHQvUjzXPuqurqAWP4vp1NyDEq2FVGSLSrKp_ET8DbyxVG6L4KDITxPud1BWEu0qibNl8Q2nqwL7_6tTbDTmPOHiIdGhluyC57rh0f8cDJ77nQf-zn8VbjIqra8phI8ETltA0JBqUPYg_VoDV_JayNPNAUj49yeuZnDmmifMkxn1nWfTPoMznT8RMQEhp26m0I6RZXtZoYPrL5wIwfqH6AYqs-vq4i20iro0nnYc7KkXOMEDhnMIiZlftG_fWtU8p52OQ1VgHZy0zLHDB_BPaZ3lh3O5GoyGNDqFAKoXR127tnfEWIMZZat-ZIgLccmKmwJxOhgAsn3UxXJEMUapWbX_CPuU45Pv4ushgwUPqXQplVhdGEsLVU5NvIIe4YyFUNGTSP5cr158bDfa_WrvVoIhoR7jemASFGffYSoZJ43Dt1TTAyv74u_se9Iv5iN_xP2uToA13NHch0lti5eN8eAWyqL5ZuiXVWeqNw8fa8-1wLLBsslEsG5bvGX8z1Qj87R68jpzjbQs2VAqBrGVzq4jIOYtSqA5sRkIimPjqVVny73a1yFGqd0TcjFWpb9h0Z1ViwRHxZ9bpz2MF8j5bBsF4yyTUUjPRvnnezRjVhhp9fzk6-FGaQ2KmgYZwGuLyKoME9PyzxqT2i_0X66RiGAO8z1zmc9H8oV4LAApGgNZwHb3e387mPK2wV1yqPEprcDezjCHgy922ee-qd8BHemQ_CRJqFnwnS1LqOssK_btWipyfFpjliIxlUTxOVJoxTRgGpLJWfSlGXnznsXt4sUTbWCm7O1QJa2YcCZY2rAfj

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nets4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 14:57:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 1111 16 B
232 B 88ms
87ms Fetch
application/json 52.30.107.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-107-253.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 07 Mar 2022 14:57:02 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 137ms
39ms Preflight 52.30.107.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 14:57:02 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 all
csm.eu.criteo.net/ Frame AE50 0
127 B 25ms
25ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 07 Mar 2022 14:57:01 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 204 collect Show response
k.clarity.ms/ 0
48 B 211ms
210ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: k.clarity.ms
URL: https://k.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://nets4.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://nets4.com
date: Mon, 07 Mar 2022 14:57:04 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 img
pix.eu.criteo.net/img/ Frame AE50 28 KB
28 KB 25ms
24ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

799cada1d1d8ae72cba81c3b2d192ffa233716a7ae9efa0da4b68c2edef5aeb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:57:04 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30054208
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 28754
expires: Sat, 18 Feb 2023 11:20:33 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA

Domain: banner.congstar.de
URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1646665021_d84b1d72-9e26-11ec-81bc-2262d3a2196d

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-NqAFu3KpOJU

Domain: banner.congstar.de
URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1646665022_d891c361-9e26-11ec-81bc-2262d3a2196d

