avasdemon.com Open in urlscan Pro
2606:4700:20::ac43:474c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://avasdemon.com/
Effective URL:
https://avasdemon.com/
Submission: On October 24 via api (October 24th 2023, 6:47:00 pm UTC) from US — Scanned from DE

Summary HTTP 371 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 36 IPs in 5 countries across 22 domains to perform 371 HTTP transactions. The main IP is 2606:4700:20::ac43:474c, located in United States and belongs to CLOUDFLARENET, US. The main domain is avasdemon.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 15th 2023. Valid for: a year.

This is the only time avasdemon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:a1d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	2606:4700:20:... 2606:4700:20::ac43:474c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	216.52.2.6 216.52.2.6	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
21	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	52.92.251.200 52.92.251.200	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	18.208.5.78 18.208.5.78	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2.17.100.224 2.17.100.224	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
7	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
6 8	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
6 10	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 8	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
5	159.69.70.9 159.69.70.9	24940 (HETZNER-AS) (HETZNER-AS)
1 2	144.76.104.53 144.76.104.53	24940 (HETZNER-AS) (HETZNER-AS)
1 4	178.63.52.121 178.63.52.121	24940 (HETZNER-AS) (HETZNER-AS)
2 4	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
2	49.12.16.151 49.12.16.151	24940 (HETZNER-AS) (HETZNER-AS)
7	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1 2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6	104.244.43.131 104.244.43.131	() ()
1	2606:2800:233... 2606:2800:233:8173:898f:63b3:95c3:79d2	() ()
2	192.229.233.50 192.229.233.50	() ()
371	36

1 2606:4700:20::681a:a1d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

avasdemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2606:4700:20::ac43:474c (United States)

ASN13335 (CLOUDFLARENET, US)

avasdemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.avasdemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 216.52.2.6 (New York, United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vap2ams1.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.251.200 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

feedburner.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.208.5.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-5-78.compute-1.amazonaws.com

t1.extreme-dm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e0.extreme-dm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.17.100.224 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-224.deploy.static.akamaitechnologies.com

pxdrop.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.26.193 (None, ) 6 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.89.210.82 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 159.69.70.9 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.9.70.69.159.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.104.53 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de

hal900022.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.63.52.121 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.121.52.63.178.clients.your-server.de

hal900020.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:4f8:d0a:2321::2 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 49.12.16.151 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-1.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.244.43.131 (None, )

ASN- ()

abs-0.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:8173:898f:63b3:95c3:79d2 (None, )

ASN- ()

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.233.50 (None, )

ASN- ()

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	608 KB
32	avasdemon.com 1 redirects avasdemon.com www.avasdemon.com	4 MB
23	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1192 syndication.twitter.com — Cisco Umbrella Rank: 1427	830 KB
19	doubleclick.net 7 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 98 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 187732	53 KB
16	lijit.com ap.lijit.com — Cisco Umbrella Rank: 754 vap2ams1.lijit.com — Cisco Umbrella Rank: 225495 pxdrop.lijit.com — Cisco Umbrella Rank: 3793	50 KB
11	redintelligence.net 2 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 41903 hal900022.redintelligence.net — Cisco Umbrella Rank: 368843 hal900020.redintelligence.net — Cisco Umbrella Rank: 369825	87 KB
10	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	6 KB
9	twimg.com abs-0.twimg.com abs.twimg.com pbs.twimg.com	5 KB
8	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 51750 medialead.de — Cisco Umbrella Rank: 51384	4 KB
8	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	6 KB
6	google.com feedburner.google.com — Cisco Umbrella Rank: 150208 www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2714 adservice.google.com — Cisco Umbrella Rank: 118	4 KB
4	retailads.net 2 redirects cdn.retailads.net — Cisco Umbrella Rank: 164332	11 KB
2	gstatic.com fonts.gstatic.com	30 KB
2	futalis.de futalis.de — Cisco Umbrella Rank: 354180	801 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	118 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200	925 B
2	google.de www.google.de — Cisco Umbrella Rank: 6147	515 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
2	extreme-dm.com t1.extreme-dm.com — Cisco Umbrella Rank: 168441 e0.extreme-dm.com — Cisco Umbrella Rank: 247554	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	81 KB
1	amazonaws.com s3-us-west-2.amazonaws.com	23 KB
371	22

	Domain	Requested by
28	avasdemon.com	1 redirects avasdemon.com
26	pagead2.googlesyndication.com	ap.lijit.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net avasdemon.com
21	platform.twitter.com	avasdemon.com platform.twitter.com syndication.twitter.com
14	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com avasdemon.com googleads.g.doubleclick.net
12	ap.lijit.com	avasdemon.com ap.lijit.com
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
8	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
7	pv.medialead.de	hal900022.redintelligence.net hal900020.redintelligence.net googleads.g.doubleclick.net
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	abs-0.twimg.com	syndication.twitter.com
5	hal9000.redintelligence.net	googleads.g.doubleclick.net hal900020.redintelligence.net
4	cdn.retailads.net	2 redirects futalis.de
4	hal900020.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900020.redintelligence.net
4	www.avasdemon.com	avasdemon.com
3	www.google.com	avasdemon.com tpc.googlesyndication.com
2	pbs.twimg.com	syndication.twitter.com
2	fonts.gstatic.com	fonts.googleapis.com
2	5994599.fls.doubleclick.net	1 redirects avasdemon.com
2	futalis.de	hal900022.redintelligence.net hal900020.redintelligence.net
2	hal900022.redintelligence.net	1 redirects googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	www.google.de	avasdemon.com
2	syndication.twitter.com	platform.twitter.com syndication.twitter.com
2	pxdrop.lijit.com	avasdemon.com
2	vap2ams1.lijit.com	avasdemon.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.google-analytics.com	avasdemon.com www.google-analytics.com
1	abs.twimg.com	platform.twitter.com
1	adservice.google.com	5994599.fls.doubleclick.net
1	fonts.googleapis.com	hal900020.redintelligence.net
1	medialead.de	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	e0.extreme-dm.com	avasdemon.com
1	t1.extreme-dm.com	avasdemon.com
1	feedburner.google.com	avasdemon.com
1	s3-us-west-2.amazonaws.com	avasdemon.com
371	39

This site contains links to these domains. Also see Links.

Domain
www.demonshoppe.com
www.colorlesscomic.com
www.patreon.com
www.twitter.com
www.instagram.com
www.twitch.tv
www.avasdemon.tumblr.com
www.webtoons.com
www.avasdemon.com
www.amazon.com
twitter.com
dream-scar.net
topwebcomics.com
feeds.feedburner.com
extremetracking.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-15` - `2024-04-14`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-08-03`	10 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
t1.extreme-dm.com R3	`2023-10-16` - `2024-01-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
cert2-prod.aut.a24365.net R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.futalis.de R3	`2023-10-13` - `2024-01-11`	3 months	crt.sh
pv.medialead.de R3	`2023-10-12` - `2024-01-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh

This page contains 24 frames:

Primary Page: https://avasdemon.com/
Frame ID: 7B54C8C677F42C114B97467C7A46FFC9
Requests: 48 HTTP requests in this frame

Frame: https://ap.lijit.com/sync
Frame ID: 62F75F361935DAEFD7434EC4A318BD4F
Requests: 13 HTTP requests in this frame

Frame: https://ap.lijit.com/sync
Frame ID: 041381A030312AE179FACFEADA71D734
Requests: 13 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Favasdemon.com
Frame ID: 0F430A7E2A717F7F366D1DF74C8FB84F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231019/r20190131/zrt_lookup.html
Frame ID: 7A70D7F3BFEA2C9972F66A9BE173BE15
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7701367955671600&output=html&h=90&slotname=3360821374&adk=3887289407&adf=3928560988&pi=t.ma~as.3360821374&w=728&lmt=1698166011&format=728x90&url=https%3A%2F%2Favasdemon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698173211616&bpp=3&bdt=444&idt=233&shv=r20231019&mjsv=m202310190101&ptt=9&saldr=aa&correlator=4305960855176&frm=23&ife=1&pv=2&ga_vid=159174282.1698173211&ga_sid=1698173212&ga_hid=1972417753&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=918&biw=1600&bih=1200&isw=728&ish=90&ifk=873420592&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31079086%2C44805113%2C44805533%2C44805932%2C44806499%2C31078301&oid=2&pvsid=518944053456691&tmod=390886724&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4hc2r9t0ca97&fsb=1&dtd=258
Frame ID: 41010628C314C63A6965787CF4AF497F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7701367955671600&output=html&h=600&slotname=5755884573&adk=3187182896&adf=891365235&pi=t.ma~as.5755884573&w=160&lmt=1698166011&format=160x600&url=https%3A%2F%2Favasdemon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698173211684&bpp=4&bdt=473&idt=225&shv=r20231019&mjsv=m202310190101&ptt=9&saldr=aa&correlator=4305960855176&frm=23&ife=1&pv=1&ga_vid=159174282.1698173211&ga_sid=1698173212&ga_hid=798251515&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1102&ady=1681&biw=1600&bih=1200&isw=160&ish=600&ifk=931819970&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44785292%2C44805113%2C44805534%2C44805933%2C31078301%2C31079056&oid=2&pvsid=3214204978976800&tmod=1951927451&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.eo1la53z9tgh&btvi=1&fsb=1&dtd=246
Frame ID: 51C6BFA97FA350C57889DEE05336E586
Requests: 15 HTTP requests in this frame

Frame: https://syndication.twitter.com/srv/timeline-profile/screen-name/avasdemon?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=700px&origin=https%3A%2F%2Favasdemon.com%2F&sessionId=38185cc0198bffac3982b28463eb8e0275a59b9d&showHeader=true&showReplies=false&theme=dark&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554
Frame ID: B492AFC9DBE98959EFBF4703491EAB53
Requests: 221 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 626A8C8BDE42B282B1FBA0F9D92344E6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1592D410652D781876983E2D79208763
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 57AB3988028AD2FF0E395F0F19BD2AFF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8C6E3BBB0A57B735AC80062F40A02761
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNVbptJ8bMHpnAxrZao2Ed_bJwu29OROoxjICMLAR2lCaNge7n4TkeXV_OgSJQvzPsZn9PceIfOlFuqSDYsQyyNGI1V1Qz1yOk6W-78Zd5J6NgAJDsnIVNlhKvDMghGjKbhUvYLsoSd_FmUhSUvKC_2_ti-koDABijsC8GVu8P4NBbX6AXg
Frame ID: D8130F4175D638753348D884AE31B23A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXTCTLHapisTdO_aNoXbnq5PZD7KsOueuFJ7sPGgirEGII94lGcQaV2KECe4y_7kZ6YX_13pyGRLghOe5J5jgszwnZ1nRDFb8_j9V0pfNtUYCeHkIRRiI1J8JhQlZs1m6-IlI1oyxZt7abwIdplVvT6TR_B3rUtu3JPbCfaJA1ktgYANzI
Frame ID: C43E0D3EE33E1754D85F26E172DD215F
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C6C61D89DD39A6A0B0BB9542A3EE1819
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B524A428E6B8E055E5F44B6162EB3C7B
Requests: 3 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3233064892
Frame ID: 4AD8E936199200E191DD7F32FB3DF8E9
Requests: 2 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=31268700152956804444550012487022&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: A6BD127F3BFC68F120B322A7B93937A2
Requests: 1 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=31268700152956804444550012487022&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 267B586F8EB936EB82FF428CDA26EDE4
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3233064893
Frame ID: 9769A1329CD7235B50CB5B65932422A4
Requests: 2 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=61631600169924004444556012487020&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: F5492D254FBDBAA167721123A2EDC643
Requests: 1 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=61631600169924004444556012487020&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: D5BCAE01458D887FB82868C9865E3FC3
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMecm5msj4IDFSsMogMdNCoEaQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5877783153756.009
Frame ID: 2B595567E3A542528F065BDBE27F22CD
Requests: 2 HTTP requests in this frame

Frame: https://hal900020.redintelligence.net/request_content.php?s=61631600169924004444556012487020&a=fd30efee
Frame ID: DB08C3D84EC7FBE91649BA45595292F8
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ava's DemonAva´s Demon

Page URL History Show full URLs

http://avasdemon.com/ HTTP 301
https://avasdemon.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

371
Requests

45 %
HTTPS

54 %
IPv6

22
Domains

39
Subdomains

36
IPs

5
Countries

5871 kB
Transfer

10106 kB
Size

18
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.demonshoppe.com/

Search URL Search Domain Scan URL

URL: http://www.colorlesscomic.com/

Search URL Search Domain Scan URL

URL: http://www.patreon.com/avasdemon

Search URL Search Domain Scan URL

URL: https://www.twitter.com/avasdemon

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tinypainty

Search URL Search Domain Scan URL

URL: http://www.twitch.tv/tiny_paint

Search URL Search Domain Scan URL

URL: https://www.avasdemon.tumblr.com/

Search URL Search Domain Scan URL

URL: https://www.webtoons.com/en/challenge/avas-demon/list?title_no=349705

Search URL Search Domain Scan URL

URL: https://www.patreon.com/avasdemon

Search URL Search Domain Scan URL

URL: http://www.avasdemon.com/

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Avas-Demon-Book-Reborn/dp/1534324380/ref=sr_1_1?crid=MCMWY17OMIOP&keywords=ava%27s+demon&qid=1687468562&sprefix=ava%27s+demon%2Caps%2C169&sr=8-1
Title: here on Amazon.

Search URL Search Domain Scan URL

URL: https://twitter.com/avasdemon?ref_src=twsrc%5Etfw
Title: Tweets by avasdemon

Search URL Search Domain Scan URL

URL: http://dream-scar.net/

Search URL Search Domain Scan URL

URL: http://topwebcomics.com/vote/15515/default.aspx

Search URL Search Domain Scan URL

URL: http://feeds.feedburner.com/AvasDemon

Search URL Search Domain Scan URL

URL: http://extremetracking.com/open?login=avasdemo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://avasdemon.com/ HTTP 301
https://avasdemon.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBVf52TW36etcrCbYrb-enc&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBVf52TW36etcrCbYrb-enc&google_cver=1&C=1

Request Chain 100

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTgRHCC-6A1HyDn-Di8XNwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKKYPwn0nensN9EkjBwaBQ&google_cver=1

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFc_hRlQ9Op4EmipU-vWvVg&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFc_hRlQ9Op4EmipU-vWvVg%26google_cver%3D1

Request Chain 102

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI2ODc4MTc5NTkzMjgwNTk2MA%3D%3D

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKKYPwn0nensN9EkjBwaBQ&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKKYPwn0nensN9EkjBwaBQ&google_cver=1&C=1

Request Chain 107

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTgRHBJAM0Jgwnc3fwRQgwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKKYPwn0nensN9EkjBwaBQ&google_cver=1

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPJYNKw7yg7C2DDp3UAPy4Q&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPJYNKw7yg7C2DDp3UAPy4Q%26google_cver%3D1

Request Chain 109

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYwODk2NDA3MzE5MzMwNjg4Ng%3D%3D

Request Chain 119

https://hal900022.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=56d2f09758&subid=&uid=0bef36ada86ea751&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVczkHBE4ZcWoApGMvcAPkLKroAWm5b2gaYWVnKfJD_AuEAEgtNj2I2CVgoCArAfIAQmpAvAs_mHsx7E-qAMByAObBKoEhgJP0E8AALa3qUaQ025PYhVkxO83iGV1IrXf2C1bf8ArEUk-P0RmntvoK-eM_fNsTHf-RtdgPlLdFbzuFxZoQ1yBRv80-u3T-u8JkI-9NAHaYjQW1djSexL8sU33-2bWIREJu-KE4oFxTqxQzX3C9Zv5lAZhxPfVvrdI2a0tm2xppEHrdAB-WRx0ScUqVbklv6cIZ92UFSwAQjyMjvcF4i14Zkk3OkS0hQlqcyBkNULECMsoYeCHZnMCDDLePb0mMGJ-5KPm6dq5Nv1swnWq1eQzXTcwMUsMCaANcn87embcgc9_X1DhI1psJD7-N7aSsW06rqn1hPUqXvJZo4Z3ptnywrHvBBShwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREWwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSSwDICaaNr-lteqIK2yBzRgTYegnpEX9pXFcSu0-mztQjQj7zntKLeIvFUFmnj0EZDDiMoXJQgBA8CbLzPIBS3o9dBki8IO5Ps6eFZRgB%26sig%3DAOD64_2GwkoaarWOHpgalIgAjMgAYu5ZUg%26client%3Dca-pub-7701367955671600%26dbm_c%3DAKAmf-DfafHN6qbjlwNwHJpvft1Gallx-18fmxIx6RNVkgDxY2_a0kiBhTzApUxv_G1RmEas1G00fEKGpFWNm1Jjh68HcogIAelUQYhsuTi5buRA8U8NsfOLhvTJOMkBrWiPRO2bmdQnLmb2-wf1wg3yLaepMWd2AjqrXCMFDlqueMGzIhQ6Ocs%26cry%3D1%26dbm_d%3DAKAmf-A-f72huhBklKHSa5vJA-N9vdX6n6HbIOvOm9cFKOz96-P4PzirHGxfn4UY4SDMQf0LYZUG2fRtJtYxPv2LuafYr0eUZLPQjl2DksuTkJGd2xZqQi9_7YzhXwvBcqJAEOkBPArxGxaILuzFqjaAXvfZIgK-zw4MXERrld4GZr6JjB8T9so3VAaaOEqS7scBfDq6F2liz7h03-9QWf0eX1WjHSvYVDzbLCcht8Nj5l9437s6bgIEEn7KpaRiI69HbBmD2bRjP8A0uFkg88c5iPfFkXfpev6kNIXOexKo8tkDfakW_uJ5oj82IvbUXR2Qa9tgL_SD88mCeURmHHTElZZ8u2_gNk6q_fSzwJYdehKK1dDyWog8Zx-r-WlrF7tQy3D4gX_vW-d0fqghQMRsTWw2seYOTdgB3HcykQWP8UZmDongk5dNRxmkzSGpXubSZPuN7JOc6Q938UeqPs2jBTIRjkibrnbWbzq0zAegDVQuKmeaDJ6iea7iWqFCFo9clvZJHRb0ASsRrcDce_OeMXC_vsEUNr-6Gg-yeYH6oNC6AAQObEA%26adurl%3D&documentReferer=https%3A%2F%2Favasdemon.com%2F&ancestorOrigins=https%3A%2F%2Favasdemon.com%2Chttps%3A%2F%2Favasdemon.com&random=9966358832851&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900022.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=56d2f09758&subid=&uid=0bef36ada86ea751&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVczkHBE4ZcWoApGMvcAPkLKroAWm5b2gaYWVnKfJD_AuEAEgtNj2I2CVgoCArAfIAQmpAvAs_mHsx7E-qAMByAObBKoEhgJP0E8AALa3qUaQ025PYhVkxO83iGV1IrXf2C1bf8ArEUk-P0RmntvoK-eM_fNsTHf-RtdgPlLdFbzuFxZoQ1yBRv80-u3T-u8JkI-9NAHaYjQW1djSexL8sU33-2bWIREJu-KE4oFxTqxQzX3C9Zv5lAZhxPfVvrdI2a0tm2xppEHrdAB-WRx0ScUqVbklv6cIZ92UFSwAQjyMjvcF4i14Zkk3OkS0hQlqcyBkNULECMsoYeCHZnMCDDLePb0mMGJ-5KPm6dq5Nv1swnWq1eQzXTcwMUsMCaANcn87embcgc9_X1DhI1psJD7-N7aSsW06rqn1hPUqXvJZo4Z3ptnywrHvBBShwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREWwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSSwDICaaNr-lteqIK2yBzRgTYegnpEX9pXFcSu0-mztQjQj7zntKLeIvFUFmnj0EZDDiMoXJQgBA8CbLzPIBS3o9dBki8IO5Ps6eFZRgB%26sig%3DAOD64_2GwkoaarWOHpgalIgAjMgAYu5ZUg%26client%3Dca-pub-7701367955671600%26dbm_c%3DAKAmf-DfafHN6qbjlwNwHJpvft1Gallx-18fmxIx6RNVkgDxY2_a0kiBhTzApUxv_G1RmEas1G00fEKGpFWNm1Jjh68HcogIAelUQYhsuTi5buRA8U8NsfOLhvTJOMkBrWiPRO2bmdQnLmb2-wf1wg3yLaepMWd2AjqrXCMFDlqueMGzIhQ6Ocs%26cry%3D1%26dbm_d%3DAKAmf-A-f72huhBklKHSa5vJA-N9vdX6n6HbIOvOm9cFKOz96-P4PzirHGxfn4UY4SDMQf0LYZUG2fRtJtYxPv2LuafYr0eUZLPQjl2DksuTkJGd2xZqQi9_7YzhXwvBcqJAEOkBPArxGxaILuzFqjaAXvfZIgK-zw4MXERrld4GZr6JjB8T9so3VAaaOEqS7scBfDq6F2liz7h03-9QWf0eX1WjHSvYVDzbLCcht8Nj5l9437s6bgIEEn7KpaRiI69HbBmD2bRjP8A0uFkg88c5iPfFkXfpev6kNIXOexKo8tkDfakW_uJ5oj82IvbUXR2Qa9tgL_SD88mCeURmHHTElZZ8u2_gNk6q_fSzwJYdehKK1dDyWog8Zx-r-WlrF7tQy3D4gX_vW-d0fqghQMRsTWw2seYOTdgB3HcykQWP8UZmDongk5dNRxmkzSGpXubSZPuN7JOc6Q938UeqPs2jBTIRjkibrnbWbzq0zAegDVQuKmeaDJ6iea7iWqFCFo9clvZJHRb0ASsRrcDce_OeMXC_vsEUNr-6Gg-yeYH6oNC6AAQObEA%26adurl%3D&documentReferer=https%3A%2F%2Favasdemon.com%2F&ancestorOrigins=https%3A%2F%2Favasdemon.com%2Chttps%3A%2F%2Favasdemon.com&random=9966358832851&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 121