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nets4.com/	1970-01-20 18:55:37	Name: _ga Value: GA1.2.1852444038.1646665018
.nets4.com/	1970-01-20 01:25:51	Name: _gid Value: GA1.2.685662484.1646665018
.nets4.com/	1970-01-20 01:24:25	Name: _gat Value: 1
www.clarity.ms/	1970-01-20 10:10:01	Name: CLID Value: dbe3a778769149dbabb3bf72d2fdc377.20220307.20230307
.nets4.com/	1970-01-20 10:10:01	Name: _clck Value: yjw838\|1\|ezk\|0
.c.bing.com/	1970-01-20 10:46:01	Name: SRM_B Value: 23289BA076E1640D19468AC0778A65D9
.nets4.com/	1970-01-20 01:24:26	Name: __cf_bm Value: qcFtV4O0zm2CYj08LUrZkYHQRjIcMXqpiMAaq2Oy3ug-1646665019-0-AfcVzfi53DPwef/nN5LSnlqfs2WelUlF3BD7p99w2WFpbBeE/EajtridKEyIVlpbC/yuN/J7SJYWT8zJX8q714matBCIB2F7J467lKA6WfxjdcMKt51D058rQqxCLT2K7A==
.nets4.com/	1970-01-20 01:25:51	Name: _clsk Value: 1llcuh7\|1646665019158\|1\|1\|k.clarity.ms/collect
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 10:46:01	Name: MUID Value: 23289BA076E1640D19468AC0778A65D9
.c.clarity.ms/	1970-01-20 01:24:25	Name: ANONCHK Value: 0
.doubleclick.net/	1970-01-20 10:46:01	Name: IDE Value: AHWqTUnOq30GFISB6Pd7WqPmFVQJlxziwGQqjBekxv-AcqgKJImkvkEwv_PrPBL3uS0
.nets4.com/	1970-01-20 10:46:01	Name: __gads Value: ID=8a3a6984fdd0fedd:T=1646665019:S=ALNI_MZBGKVXtiM3Bb7RGYUQfzWisybbuQ
.doubleclick.net/	1970-01-20 01:24:28	Name: DSID Value: NO_DATA
.ctnsnet.com/	1970-01-20 10:10:01	Name: cid_98b59908c7a847da936e3bf2f56121ae Value: 1
.advertising.com/	1970-01-20 10:11:27	Name: APID Value: UPd7a80051-9e26-11ec-837a-066ef03919b2
.adform.net/	1970-01-20 02:09:03	Name: C Value: 1
.adform.net/	1970-01-20 02:50:49	Name: uid Value: 2792223079059983003
.yahoo.com/	1970-01-20 10:10:22	Name: A3 Value: d=AQABBDwdJmICEP1_q1QOVAhBjW8hwpdtxcQFEgEBAQFuJ2IwYgAAAAAA_eMAAA&S=AQAAApFVshFUh01ko8yaaMTDp34
.mathtag.com/	1970-01-20 10:50:20	Name: uuid Value: 23526226-1d3c-4f00-ae39-f38080fce5af
.mathtag.com/	1970-01-20 02:07:37	Name: mt_mop Value: 4:1646665020
.de17a.com/	1970-01-20 10:02:49	Name: guid2 Value: 1.3202622124431005678
.adfarm1.adition.com/	1970-01-20 03:34:01	Name: UserID1 Value: 7072372412665165975
.tribalfusion.com/	1970-01-20 03:34:01	Name: ANON_ID Value: a8nseFw5EGjAaINQeEsDI5EEMkSDU4UZcq24GbSMtwU2XQSPEM5kdCRcfcZbIPtZdoc1Pi5UlNMT3S2Q0755SaQ
.3lift.com/	1970-01-20 03:34:01	Name: tluid Value: 912407393760623287066
.awin1.com/	1970-01-20 02:50:49	Name: aw14363 Value: 412871\|359541\|2480620\|1646665021\|\|aw\|0
.awin1.com/	1970-01-20 10:10:01	Name: bId Value: HLEX_62261d3d3553e3.43786851
.quantserve.com/	1970-01-20 03:34:01	Name: d Value: EHABCQHNJYEA
.quantserve.com/	1970-01-20 10:54:39	Name: mc Value: 62261d3d-7b697-640cd-e0e36
.blismedia.com/	1970-01-20 10:10:05	Name: b Value: 62261D3D5F1DA4613CACBA3EBLIS
.w55c.net/	1970-01-20 10:54:39	Name: wfivefivec Value: aYjqPnFH1NreNf5
.turn.com/	1970-01-20 05:43:37	Name: uid Value: 3594149520111331378
.blau.de/	1970-01-20 01:34:29	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY4MDAwMDAwMDA2MTY0NjY2NTAyMXZsZWExZGUyMDIyMDMwNzE1NTcwMTY1MjI3NDk4NDg1WDExMzc1MlYxMjI1MTMxMTA2TVNvbmVpZFBKNEhCZkViYWJLNzl0OUhqSGJ0TXRQUGdTWlQ5VGtHQ3BvbmVpZF9fYXN1aWR5ZEF0eW5Ga3E0aTdoQnNhQjhDUFQ1c2RvSG9wcW1Yd2FzdWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g0M19Ub3BSb3RhTW9udGgxMTM3NTI