https://hal900020.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=e661cfd4f4&subid=&uid=dc04f5bab0ba6f3e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvEBFHBE4ZZjHBa6ovcAPld61kASm5b2gaZ2cnKfJD_AuEAEgtNj2I2CVgoCArAfIAQmpAvAs_mHsx7E-qAMByAObBKoEjQJP0J3rCMKgVHqFuEy5SsqvscYSmGF_-PFAqrY2DrV4pTDrmqEhRfguWazSzroCv7GsrYUgQWz2-DfPJSDxUl-lTE08DLdWK_ghJozvlUGSRoTBLsOE_9FkMxcY3ycdQMv98RPU5fnmtug2pHhmU4p7Rupllb4hrP6r_HhBiV4D6__zWItVO9dCQS1nmzYo9HI5LIOZslhN4Pi_J1yXbySNVloJUTj3pYBlwyZ-hqwYLatBapGEmpeyhHLZSwD1YjKUYC-KwzptZXZW_q7IIShcdlxVnftP_NeF2oFU6kLSD4pc3uS9yKds7IGGhX3W0KKKx6jHIKYML9RybNn57BJ_qppMDyDeWng8r1lBjMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaN_J363fwUlgfWIaqMQM_ZQ18Ws0YGx0-N4rGP4I1P2jlyxyDJkuFj9MeaaVZ4JGe6Zy2yeUXrBeoiMsLJ4qw-XpwiUgsXH_YYAQ%26sig%3DAOD64_1wtqc2e9SiTt0I5-jbG4rfnB0uLA%26client%3Dca-pub-7701367955671600%26dbm_c%3DAKAmf-B0av4AwOyZr4e40amX8OwiZKrOh35Qz_WX4D3aLyY09sMD73_awIcQ1QNsY1d8vrdBQ3yiQp0NeBFOAdG8JxCgtjamG-CAWXlnwTFr478A7nw_kl7dTouHNw9LS0Yi_2MBwALPsgdfXSMouk5lSzQ6fXTkoF9d09oaDQqK9cvaf-iFonA%26cry%3D1%26dbm_d%3DAKAmf-A_WlyaZa358O-ivJvViXGvO3no0ajnBhEPCwrjw9XWSHS0X-I5NQY3fT3FIny98Lx8VGqZ8qh0_Valn0oOTN7OrezekOoPrtcb3O5uM0N5z1Rm_83tuPwnNHUOdkqybD0RXSj0RRBXhYS7OVHzzj4tYFs1tdwOmPv6dKIebq22hB3pHbqj24we7ui-IQx-R_4PuyK_Egtb1YetupY8RhII6LEcQyJV5mrDnV-kHMtV2s5nQPck92yClXOBvGkhuLEzDiMhya4qAvbEcE0iVxpcMOge1Fut2stAQ20b63PtOMXp5xmlESHbc56I2DuMD4kageZHWlGhNgE-Vd-UdPra4fWKS8F6qMJew8Q__2k57S1-ou5nq_2XObUb0cUeYCfPOVT0k4EwI-d1rkPpPYW8FF8ceD6oKa0vURXEfJUd-1Og2lH0zv9tigocSMRmu1fRqOQhGB5qomzTlyEkjpXpqvA96qBD1-KWaB8FQCjecpufnswNg6p9Z6jgJLvhaV8uPEypSodYawLrJI2o5CRiUuY04qH3937ef6gZaAYsLrnreuY%26adurl%3D&documentReferer=https%3A%2F%2Favasdemon.com%2F&ancestorOrigins=https%3A%2F%2Favasdemon.com%2Chttps%3A%2F%2Favasdemon.com&random=6799833153718&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900020.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=e661cfd4f4&subid=&uid=dc04f5bab0ba6f3e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvEBFHBE4ZZjHBa6ovcAPld61kASm5b2gaZ2cnKfJD_AuEAEgtNj2I2CVgoCArAfIAQmpAvAs_mHsx7E-qAMByAObBKoEjQJP0J3rCMKgVHqFuEy5SsqvscYSmGF_-PFAqrY2DrV4pTDrmqEhRfguWazSzroCv7GsrYUgQWz2-DfPJSDxUl-lTE08DLdWK_ghJozvlUGSRoTBLsOE_9FkMxcY3ycdQMv98RPU5fnmtug2pHhmU4p7Rupllb4hrP6r_HhBiV4D6__zWItVO9dCQS1nmzYo9HI5LIOZslhN4Pi_J1yXbySNVloJUTj3pYBlwyZ-hqwYLatBapGEmpeyhHLZSwD1YjKUYC-KwzptZXZW_q7IIShcdlxVnftP_NeF2oFU6kLSD4pc3uS9yKds7IGGhX3W0KKKx6jHIKYML9RybNn57BJ_qppMDyDeWng8r1lBjMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaN_J363fwUlgfWIaqMQM_ZQ18Ws0YGx0-N4rGP4I1P2jlyxyDJkuFj9MeaaVZ4JGe6Zy2yeUXrBeoiMsLJ4qw-XpwiUgsXH_YYAQ%26sig%3DAOD64_1wtqc2e9SiTt0I5-jbG4rfnB0uLA%26client%3Dca-pub-7701367955671600%26dbm_c%3DAKAmf-B0av4AwOyZr4e40amX8OwiZKrOh35Qz_WX4D3aLyY09sMD73_awIcQ1QNsY1d8vrdBQ3yiQp0NeBFOAdG8JxCgtjamG-CAWXlnwTFr478A7nw_kl7dTouHNw9LS0Yi_2MBwALPsgdfXSMouk5lSzQ6fXTkoF9d09oaDQqK9cvaf-iFonA%26cry%3D1%26dbm_d%3DAKAmf-A_WlyaZa358O-ivJvViXGvO3no0ajnBhEPCwrjw9XWSHS0X-I5NQY3fT3FIny98Lx8VGqZ8qh0_Valn0oOTN7OrezekOoPrtcb3O5uM0N5z1Rm_83tuPwnNHUOdkqybD0RXSj0RRBXhYS7OVHzzj4tYFs1tdwOmPv6dKIebq22hB3pHbqj24we7ui-IQx-R_4PuyK_Egtb1YetupY8RhII6LEcQyJV5mrDnV-kHMtV2s5nQPck92yClXOBvGkhuLEzDiMhya4qAvbEcE0iVxpcMOge1Fut2stAQ20b63PtOMXp5xmlESHbc56I2DuMD4kageZHWlGhNgE-Vd-UdPra4fWKS8F6qMJew8Q__2k57S1-ou5nq_2XObUb0cUeYCfPOVT0k4EwI-d1rkPpPYW8FF8ceD6oKa0vURXEfJUd-1Og2lH0zv9tigocSMRmu1fRqOQhGB5qomzTlyEkjpXpqvA96qBD1-KWaB8FQCjecpufnswNg6p9Z6jgJLvhaV8uPEypSodYawLrJI2o5CRiUuY04qH3937ef6gZaAYsLrnreuY%26adurl%3D&documentReferer=https%3A%2F%2Favasdemon.com%2F&ancestorOrigins=https%3A%2F%2Favasdemon.com%2Chttps%3A%2F%2Favasdemon.com&random=6799833153718&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 123

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=31268700152956804444550012487022&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3233064892

Request Chain 132

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=61631600169924004444556012487020&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3233064893

Request Chain 135

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5877783153756.009 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMecm5msj4IDFSsMogMdNCoEaQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5877783153756.009

Request Chain 137

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=61631600169924004444556012487020&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=61631600169924004444556012487020&t=htlp&gdpr=1&consent=1&gdpr_consent=

371 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
avasdemon.com/
Redirect Chain

http://avasdemon.com/
https://avasdemon.com/

9 KB
4 KB

734ms
697ms

Document
text/html

2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8e2aac02b0dbdfa237f77f38915ad71c504d1252f8a27ec99cb3ca733bcafa8f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 81b462805ff53689-FRA
content-encoding: br
content-type: text/html
date: Tue, 24 Oct 2023 18:46:50 GMT
ms-author-via: DAV
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Nsg7JhOBljmyS4fuaD2h7Nmzq874VAkiD1CQlMAlg4ONJ5TzEG95HCMYr8wBwTJpDl9%2Bz0Z%2FgjsO6MVFPMFxJ67eiNCSj74rmF4P%2FVZBxDMCchROjgrxc59UCt1%2Fg%2FAdrMUY83VnB8CcAQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PleskLin

Redirect headers

CF-RAY: 81b4627fe8b89972-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 24 Oct 2023 18:46:49 GMT
Expires: Tue, 24 Oct 2023 19:46:49 GMT
Location: https://avasdemon.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31DVznpjEs7EEXp1c4KK%2F%2FyV1cB9BNferS98SJ7TvA%2FRXCoySPCQagZDj2qIWBsW4vKwWzur1J1%2FSXHZ530VemFKNiBUztD219fZlhsXR6SVEF4rF%2BhSdQzZpb%2Bci9cr7A7JRNki7teZSLI%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 I4Rw9OdPoNd5pUiEV5MazbjwNmk.js Show response
avasdemon.com/cdn-cgi/apps/head/ 6 KB
2 KB 44ms
42ms Script
application/javascript 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avasdemon.com/cdn-cgi/apps/head/I4Rw9OdPoNd5pUiEV5MazbjwNmk.js
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaa7021059b802b9d6e3fedb3213703fbea81400c6e79ec1688013d894f4e0d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:50 GMT
x-amz-version-id: tyHKFrlQGLdecmcGP85PomevR_seOWSh
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: FXGES970WYK4ED6C
age: 7420243
x-amz-id-2: 9By6BzTn6ob9MBWmYxbS330tqWU7/hvsq+7/6B/nM1CTL8Ok508xJJX/QtGKfaZnIAnhkUgN3sM=
last-modified: Mon, 24 Jul 2017 16:32:28 GMT
server: cloudflare
etag: W/"6e92ec95f471a33dc6b9b95927c44769"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAvSqcIE%2B7TVHhlg2yXvTo1OtCO4s%2BKieI%2FcQW3O4evoQTgJb5bKOICD8HnM2uQr5llwAhsBR9RrLaS1ENZvfTMMHWBKdbQb5FW7Gx3deaoR38voz9s1XaBfvCW0s6gs898866Lh5R21gBY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 81b46284bfc53689-FRA

GET
H2 200 ava.css
avasdemon.com/ 3 KB
1 KB 629ms
627ms Stylesheet
text/css 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avasdemon.com/ava.css
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 97e73a6f5f96c533cc4e5dc61e2d69f175e33888e85d72232b073822df243aed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Mon, 03 Jun 2019 06:43:36 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=4339
etag: W/"5cf4c198-10f3"
vary: Accept-Encoding
x-powered-by: PleskLin
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARoYLUkpy8f1cyxAlpBXKO9tzxQcWxpPBdm%2BvsFU8hK2wahg3G2XD9RFQmDYOcaBwm5%2BhOHIPz3YFdECY2efwtetJSgk%2BuX3Yx1y4ZtEh7TqWnKDYXLtKsvZQu409Tuo9OTJLDRtrTYWEEc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 81b46284bfd23689-FRA

GET
H2 200 jquery-1.11.1.min.js Show response
avasdemon.com/ 94 KB
34 KB 663ms
662ms Script
text/javascript 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avasdemon.com/jquery-1.11.1.min.js
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 23 Apr 2019 09:47:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5cbedf37-1762a"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fsb59tXBJjr9wC8GRzTM2TC3mPMuF4l45AuRJH7WXQL%2Fc6QUymELxYblbtzw%2FkBpAith6cezk2YUA9p%2F2EBucH7pLKODv%2BrlBLKqa7bsqytKuj9648xOBzYAn5geVmGJpP98jPM1w8SqpRs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 81b46284bfd63689-FRA

GET
H2 200 jquery.cookie.js Show response
avasdemon.com/ 2 KB
1 KB 648ms
647ms Script
text/javascript 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avasdemon.com/jquery.cookie.js
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0caab7de2b6d190e7fad15e5e81b2e8130ac073fe1960149c597b9ac12509d1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Tue, 23 Apr 2019 09:47:35 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3121
etag: W/"5cbedf37-c31"
vary: Accept-Encoding
x-powered-by: PleskLin
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3ety04SutEz8iJ3DHp0toAvICkMcjOOVxIoKkn2JNBlKRNKaOKFgRGQfgojqp1pQwMwO8lTj8IYNDeuZOjgc8iQk5yBN15yAxuYojCUz0B6dRizP%2B3aOfdFU6dFjemQHaIgwBsXxf%2B6kQc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 81b46284bfda3689-FRA

GET
H2 200 comicQuickLinks.js Show response
avasdemon.com/js/ 1 KB
738 B 647ms
646ms Script
text/javascript 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avasdemon.com/js/comicQuickLinks.js?v=1698173210
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2dea8920e32f728df4b11ffb4cb24af08ddf2f8338486d33d217046d95341d0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 15 Feb 2023 05:13:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63ec6a14-58a"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ooxxVOWGFYzDMBMCH1jV9fhvb1BrjVoXd848IE4RNPb%2BgEvZrpKhu5iR6q7v0qSqWY1o3TbFbmTFZaTRi9%2FIvw3AjMMF84DnjXS9E1idi5hCZ3rsjC%2BeT%2B2d3trRqYtY9kd6%2F0Fmqssxouw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 81b46284bfdc3689-FRA

GET
H2 200 mobileFunctions.js Show response
avasdemon.com/js/ 9 KB
4 KB 647ms
646ms Script
text/javascript 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avasdemon.com/js/mobileFunctions.js
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 19cf60073c073c33a298d4d0f8e69298ce0a1fd8bf05e676b89f923bd03d181f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Tue, 01 Oct 2019 04:13:08 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=10622
etag: W/"5d92d254-297e"
vary: Accept-Encoding
x-powered-by: PleskLin
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlJQxIglY0L%2FoBx4p5LaUES35guClxIZfJmzxdgv88bhKAzoskMPQYSq%2Bjr7VY14%2B7vSPrh0EHDoFOAJDsuNiSsFBPrsmw5%2BuRIW9K%2FylCSscltgu4iPvMeKLWEQ9OlTmggL8vu4VAJOB%2Bs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 81b46284bfdd3689-FRA

GET
H2 200 tt.png
avasdemon.com/ 129 KB
130 KB 630ms
629ms Image
image/png 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avasdemon.com/tt.png
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 48f2030375e13e9a75bb5e6bb16ad5b0408605ca36cd8123ea6fe784bc4713e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:50 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 02 Jan 2017 00:58:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5869a5a8-2056f"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4a%2FFSKGQfknhhE6qA5%2FZ5n4FF3y4B7MjoUcjM6UEWa%2FspvpeGk7qAQtimfCNbnV3coiT9pvt%2BFVnZERPTWSUsqa6QY2%2Ffx%2BzHaflJwvihxNzjTVfClNN%2BJ481SEptti4%2Bac%2BdEMkkoN7T%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 81b46284bfe23689-FRA
content-length: 132463

GET
H2 200 coverglow.gif
avasdemon.com/ 2 MB
2 MB 647ms
646ms Image
image/gif 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avasdemon.com/coverglow.gif
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a845215a5303c1d706e923402f6fa524189a35d50990bf20b1e0e4ca276fb1b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:50 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 02 Apr 2015 04:30:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "551cc5cd-1be988"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n26yVg5rw0xuRTdPoPkTG5JFv4EgdoGui%2FO05SBdicMgWemPBFUesBbRV5qV94tdhiDqGqEpIEk6ADaldies%2FFUoetwqq8Bt8SuNJsHT2SdmcSBmfAnAkI0boqTTlfYl5ldiopBsnvLmnFc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
accept-ranges: bytes
cf-ray: 81b46284bfe43689-FRA
content-length: 1829256