.blau.de/	1970-01-20 01:34:29	Name: nscQ486 Value: V
.blau.de/	1970-01-20 01:34:29	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022030715570165227498485X113752V1225131106MSoneidPJ4HBfEbabK79t9HjHbtMtPPgSZT9TkGCponeid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
.o2online.de/	1970-01-20 01:34:29	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY3MDAwMDAwMDA2MTY0NjY2NTAyMXZsZWExZGUyMDIyMDMwNzE1NTcwMTY1MjI3NDk4NDgzWDExNzY3OVYxMjI2MTMyNzAyTVNvbmVpZDNiZ0ZwZjE0VUI2M2E3SHJIQXRFdDk5N2Y4VFdUUmVhZG9uZWlkX19hc3VpZHlkQXR5bkZrcTRpN2hCc2FCOENQVDVzZG9Ib3BxbVh3YXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExNzY3OQ
.o2online.de/	1970-01-20 01:34:29	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 01:34:29	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022030715570165227498483X117679V1226132702MSoneid3bgFpf14UB63a7HrHAtEt997f8TWTReadoneid__asuidydAtynFkq4i7hBsaB8CPT5sdoHopqmXwasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTY3MDAwMDAwMDA2MTY0NjY2NTAyMXZsZWExZGUyMDIyMDMwNzE1NTcwMTY1MjI3NDk4NDgzWDExNzY3OVYxMjI2MTMyNzAyT
.w55c.net/	1970-01-20 02:07:37	Name: matchgoogle Value: 5
.analytics.yahoo.com/	1970-01-20 10:10:01	Name: IDSYNC Value: "18wq~23me:18yx~23me"
.360yield.com/	1970-01-20 03:34:01	Name: tuuid Value: 32902ae8-4262-4833-9e7e-fa859086e108
.360yield.com/	1970-01-20 03:34:01	Name: tuuid_lu Value: 1646665021
.awin1.com/	1970-01-20 01:34:29	Name: awpv14098 Value: 412871\|1646665022\|d889d420-9e26-11ec-931c-22627d215c9c
.awin1.com/	1970-01-20 01:27:17	Name: awpv11830 Value: 412871\|1646665022\|d88d2f81-9e26-11ec-98fc-223366d53764
.awin1.com/	1970-01-20 01:34:29	Name: awpv11938 Value: 412871\|1646665022\|d891c361-9e26-11ec-81bc-2262d3a2196d
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLHXmH7qQOXlIGYe-VjQJBmdAUEMbaa9uCnOFUDyiEDeoRXOkFAfDb27JL2AZg3vUhlVSc1SeV5O4ta3FWZaQSIyJWfuA Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=MpAq6EJiSDOefvqFkIbhCA&google_push=AYg5qPJRqAzt6w35qcoSV5v3VwYwtdRok_3EnZLUmjHovdNYkX_NPA39qcO77IZML3GMH17JIt4cM1MlOdQYkPP-NqAFu3KpOJU Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1e84ff8f8fd79785f2f8bdf2dc67ffbf.safeframe.googlesyndication.com
454cb6d3236d479ce2a3f333159ec9d3.safeframe.googlesyndication.com
69d990d1c25b46320b5ce3d8629e4413.safeframe.googlesyndication.com
a.tile.openstreetmap.org
a.tribalfusion.com
ac80c294674c71c8b179b41cb772032c.safeframe.googlesyndication.com
ad.turn.com
ad4m.at
ads.eu.criteo.com
adservice.google.com
adservice.google.de
analytics.webgains.io
api.purpleads.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
b.tile.openstreetmap.org
banner.congstar.de
c.bing.com
c.clarity.ms
c.tile.openstreetmap.org
c1.adform.net
c99ddf807be6e2ccc1d13c37f473dfce.safeframe.googlesyndication.com
cat.fr.eu.criteo.com
cdn.ampproject.org
cdn.purpleads.io
cdnjs.cloudflare.com
cloudflareinsights.com
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
e57834d9ef776e4e43a5a379137cd70c.safeframe.googlesyndication.com
eb2.3lift.com
f2939479fff06559311abb5c68343b83.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
img.nets4.com
k.clarity.ms
nets4.com
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pix.eu.criteo.net
pixel-sync.sitescout.com
pixel.advertising.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