GET
H/1.1 200
OK fpi.js Show response
ap.lijit.com/www/delivery/ 5 KB
3 KB 89ms
32ms Script
text/javascript 216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/delivery/fpi.js?z=395714&width=728&height=90
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 24 Oct 2023 18:46:51 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"64ad70ab-1540"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
X-Sovrn-Pod: ad_ap2ams1
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 first.png
avasdemon.com/ 37 KB
37 KB 637ms
626ms Image
image/png 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avasdemon.com/first.png
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 20d0999d70f6a345bb5a30c42961b2effc21fa3779b2d1bdb250af34c53f7f57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Dec 2014 02:24:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5483ba6e-92e2"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSh%2BhB3Ojs25tWe6oNQoHzt1esmP7avwn9GPEpXw5YvqpyBoch98%2FwkA9zcUUyzHsO0kzzPcybY8WnZ57frIcwNELHWcdd7vUZW6sCB%2FldxB1UhPWYsXEwC%2F9XTHpCezAEkYATzt2sg0CTA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 81b4628978283689-FRA
content-length: 37602

GET
H2 200 latest.png
avasdemon.com/ 39 KB
39 KB 690ms
678ms Image
image/png 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avasdemon.com/latest.png
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: eb9b9bdebef11782576fcdec7363614ee65194a66556a66f39b01f3e3ec0e674

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Dec 2014 02:24:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5483ba70-9a73"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dr1tMN%2B0%2FgF%2FBxS%2F4bU%2BdDPoXZgkPjBZhYUdxzq6XoXmMAWs5n1QICxfOKXuMcUNiJWVYI3zAT01YeSJqL2yx8thOtbfxEy3Ps6b7LJTMKCPbnR0PxYkKkiafUBwEt4HtcOXGrowUhoxkCQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 81b4628978303689-FRA
content-length: 39539

GET
H2 200 archive.png
avasdemon.com/ 35 KB
36 KB 697ms
686ms Image
image/png 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avasdemon.com/archive.png
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b9c4da3444ccd759c7b2ba86705426755554e767cbd386eafce86c7fcb0126af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Dec 2014 02:24:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5483ba61-8ca5"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbGc9qil4P3yGuanwLa%2BPEipH119zDMNKkeAuc4Di%2Bi9dPli1ZHT5yeknB8frCnFLVdpys41YmW9iXfBpMQKLQTYIKqbHot77ihSKnjYgD7ydomtAiAcKAVfIMetBWuKZLeIlpTARQqK3nw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 81b4628978363689-FRA
content-length: 36005

GET
H2 200 links.png
avasdemon.com/ 36 KB
36 KB 948ms
937ms Image
image/png 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avasdemon.com/links.png
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f94506564b50e8679d5cb657e457f45d459536c69a257f12517ccd3fd0bed6ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:52 GMT
cf-cache-status: MISS
last-modified: Tue, 03 Feb 2015 17:15:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "54d1021b-8f3b"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JktH1FYfw6UHCL4%2FbXOLoB%2FF34ZIbl4ThiuAlPMOZVkL2YifspWdXJBhTk7ps079GCqMSuwr6N%2FlkzCLnIUhX6QxuR8Mm2nadgNtiLzlZGBmw646%2F2AmXE8YeYcqmmAjt2Whz6REc7R%2BxV0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 81b4628978393689-FRA
content-length: 36667

GET
H2 200 characters.png
avasdemon.com/ 34 KB
34 KB 687ms
677ms Image
image/png 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avasdemon.com/characters.png
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 1cf58ef1d75d7cdd8e7da95a6a6111b5038e74f4b9bf88fe32bf893bc635f872

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Dec 2014 02:24:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5483ba67-8732"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvPD9VPnyLWzOMucD%2FGtlRP19Ux4Rulw2hjiPK6MCUi1xLT%2FuEMcsmXz3VZxFgpkEv5Oq%2BdKeR%2BtjOxQKy6CHkOgmU%2F8cULWmbQdsaHCY9MSqwWQIr8%2BmBbND%2FOwofV01KcpiC8er%2FhgxhU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 81b46289783a3689-FRA
content-length: 34610

GET
H2 200 prints.png
avasdemon.com/ 36 KB
36 KB 654ms
644ms Image
image/png 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avasdemon.com/prints.png
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ab8d01c97d0c58075504ab82f9eea73cc83ebc380d450109c1039dfd416c3311

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Dec 2014 02:24:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5483ba77-8e92"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2B2aGXiVx1NK0EeiR93a6gIlTRGitmqdysOpuoKoIJjq0gCKSGxswws4qoUFAUHF18IQZcLu1ZTRAZwM71cNACLf2gfCRJ%2Fpc3uDIu58CjjWxyhan6AEDN7XpopBeg4Vj4caFTVEOuDSQ2A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 81b46289783c3689-FRA
content-length: 36498

GET
H2 200 donate.png
avasdemon.com/images/ 39 KB
40 KB 695ms
685ms Image
image/png 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avasdemon.com/images/donate.png
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e21224dc534d48773cbc60aeedd6104671ef2d2ccfd474b4543887dd22609a24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 10 May 2019 01:05:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5cd4ce6f-9c71"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRwCuqOSo5iV2yFIOHuDYVmhpYmKajeG2RxPl45R7NW30X7j%2FknHgwszE7JAQ6CJPwbYFB%2B3gvobBGQpAV9CwEHGTAsgAGAVpfoUxsLYGfxBo9%2Fm1wp3MVPwwkhIEYiQQKbVSop9wHY8Fmg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 81b46289783e3689-FRA
content-length: 40049

GET
H2 200 proc1.png
avasdemon.com/ 27 KB
27 KB 690ms
680ms Image
image/png 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avasdemon.com/proc1.png
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a4d34ba920164a291133631fd8e416f97d4c54610c6e3a685e12ddef054e6b7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Dec 2014 02:24:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5483ba77-6a43"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjUo51w34vphIqqrWReD%2FWKrioGwENbeLdN7WOdOPW%2BSJa5opKY%2BiVMqZCHMOvMdT9%2B0mQQOckxOlxXEDr19YN8VGqNCbpJymx6Rc7IuZlEeeJqe0qnBgBh2Yy4Btv32uif0lblvjr0DnUQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 81b46289783f3689-FRA
content-length: 27203

GET
H2 200 about.png
avasdemon.com/ 57 KB
57 KB 660ms
650ms Image
image/png 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avasdemon.com/about.png
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: fe28d525feb98eddfad147fb2f77af03f3f62b2a2c4c9407e537761539ecc524

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Dec 2014 02:24:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5483ba5e-e25b"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yY2UA7YtNRXXKj06xmB0EIKT%2BQGizVDzPz0tByldGGv%2BweLDEifOaepmAz7X16MZFZSeN6bTUeIIHCpepb7ghYyjqEhvceisUPlx2%2FXMpcUhabcBx3WXgolmgCQilzBs6QOIlG1qK2rg0l4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 81b4628978403689-FRA
content-length: 57947

GET
H2 200 colorlessad.png
www.avasdemon.com/ 86 KB
87 KB 102ms
84ms Image
image/png 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avasdemon.com/colorlessad.png
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 3105f89805d4ba49826026a24398330bdf6fc106f97c898dadd16a534828d7b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
cf-cache-status: HIT
last-modified: Sat, 13 Jan 2018 03:12:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5309
etag: "5a597900-1589e"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ayNRouwJeU8FT1%2B33%2FtSvqqoOCO%2BreqEaK6pnkNghqUDUmcQYqE339uafPdEar6LxlAAi3IhTo2jNaL6xcdQoL%2BpEO5V7DrE9d2KRrE9qp1qwosnWvv6nGfGHbv3e1K2ZuNPNrJEqr0FooAY9Pev"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 81b46289887c3689-FRA
content-length: 88222

GET
H2 200 patreon.png
avasdemon.com/ 69 KB
70 KB 684ms
675ms Image
image/png 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avasdemon.com/patreon.png
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 10f9d5b496101cdbaf798ca05653be168cca1ecfa3dda75fc55d17deb4817203

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 02 Jan 2017 20:50:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "586abd0f-115f7"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ioCu2Z5rJ5092ZS2XuxX9md1ZOd3sUde%2BI6QXulnOlNPpdaEQBiLhmpvz1pugoSYkcnnR7fPZfQ%2BtQq%2FSDAAvH4o%2FrXzVMm9Nciq8HCUVrClQO1RTbg%2F79E17uPM7UKHukgKxIT%2BkAiqty4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 81b4628978433689-FRA
content-length: 71159

GET
H2 200 twitter.png
avasdemon.com/ 52 KB
52 KB 703ms
694ms Image
image/png 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avasdemon.com/twitter.png
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 54c2f6a0ca1715f8c1e8c1ded945312c8bef62f19fb351e539a4f0b09d75618e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 02 Jan 2017 21:01:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "586abf92-ce75"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=epHS4x6d%2FbCAyP0nBQPJ4ZQblizjuTL5XNcEDJMdnrWlsDipCI50Shk0oQaUxymXCFGcsT%2Bw0F8ke86egFJ1ZpqYSmE6g6t7N4tcbIoJKw3OxPN4fxMcvcB7tqlqb9HlKm6392IudSfFrKU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 81b4628988603689-FRA
content-length: 52853

GET
H2 200 insta.png
avasdemon.com/ 62 KB
63 KB 696ms
688ms Image
image/png 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avasdemon.com/insta.png
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c78a488c4addff65472d62a516e1beffb79729db7a849f68458337f387203906