r.turn.com
rtb.nl.eu.criteo.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s0.nets4.com
securepubads.g.doubleclick.net
shop.euromaster.de
static-de.ad4mat.net
static.addtoany.com
static.cloudflareinsights.com
static.criteo.net
sync.mathtag.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
ups.analytics.yahoo.com
www.awin1.com
www.clarity.ms
www.euromaster.de
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
banner.congstar.de
cm.g.doubleclick.net
104.92.94.3
13.224.89.12
13.224.89.8
13.248.245.213
142.250.185.162
142.250.185.226
178.250.0.139
178.250.0.160
178.250.0.162
185.29.132.245
20.96.88.162
2001:678:cb4:bbbb::11
213.155.156.166
2600:1901:0:76b9::
2600:9000:2190:600:1b:5138:8a40:93a1
2600:9000:225f:7600:12:7deb:8f00:93a1
2606:4700:10::6816:47c5
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2606:4700::6810:135e
2606:4700::6810:5e41
2606:4700::6810:5f41
2606:4700::6812:d05
2620:116:800d:21:3175:5196:e3fd:8c1d
2620:1ec:27::cafe:1389
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:801::2001
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2001
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:812::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::18
2a02:fa8:8806:16::1370
2a04:4e42:400::649
2a04:4e42::649
2a05:d018:d29:3602:1ccc:1602:f60c:87b8
2a06:98c1:3120::7
3.126.56.137
34.227.128.233
34.96.105.8
35.186.193.173
35.186.253.211
37.157.4.29
46.236.13.147
46.4.41.145
46.4.62.19
52.142.114.2
52.30.107.253
52.58.249.203
52.59.160.6
66.155.71.25
69.173.144.165
84.200.5.215
85.114.159.93
010dbc892a6fba63ff4bfba46a41e272caad8d790570feb3c636324aa8a52777
03068997bed60ded02d0b912a72ed25e8e95f456ca842df6f4e078d2554a2a92
0344667e6d81b6d655667ea9d822973d786d6bc1417be0b1aa12ff6de4558a51
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc44ea79e71bea23b78759ad6113a2106a0708b2db4988b73f47f3aa10f78fb
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c593b5ebf818cc3c3288acbead773b67b1c380baaee940902be46ed8d43cab2
0d286b2753cb20f00d7222cf67add356df61c62714c4c695917293eab23c1610
15343fff5c592b8409f9b77d2cb3ff13ba6e8becde4ef47d4588fd2ff3bec1e3
17a97981604a1fe56f8804e77655010e70cbfbbac2c66e03a303e876dfd72640
1a1ceef0848eb5ea2c816e56c35b6be9fcee9295c976ac5b0da03d4552d9ac4b
1bea96e526312acbf44cb0af30dac11485b3f9886f4037cc082f92e0b0f8dd3c
1c1777ca1edcecb8c60b4e02eff466a12d967c171d491192eca2192034997018
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
21af66f64bb18b1159ee363a933d5630e27419c83915d4d5ef42d8154f3921da
2255ec4c3254a41b448889224b2cc5c32f8d6f8a6165d3c58aa6523f86c0957c
22d7e00449ca81f34b0926fe4573ec056a674d959ad42d7fa0ad680e90f27992
2302ef8bdd8794ad935e006948eca54d2c0259871dcbfbc5b784447b5ada8a5a
230f27646f2460a7e13106d06ec50cb822acf254ae08fba4058aa06ca57b9dab
23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029
23de04f333f6df873688e3bcb116bd5757f25b32326c8038b8c97a95957375e7
2599883cd30abc246c3be0ea1094d1ba189cbdd7e2295e4d7dcfc2856a837bc3
25c3fa13fbe0829b70a3791712f170560d1169b7eb8db17d114ef3072940b283
263bd4e22b75c26f3b632aa39d7eba5260f9ec1c4ca9e706ff5c167ddad1d189
264f5c640339f042dd729062cfc04c17f8ea0f29882b538e3848ed8f10edb4da
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27b12ba011ac71b930c18879e96051d0ed9ba9e1f9e39b5d024345f1180181f5
29711943aeb09e861d06c8409318655ed6d2d7db0fcbfc1c12359bff07447018
29b14f7dbefc49b7847a1074e7c68058a7ec0132c3a5fe1bbf23ad4cc226ef32
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f2c78d11d003e80352b2d13a775d2a137299302b3893210b68427a7d5ee3a72
2f4502507de122f29ce7f45bc6b468e99f205a738e47bb2767fd73989b3eaa3c
2ff65b0600fe7250809e82ea0c84552439ab72f585bf50a814698cbcd0db7d57
316bc6817312b27beb652dfec4faa6fdaa20979e89161cc9cc55100cd70ef5aa
3218fb69661597f0afc39c1475df7eb566f13c2f8538389cafd479a7c9371858
332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514
34be38d133fe32063b42903021ab00b51e6ba9190777a9a331a323295e8cc4b9
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
38aec58b392722657a2ca8c670d57431451060a484f264cec8e101819d4da4d9
38bf08369b9d72ce4d22d5b555e9e5ee2e7a5fab8980ba2787f47d89d55e2c99
3b322c9030883acdb559f857024b4ef3ab7574712b635b6e3db135749e32e1fe
3c865f9ba19b80bbab61230ac6f099d6c605af2b21615415338a9bfa471c863a
3d9bee9a179c5d9116ab92d1dff21528f32697675765ac98b0905a81b4c735a0
3e317c84b8007c86322deed2d46cd763ed9bda0444d35887844da8f1418d9bd0
3e387f60e81f624045b0bbea55f425afb9d9d78e7e3d68f61299d7bd2b06316d
42467bfee0bb1814b830891344a900a0631d60b919b1fc528e5b533207d77910
46866e17d18a48c9fe8a6aeb0a8838d528cd3ba4761975d566a7fc9f845c2749
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1
490eb54dd601dc1fcb77abfcbc4549f8c65552d03d33ee78e3ff2bcfe62788cd
499d742344f4b69df1c45273acccf5c6941269f48276e4d52cdabdfbb77a7904
4a6244895663207f4110ca60f1ebba7436a865408cb88d04a6f9b729cb234640
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb9443e2de03752863a1d0831e719754f7c9254124e868f539b0e97821fd76f
4fef239ebd936e96f316dee1aca599952e7adaaba26fab72b45328871855ac4b
50fb88e3a2d413c5c0a0294b71e0da34829b2ec9444ba55af7e1d6935a4029a3
516fadf20aefdc9565d38ff12fd35aa4262d20408dace2f5849cd191119496c0
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc
5441052b90ea7c9dd9e004b29063fbd95969ca46e5cb6850f535c5da87935ca1
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55994d5963c8ea46427e8bcc1a61f7f85d8b9d7f4d4a1a8d4eead4e3433b56aa
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56386db6fedf5475ff6ac57939cfaac58722f519fdce666cee7494b993c84e81
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
574c3a5cca85f4114085b6841596d62f00d7c892c7b03f28cbfa301deb1dc437
587259314084a04755f0dfb2d0f0e9f07bdf03a575352e366e308d2e19cfc70a
58f209abba42520f14ff6ad69b787e34ebad0d959058a32093564b17d4a6e842
5d83107229c1cbfe3de997fd2124035816294178c1eaec7829ab43ccdea1a155
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64ff64fa503bc9d8e4e3f3fbf1bee9a37f2548f130beada5e749be4b33a9645d
6728e1d20e88098fc74ecfffa43ef11aaec970fbc78de1d6b0ff172538a0c540
67e7067770aa3a8ba335500e060aea040464cd4075a652e7f5e3ca33e5771878
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
691d4bd7b9b31f9ab1b1837e7d956e0e3041ef63c1ee0edee8ca6208a4234efd
6aa327026d0b4ca42fdd9924926a06a5f33df4cd62f85862bea39caeda2f335f
6ad584690f7fa3e788ea1df9a6a567211be5d9d627908e9339e84e99efe70126
6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba
6e3d3c32ac7d28713d5d03e6317bc7135fd141a853dccbc4afb0dc4ca1649841
6ed9b72c565894fb730643a70b3cb95bea13403a32380634d302bf59d648b197
704f6f54ae77cd5ea0a0bf47ebb70727a9bd76a311d7e54788ad3dc79b366739