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 29 Jan 2018 19:50:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5a6f7b1e-f99f"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8Q4h5BAzEiXwr9kYuRulDS%2BpjAWPhVK0PVCsq5%2BjPhGElPDJU9EmiJfHEGV%2B5XLqBB0AyVobFEyWGcqBSgwOIAI1NTXDZahHcRWkKVfHABxDWUbSSkL24szQ6KaL%2BzxyOOx%2Fl657q2Yr%2BU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 81b4628988643689-FRA
content-length: 63903

GET
H2 200 twitch.png
avasdemon.com/ 62 KB
63 KB 712ms
703ms Image
image/png 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avasdemon.com/twitch.png
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2d967d407e5f078b2edf90fa5d2709880d8fca8b38b4ce8bd1361051099095a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 30 Jan 2016 19:36:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "56ad10a5-f8d9"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fu%2F4ltXxNuvWJiDyvXDFTrmtKM8EyEGUanKFV5IlfZlCvCDuYdCUNsbAifdQKzCMVszrVBqSYgKFrOAxVI7pmIq%2Bv7ykIV9AaSfsd46tsUfo%2FQ7NlVPI2PYQr%2BCuCbRrx3PZJgPH4%2FZHINA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 81b4628988663689-FRA
content-length: 63705

GET
H2 200 tumblr.png
avasdemon.com/ 65 KB
66 KB 712ms
704ms Image
image/png 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avasdemon.com/tumblr.png
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9b8c3a9409cbea399e4d1d5e88a73e4cc595113151aab2d7c5135fb3b54ebd98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 30 Jan 2016 19:36:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "56ad10a5-104bb"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfzxxGc8mmBnOh%2F3sbravFnEw1AgERLzmjTAfKB2Fr4mPEleBs8E%2BzQLelYioSgPWQmDl1qM3Nk02O4%2B0IxZmqCd3uDOBR%2FHk9pITxxUkWFiRn7Z3gsQylY69fdyqawUC0Le383PBzQBe5c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 81b46289886a3689-FRA
content-length: 66747

GET
H2 200 webtoon.png
www.avasdemon.com/ 51 KB
52 KB 99ms
83ms Image
image/png 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avasdemon.com/webtoon.png
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5e8dd214218b0079b92803ad10617a2fb86fe1ea302d3646be0c5c0c2d0216b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
cf-cache-status: HIT
last-modified: Thu, 31 Oct 2019 15:35:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5307
etag: "5dbaff58-cdb0"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bW2KODRmuPBTO6Cr0Xg3h0A6RVxnjL2rFfVyeCw1MvZZKmL79%2BDFoNrfm4my9YkZeXHhcsSKvHCcxnluCWJWhb3DihKkTqzmzwV7yRbLOM6kYhV%2B9eERyi801D26CfNh%2BRv8vdQygoY%2BuPbQyr%2B1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 81b4628988763689-FRA
content-length: 52656

GET
H2 200 patreonTop.png
www.avasdemon.com/ 44 KB
45 KB 98ms
82ms Image
image/png 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avasdemon.com/patreonTop.png
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c4006899e26897e6c56ab10fb3c4982066797ea684a3b41b77870041aebcb34f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
cf-cache-status: HIT
last-modified: Thu, 31 Oct 2019 15:35:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5307
etag: "5dbaff57-b0a6"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLboMA6EeRFX%2BOUUsgJ%2Fm0bS8DVQqduaPYKZ0H7TzemxQHR517dT6q7VQkWpg9%2BKX1ViNqHDYWwwP9pKEaeIVbfWBIXArDscViCKKMvb8xCvhVhCFKeIekom32hao3GX%2B7QbA4aNNkid54gE3B0N"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 81b4628988773689-FRA
content-length: 45222

GET
H2 200 news.png
avasdemon.com/images/ 6 KB
6 KB 701ms
693ms Image
image/png 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avasdemon.com/images/news.png
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 88736d6780aa1fc63e5caafb6328fd70f73c7ec87ba4b7ca833ff3c59de22394

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 02 Apr 2015 04:30:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "551cc5d5-1653"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5PJ8K9XH2iUBPAFVttpA9Z5l8y2TiLR762TBO9b9tsNv%2Bl5uPhIiYKtGTiPw2bz4jwkhd6K3%2B4GAdwNnACH9kU2nPT48OtN8vfGkokrbDTNOJSptWOrFual%2BE8yMOPBx5iAN5vi4K2MJ5o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 81b46289886c3689-FRA
content-length: 5715

GET
H2 200 bookstores.png
www.avasdemon.com/ 1019 KB
1021 KB 103ms
87ms Image
image/png 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avasdemon.com/bookstores.png
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: fd05e14740f8f4d7f06b76c9b934fd775d675733436a1f2b5127fc850369ce1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 21:11:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5307
etag: "6494b8e5-fec51"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pQYPMYE5oJ%2F%2FtddKMlxF4kMHPL7Rcl8YAJ%2B%2BxWk6LrKEUu4lJ%2Flmz8Wvy1bxnFZyOaoG3Kw%2FsvlmHEuIRGFxcOajWemaMwpMpNNfjhXnRSq0E06%2BMrdlRDox9kW73l4jScsqhbc5Tp5huNpkp6%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 81b46289887a3689-FRA
content-length: 1043537

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 112ms
17ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:51 GMT
Content-Encoding: gzip
Age: 537
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27598
Last-Modified: Mon, 09 Oct 2023 20:29:49 GMT
Server: ECS (frb/67A8)
Etag: "391b7fdf0c468036f27102529636f0ca+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H/1.1 200
OK fpi.js Show response
ap.lijit.com/www/delivery/ 5 KB
3 KB 83ms
29ms Script
text/javascript 216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/delivery/fpi.js?z=395712&width=160&height=600
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 24 Oct 2023 18:46:51 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"64ad70ab-1540"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
X-Sovrn-Pod: ad_ap2ams1
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK linklogo6.png
s3-us-west-2.amazonaws.com/twc.images/voteimages/ 22 KB
23 KB 617ms
218ms Image
image/png 52.92.251.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/twc.images/voteimages/linklogo6.png
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.251.200 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8f386eea050ee8354b89a3db613c913ea6f7c734e1e07d64470ccd194cec4faa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:52 GMT
Last-Modified: Wed, 06 Jul 2016 18:08:05 GMT
Server: AmazonS3
x-amz-request-id: BFZ6PANJT9S9QKFH
ETag: "df51c970c9e2a4a21f44b8302bd1c8ba"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 22818
x-amz-id-2: +Ril2ZE2ui19JetnHRmwNcHLDC8XoIOBXQoYH98B0D5nOH11off7UcygvUG0VqbR6kQoBJa0fx8=

GET
H2 200 updates.png
avasdemon.com/ 34 KB
34 KB 710ms
702ms Image
image/png 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avasdemon.com/updates.png
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d58af0582af58bf919b133a4e74abd80a9787932d3ef96c294d8a2f00ef653e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 02 Jan 2017 00:55:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5869a51b-87f3"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upLFfjsP7VG4mfAY%2BTXYjLkIPTEEaHLfu8PxYLLstdJ2aVKIHsLvQh%2FCgJWLmFTmXy1U8vjk4ijhpgU49JmBxnQ78vDhTcBlO5VT6wZpEkX%2BDsqfYi6HwXhd8kq%2F4NHlnt87RglgInEHwvE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 81b4628988703689-FRA
content-length: 34803

GET
H2 200 feed-icon16x16.png
feedburner.google.com/fb/images/pub/ 764 B
1 KB 120ms
53ms Image
image/png 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feedburner.google.com/fb/images/pub/feed-icon16x16.png

Requested by

Host: avasdemon.com
URL: https://avasdemon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c937b4fd2d41aa691d798b912b1a10b06850d2afe6834f4170ae58896930c857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/pichu-static
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 764
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="pichu-static"
report-to: {"group":"pichu-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/pichu-static"}]}
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
expires: Tue, 24 Oct 2023 18:46:51 GMT

GET
H/1.1 200
OK i.gif
t1.extreme-dm.com/ 1004 B
1 KB 487ms
116ms Image
image/gif 18.208.5.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t1.extreme-dm.com/i.gif
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 18.208.5.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-5-78.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5aadfd697417ac1e5e545943d8cb8ee9e8e9ed3fa9ed9b3f65bff9fb329dac01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:51 GMT
Last-Modified: Thu, 26 Feb 2004 13:56:07 GMT
Server: nginx
ETag: "403dfaf7-3ec"
Content-Type: image/gif
Cache-Control: max-age=1296000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1004
Expires: Wed, 08 Nov 2023 18:46:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 61ms
15ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: avasdemon.com
URL: https://avasdemon.com/cdn-cgi/apps/head/I4Rw9OdPoNd5pUiEV5MazbjwNmk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 24 Oct 2023 17:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3429
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 24 Oct 2023 19:49:42 GMT

GET
H/1.1 200
OK sync Show response
ap.lijit.com/ Frame 62F7 80 KB
18 KB 32ms
32ms Script
text/javascript 216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/sync
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=395714&width=728&height=90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 42ef1916c929a991588da489067c81538d1580662159ac65bb079c4591e9cb71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:51 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 15:10:43 GMT
Server: nginx
ETag: W/"64ad70f3-14150"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=86400, must-revalidate
X-Sovrn-Pod: ad_ap2ams1
Expires: Wed, 25 Oct 2023 18:46:51 GMT