7077dc489ef7df1bcc1994a1b6649f391aae70107d5a3f5bc58ea481040a3af5
70ae853142e138bb30d5817f6dfcdd2ce14708f4da3e1f40ddaf4c7180f84546
722c5b95144aaf980dafacd36b1df0a3a0cff78962e8eee8f56e40c423f00b6f
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371
77e352447803c8cf8eb745651a271f97bc628025877a32e003f4ad97c9863b07
78271e5eab32b96dd3dc099fd7648c4cd621658b2bd654b0e65fecc4b2547d1e
799cada1d1d8ae72cba81c3b2d192ffa233716a7ae9efa0da4b68c2edef5aeb3
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7bbac18d33c3b76898e24031512a0be1effe32f0bc8220ffa59009f729130073
7daba3a3629a5895ad044d5af555b6f50d416314d2335db1507bba1d2bc4b6c1
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81113be959d836136f0e260fa7043a881e992753ffdd7cd9d9fd5a61c59106a8
83d385d50390dfa709e85619c2ff2ebb54d6e0652acb0afcc194123c7e2805e7
84d00511d9ac2d60f4b43ad8dd4c237a8093c7a45f1e8da88f5c233866d408f2
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
866075e9f9540d3fbc1af75076631d86c71404b40ce5252d4e5085b0d9964e5b
876ccb211e3a93132198570fa504d84ad347f1d905df6b5e7240be49a127a9af
87b416e6a40d49208eb17cd3bcf00c4219b0a7c3bfa6e4447a387391351f0a52
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8ea89251f9af2ef6f1f136dc7a71fe9122fa9df10d35d99ffc12de57ef638e30
8ec08f505d56561c0d567f0f0f70cc07c7bea91516f6b4272d94181621681c69
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
9003fef55e3576f4a0a0238398fe166e7ee41975e55dd3ba079066eea0fb291d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9236b501fbcf819c1a6ba64884946aab697e6b88fd417a96bce9543064a2d838
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
9523e5f49ab9936cea024964bbb733d92926cc476240bc3a7260cf1d5f6051e9
9564c9314dc78a6a95eba744d873801bf7a7005cc81cb4af95d11ef565ef4210
9603e3178faba135ae0013932620b3e3a2c636f948a17d3a4a915372064d2034
9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b
9717c1881ab82152f1fef06042b1d8eb69ed12f32062dcc7d5d5f865811e4483
97bcfb70181eee261bad37ebddf14130d2b1c6fa0b6af6f5e8e65158d2e360b8
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
997b911237bf1ba3ae866d21754fd8e3873582aece25276fbb6b4877a61e1a80
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a75ad44591831a0d5d5bf3a9882e8287bf50447913230d93d96f3b064ddef6df
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
af7c2d74ae3ac06198964b09d9ba00e9141f33aacd60330f210be60d7b6f0d53
afa7c59b72927d60532942129144c0d38f58ad9e955f1b485806dc02a6f3440e
b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a
b16e0ab1b42b99579073c659fea962ba72b07bd208c798d9ee1bc0e91336dce3
b25ed8bc8dbe5c5d9dcc7b837aacfa4ddbeda185835ce670cc36b101623f18a8
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b9b6d4d89b6b08519ee453948c1ce3088a310d085d391d40b38c0c51a21f3686
bc899b1127007a05c4ca19684d23687f975e3714054db7c3b42ed5ff443dee72
be09338dcf9b1478c046dec062b9660a76b8a340e01d849d99db8facf0256655
bff5a039d26b87070c2d6420c75b9406cc15907a238bfe6e74f632cbc170cd70
c2ef84d8cd4a536592937e583c4388ae2cefb158416b95a41933008673865117
c59f0654e76d8b317f589b6b7961f882426eb2f3bb8e218d9c300263595b4f9a
c6cd28b8f48cd9c890723dbd16c6847083e7c322af81fc3da91b9730ac576658
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c6f259c7a7391bd6dae4cb3e0bf644f2f914817a803de9f7967d6347b53cd0d6