GET
H2 200 d_9.png
avasdemon.com/amyachronicles/ 78 KB
78 KB 630ms
630ms Image
image/png 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avasdemon.com/amyachronicles/d_9.png
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2d2764f92ade836d62421fafee25631dc42e846d0219939c7376e9473d58a601

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 18 Jul 2019 06:20:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d300f91-1365b"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0x8GJDhg7lCsIPE2oBTOJji5sho16zYCUZtkDMyATlXbbgYLZZhQAd18wzCjV6QbO4ewej7DLzCTa7kKCAIe9juxPKfNV8s9jvBkKKB%2BUJExsB50yydNm9tMmCMgf66BXXLFlYmomfq029w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 81b4628a19573689-FRA
content-length: 79451

GET
H/1.1 200
OK sync Show response
ap.lijit.com/ Frame 0413 80 KB
18 KB 45ms
44ms Script
text/javascript 216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/sync
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=395712&width=160&height=600
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 42ef1916c929a991588da489067c81538d1580662159ac65bb079c4591e9cb71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:51 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 15:10:43 GMT
Server: nginx
ETag: W/"64ad70f3-14150"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=86400, must-revalidate
X-Sovrn-Pod: ad_ap2ams1
Expires: Wed, 25 Oct 2023 18:46:51 GMT

GET
H/1.1 200
OK s9.g
e0.extreme-dm.com/ 43 B
224 B 937ms
471ms Image
image/gif 18.208.5.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e0.extreme-dm.com/s9.g?login=avasdemo&jv=n&j=y&srw=1600&srb=24&l=
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 18.208.5.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-5-78.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:52 GMT
Cache-Control: no-store,must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 copyright.png
avasdemon.com/ 4 KB
4 KB 624ms
623ms Image
image/png 2606:4700:20::ac43:474c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avasdemon.com/copyright.png
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/ava.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ecbfdd88419d91597a80f58a2732fb9a34c7694e0e24506e1727dd68a814d74b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/ava.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 14 Jun 2023 22:56:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "648a459b-1085"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYHZtmFW3FoGnJrpJ%2BTua9nQwtqvoPWULn6hFvb7JXfm8B8VxALkZGaaKuGEdH3iPi2hvfZ7%2FmR4xDD25lB9oF2J%2Bnfr05C7mSwTyqLY4BChmtOi049Vsu0b5hch0T%2FsiOOEnZLmJ9qnrQc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 81b4628a69dc3689-FRA
content-length: 4229

GET
H/1.1 200
OK adcfg Show response
ap.lijit.com/ Frame 62F7 184 B
555 B 19ms
19ms Script
application/x-javascript 216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/adcfg?zoneid=395714&tid=2c85bcc2fd8f449daf733f197699349e225c48c0&mode=1&dmn=avasdemon.com
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 54a20cfb04f3c59b7d1df7e407ba2191faf44befffad609cc94d7100148e9a9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:51 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 166

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
220 B 21ms
20ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1747148998&t=pageview&_s=1&dl=https%3A%2F%2Favasdemon.com%2F&ul=en-us&de=UTF-8&dt=Ava%27s%20Demon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1202505543&gjid=1631188893&cid=159174282.1698173211&tid=UA-52965413-1&_gid=36337213.1698173211&_r=1&_slc=1&z=1225443470

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0e5fc861a11b6d14c5d12e449a9bba6008ddb865beaa7f5a885e89bbf6c9b690

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://avasdemon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://avasdemon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK adcfg Show response
ap.lijit.com/ Frame 0413 185 B
555 B 26ms
26ms Script
application/x-javascript 216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/adcfg?zoneid=395712&tid=3a872ac5bee14b80a9560788f6fb6c453523c7ef&mode=1&dmn=avasdemon.com
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: d90264133bc9cfa6f0470e8a143fa640b6a9a41ebc1f84ad770e0c7b143771f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:51 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 166

GET
H/1.1 200
OK addelivery Show response
ap.lijit.com/ Frame 62F7 1 KB
1 KB 88ms
88ms Script
application/x-javascript 216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/addelivery?zoneid=395714&tid=a_395714_c3db46b9dda54bfda0d4b5ee8fcd0b3c&cb=undefined&mode=1&ifr=true&od=avasdemon.com&time=18%3A46%3A51&fd=1&be=cr&loc=https%3A%2F%2Favasdemon.com%2F&orig_loc=https%3A%2F%2Favasdemon.com%2F&abf=true&dpz=false&cv=undefined&dop=1&ndw=1&spif=true&btid=a_395714_c3db46b9dda54bfda0d4b5ee8fcd0b3c
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: aca22059ae12351b0817fe300a00e1c1a1c8ed4b71644dc6c9ab605490aa2cb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:51 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 771

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 339ms
27ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-52965413-1&cid=159174282.1698173211&jid=1202505543&gjid=1631188893&_gid=36337213.1698173211&_u=IEBAAEAAAAAAACAAI~&z=1861390224

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://avasdemon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 24 Oct 2023 18:46:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://avasdemon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
81 KB 309ms
33ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NKPS5VX6VN&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4eb00d2dd0bdc3bfb97f608353eb9083f8aebd91c49f791c427f1541f67b8a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83025
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 24 Oct 2023 18:46:51 GMT

GET
H/1.1 200
OK addelivery Show response
ap.lijit.com/ Frame 0413 1 KB
1 KB 87ms
86ms Script
application/x-javascript 216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/addelivery?zoneid=395712&tid=a_395712_27c22c19a3dd41a5a02b8e971cffd170&cb=undefined&mode=1&ifr=true&od=avasdemon.com&time=18%3A46%3A51&fd=1&be=cr&loc=https%3A%2F%2Favasdemon.com%2F&orig_loc=https%3A%2F%2Favasdemon.com%2F&abf=true&dpz=false&cv=undefined&dop=1&ndw=1&spif=true&btid=a_395714_c3db46b9dda54bfda0d4b5ee8fcd0b3c
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 529c60b8b846412053f6c14cd065c35ac2a261adf446695a0be7fa349f5887f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:51 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 769

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 62F7 144 KB
50 KB 185ms
127ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/sync

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

748f6ef248b62d270b58170e9d7cfa214ab22b893ac61b1a2959f68e62d8a503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51018
x-xss-protection: 0
server: cafe
etag: 14137383210954242220
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 18:46:51 GMT

GET
H/1.1 200
OK containertag Show response
ap.lijit.com/ Frame 62F7 3 KB
2 KB 30ms
28ms Script
application/json 216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/containertag?containerId=18&zoneId=395714&v=2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 42541090ee260f24092887bbd04edba9f0d81ad5da3c7e25f1580637bdeb8a12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 24 Oct 2023 18:46:51 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: application/json
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Content-Length: 1092
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK fp
vap2ams1.lijit.com/data/ Frame 62F7 43 B
169 B 81ms
29ms Image
image/gif 216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vap2ams1.lijit.com/data/fp?tid=a_395714_c3db46b9dda54bfda0d4b5ee8fcd0b3c&zoneid=395714&starttime=1698173211269&adcfg=4&adcfg_response=26&addelivery=29&addelivery_response=119&lgfired=121&container=131&EOL=132&ctstart=0&elapsed_ms=132
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:51 GMT
X-Sovrn-Pod: ad_ap2ams1
Content-Length: 43
Content-Type: image/gif

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0413 144 KB
50 KB 173ms
129ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/sync

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a388ce485f03cf61ed5aace153028458a4b85614867658ece6b9ad54c462675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51021
x-xss-protection: 0
server: cafe
etag: 18009990308582172493
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 18:46:51 GMT

GET
H/1.1 200
OK containertag Show response
ap.lijit.com/ Frame 0413 3 KB
2 KB 25ms
25ms Script
application/json 216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/containertag?containerId=18&zoneId=395712&v=2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 42541090ee260f24092887bbd04edba9f0d81ad5da3c7e25f1580637bdeb8a12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 24 Oct 2023 18:46:51 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: application/json
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Content-Length: 1092
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK fp
vap2ams1.lijit.com/data/ Frame 0413 43 B
169 B 63ms
24ms Image
image/gif 216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vap2ams1.lijit.com/data/fp?tid=a_395712_27c22c19a3dd41a5a02b8e971cffd170&zoneid=395712&starttime=1698173211291&adcfg=2&adcfg_response=30&addelivery=31&addelivery_response=119&lgfired=121&container=123&EOL=123&ctstart=0&elapsed_ms=123
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:51 GMT
X-Sovrn-Pod: ad_ap2ams1
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 204
No Content t.dhj Show response
pxdrop.lijit.com/1/d/ Frame 62F7 0
199 B 115ms
46ms Script
text/plain 2.17.100.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxdrop.lijit.com/1/d/t.dhj?dmn=avasdemon.com&GDPR_v2=&pubid=AvasDemon&us_privacy=notFound
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-224.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:51 GMT
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 24 Oct 2023 19:46:51 GMT

GET
H/1.1 200
OK ct
ap.lijit.com/data/ Frame 62F7 43 B
169 B 21ms
20ms Image
image/gif 216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/data/ct?tid=a_395714_c3db46b9dda54bfda0d4b5ee8fcd0b3c&zoneid=395714&cid=18&geo=DE&all_tags=590&tss=37&fired_tags=590&count=1&status=1&elapsed_ms=38
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:51 GMT
X-Sovrn-Pod: ad_ap2ams1
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 204
No Content t.dhj Show response
pxdrop.lijit.com/1/d/ Frame 0413 0
199 B 61ms
19ms Script
text/plain 2.17.100.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxdrop.lijit.com/1/d/t.dhj?dmn=avasdemon.com&GDPR_v2=&pubid=AvasDemon&us_privacy=notFound
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-224.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:51 GMT
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 24 Oct 2023 19:46:51 GMT