c7ec0db4dba7fe536c6354499a1bc7294766d2792ede217378a2c0c81c3edd5d
c837347a297c1a35852aa375392cc74950a2b868214e8b1909c4637b8b63ee24
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
caa6fb5239ca83ee694d34cd07918ee773d18b1a429d2f9e354be434b41ea209
cc52360afda7acb06fe4bdc27c58ee231ce1629a2a97d1c4e176bc45ea9f0cf9
cccfed53a9a32840e71b4ddec1a65e7534088c6b423864d80f62f8ed90e26927
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd9d70247fb0bfee91cf0a1220a55bb295476ed3ff5dc2a8e86012e7562c6450
ceead46a3e055359a45fcc3d8e878159af27f049c6d4a4b10b4dc5b7441f5676
d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494
d0f5d370325f16a7376e58146e32dfe7ca994b883b3a0342f531c62359cd7255
d11806876d8ce00009929055b3e6378b92b288bb5811ff020efda25028650463
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d1f10a248466f9d4823788927d117dac7d12255a2b43acf46e87cce60c3419a3
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
d5d02a818edad774ea1d79f1ca4bf972a9d5f6b4dfa5c757f578145be90a0f23
d61dfceadcc69e4a50173bb6b17554d10cd33011e0c33ead0499ab3bd28a3bdd
d843ad3a3881e8bb473d29e92bbfc2de1737cd85097bb448aff9a7fb05e544a8
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
d937393fafb440bc7ef710e5ec12aa0fa24d737218bd242ae61c9b1dbeda1de7
daf627c0def4ab23a6171270b7e6dea53d1c625db807aaf0a9322d284b3e601c
dd1892cb87a74dac682a6207344909a96f23d342670b32063a4f4bae614805dd
dded8f8315bfa1c937330c6d23a5883248d37e189635b093e93e096e594ad5d9
de0ade3cbafe1f027190e4612e4ad975dd76178f7e7d3ba19b39d128d9fc3547
dea6d9b977b06e1be6dbf3fc5118a1d8bfca410f14b6c4ad64ec07c057d4783c
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6a93f480cbf33a2e016fd777ca2e7a0944773d2f1d3874b1a44765794a84d19
ee3a07dfe37911fa2abcb6e402aad8eee580fe07e8e34e258a4d006e6ad1fd7b
eea82a9fbbd29de3d09f9ea2cae5971b1e4c4661b05124a27f40b56fbba4b061
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef56f134b679906602abb496159b39087f8901fea7ea9d2ab8a408ab8ff7862f
f0f382f3320ade05dd14f969ff7dd9d894c6a6571165ab6d7fcdade2f4836dfc
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f70751d4b3f5d5c9f208ea16e8cbcac3c6abf1bda80357da3fcd21dde4333449
f75a001bec4bdf424466cdc150b0aac769554195c5bf3105cd369a9861aa7103
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7c9abd88817d3f494884827fa4f2aa3a61ef4b4b869290f1c74fb5b947835f8
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f814ae53e4e56ab50d90620668b86e9ecbdcebb5c09d0388bfc11382f6343b35
f8fba18c8eff0e07e20bbd33c8f42fb2331160af716f8a6cc23bb7f5a25637df
f9ab631fa5ba69e94f330e3d5bf08e2273d8c598b39afa0e32c4f37dccc23e99
fb8138fe467ac4fd833c97df11108432d9a0f84486b05f08d34159aff9f104b8
fba7d2deac6fccf428cebc7a6cd114aaa711fd2c9d76eac3044d4eed40a14101
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

nets4.com Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

405 Requests

93 %HTTPS

55 %IPv6

48 Domains

80 Subdomains

52 IPs

8 Countries

4895 kBTransfer

10541 kBSize

46 Cookies

15 Outgoing links

Redirected requests

405 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nets4.com Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

405
Requests

93 %
HTTPS

55 %
IPv6

48
Domains

80
Subdomains

52
IPs

8
Countries

4895 kB
Transfer

10541 kB
Size

46
Cookies

405 HTTP transactions
6 data transactions