GET
H/1.1 200
OK ct
ap.lijit.com/data/ Frame 0413 43 B
169 B 488ms
488ms Image
image/gif 216.52.2.6
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/data/ct?tid=a_395712_27c22c19a3dd41a5a02b8e971cffd170&zoneid=395712&cid=18&geo=DE&all_tags=590&tss=28&fired_tags=590&count=1&status=1&elapsed_ms=28
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:51 GMT
X-Sovrn-Pod: ad_ap2ams1
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html Show response
platform.twitter.com/widgets/ Frame 0F43 319 KB
104 KB 15ms
15ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Favasdemon.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://avasdemon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1289657
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Tue, 24 Oct 2023 18:46:51 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6795)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 0F43 869 B
657 B 411ms
116ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=38185cc0198bffac3982b28463eb8e0275a59b9d

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Favasdemon.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-response-time: 104
date: Tue, 24 Oct 2023 18:46:51 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Tue, 24 Oct 2023 18:46:51 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: b1e0fc332e0250f7
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 82cd38ce6d53c51e807ef737c514e18c501a975febc896e67692ebada03419a3
content-length: 337

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/ Frame 62F7 394 KB
134 KB 82ms
80ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7701367955671600&plah=avasdemon.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01ebbe8030676be461f2d3266a1c7f8abcec73d32f322c5b6544bfbf833f01d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136886
x-xss-protection: 0
server: cafe
etag: 12034953887984067695
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 18:46:51 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231019/r20190131/ Frame 7A70 10 KB
5 KB 51ms
14ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231019/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://avasdemon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39987
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 07:40:24 GMT
etag: 4569948109300706969
expires: Tue, 07 Nov 2023 07:40:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/ Frame 0413 394 KB
134 KB 86ms
85ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7701367955671600&plah=avasdemon.com&bust=31079056

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e369f77b8f53bc579813e0e9d9262a958f8bcdf0a8670dd8c7f89202b5c6daf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136888
x-xss-protection: 0
server: cafe
etag: 9568376754427901643
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 18:46:51 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 1675ms
1635ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-52965413-1&cid=159174282.1698173211&jid=1202505543&_u=IEBAAEAAAAAAACAAI~&z=308435259

Requested by

Host: avasdemon.com
URL: https://avasdemon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 176ms
49ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-52965413-1&cid=159174282.1698173211&jid=1202505543&_u=IEBAAEAAAAAAACAAI~&z=308435259

Requested by

Host: avasdemon.com
URL: https://avasdemon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 68ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NKPS5VX6VN&_ono=1&gtm=45je3an0&_p=1747148998&_gaz=1&ul=en-us&sr=1600x1200&cid=159174282.1698173211&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Favasdemon.com%2F&dt=Ava%27s%20Demon&sid=1698173211&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NKPS5VX6VN&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://avasdemon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 38ms
37ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-NKPS5VX6VN&cid=159174282.1698173211&gtm=45je3an0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NKPS5VX6VN&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://avasdemon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 102ms
53ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-NKPS5VX6VN&cid=159174282.1698173211&gtm=45je3an0&aip=1&z=2058105401

Requested by

Host: avasdemon.com
URL: https://avasdemon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 62F7 393 B
606 B 72ms
24ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=avasdemon.com&callback=_gfp_s_&client=ca-pub-7701367955671600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7701367955671600&plah=avasdemon.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de863ff2c44dc41dc6844f89bc11fdbc3ef6e48202f245802f7f150fee914b68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4101 24 KB
11 KB 645ms
640ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7701367955671600&output=html&h=90&slotname=3360821374&adk=3887289407&adf=3928560988&pi=t.ma~as.3360821374&w=728&lmt=1698166011&format=728x90&url=https%3A%2F%2Favasdemon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698173211616&bpp=3&bdt=444&idt=233&shv=r20231019&mjsv=m202310190101&ptt=9&saldr=aa&correlator=4305960855176&frm=23&ife=1&pv=2&ga_vid=159174282.1698173211&ga_sid=1698173212&ga_hid=1972417753&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=918&biw=1600&bih=1200&isw=728&ish=90&ifk=873420592&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31079086%2C44805113%2C44805533%2C44805932%2C44806499%2C31078301&oid=2&pvsid=518944053456691&tmod=390886724&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4hc2r9t0ca97&fsb=1&dtd=258

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b04335d34769c1a5457e48323ffd27dc1b90d38f7e4872c198ea8cbf9d694cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://avasdemon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10812
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 18:46:52 GMT
expires: Tue, 24 Oct 2023 18:46:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 62F7 16 KB
12 KB 93ms
63ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231019&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd93ded227292a9463b5c0c6ad48e8f66f8c00252d5f3d7bf5e1d8d3fc9180ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12214
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 0413 393 B
319 B 24ms
23ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=avasdemon.com&callback=_gfp_s_&client=ca-pub-7701367955671600

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

935777d17caa8bfbf152ca453b6adc895300b00607c50af59855f0b84e2e7a62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 51C6 24 KB
11 KB 512ms
510ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7701367955671600&output=html&h=600&slotname=5755884573&adk=3187182896&adf=891365235&pi=t.ma~as.5755884573&w=160&lmt=1698166011&format=160x600&url=https%3A%2F%2Favasdemon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698173211684&bpp=4&bdt=473&idt=225&shv=r20231019&mjsv=m202310190101&ptt=9&saldr=aa&correlator=4305960855176&frm=23&ife=1&pv=1&ga_vid=159174282.1698173211&ga_sid=1698173212&ga_hid=798251515&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1102&ady=1681&biw=1600&bih=1200&isw=160&ish=600&ifk=931819970&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44785292%2C44805113%2C44805534%2C44805933%2C31078301%2C31079056&oid=2&pvsid=3214204978976800&tmod=1951927451&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.eo1la53z9tgh&btvi=1&fsb=1&dtd=246

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af2d1052c77580b3b28ec1e883213f85f63718645669cac9dceb86853eed22a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://avasdemon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10849
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 18:46:52 GMT
expires: Tue, 24 Oct 2023 18:46:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0413 16 KB
12 KB 71ms
66ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231019&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

223efde76cd9bc8b52f99c757eb59dbebd2a7eb2488305c4f839d4e419266070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12264
x-xss-protection: 0

GET
H/1.1 200
OK timeline.adfe2c2389e3901ab04fe5f4755ea3e6.js Show response
platform.twitter.com/js/ 8 KB
4 KB 16ms
16ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.adfe2c2389e3901ab04fe5f4755ea3e6.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 48c7db6d839d307798dae0e5f6a9b6b7a8c534575f6e587131fbeef6343bcec6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:51 GMT
Content-Encoding: gzip
Age: 1289656
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2964
Last-Modified: Mon, 09 Oct 2023 20:29:15 GMT
Server: ECS (frb/67A8)
Etag: "d16435c9f33af1915656b8c5daa47152+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 avasdemon Show response
syndication.twitter.com/srv/timeline-profile/screen-name/ Frame B492 484 KB
35 KB 2581ms
2580ms Document
text/html 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/srv/timeline-profile/screen-name/avasdemon?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=700px&origin=https%3A%2F%2Favasdemon.com%2F&sessionId=38185cc0198bffac3982b28463eb8e0275a59b9d&showHeader=true&showReplies=false&theme=dark&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

5c4158b86597facd9d85c9996614f6141598013c394c770b3057508249998a0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Xss-Protection	0

Request headers

Referer: https://avasdemon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: must-revalidate, max-age=60
content-encoding: gzip
content-length: 35285
content-type: text/html; charset=utf-8
date: Tue, 24 Oct 2023 18:46:53 GMT
etag: "79101-JB1XQc4LwNzYIII1fT/GZ1hUz7I"
perf: 7626143928
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 82cd38ce6d53c51e807ef737c514e18c501a975febc896e67692ebada03419a3
x-response-time: 2508
x-transaction-id: 8cec9c05ef37da57
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 62F7 17 KB
6 KB 93ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 18:46:52 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0413 17 KB
7 KB 76ms
24ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 18:46:52 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 626A 13 KB
5 KB 17ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://avasdemon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 15695
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 14:25:17 GMT
expires: Wed, 23 Oct 2024 14:25:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1592 829 B
1 KB 1214ms
1211ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

67bb5af503f3200b23811caa27ea37d7d3b3fa2bf96c8253a64489cc775cf56f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qOPU-3m5vRMEutQhXspEIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://avasdemon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-qOPU-3m5vRMEutQhXspEIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 18:46:53 GMT
expires: Tue, 24 Oct 2023 18:46:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 57AB 13 KB
5 KB 15ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://avasdemon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 15695
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 14:25:17 GMT
expires: Wed, 23 Oct 2024 14:25:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8C6E 829 B
768 B 1207ms
1205ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dc121f67c847840d9c6ce382c27b93c801af9ce47a9b18e7bfd6e4d0436acde3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Y8FwCa_OIAal1tDTBEcimQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://avasdemon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Y8FwCa_OIAal1tDTBEcimQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 18:46:53 GMT
expires: Tue, 24 Oct 2023 18:46:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js Show response
pagead2.googlesyndication.com/bg/ Frame 626A 39 KB
15 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 14:19:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15187
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Oct 2024 14:19:20 GMT

GET
H3 200 nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js Show response
pagead2.googlesyndication.com/bg/ Frame 57AB 39 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 14:19:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15187
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Oct 2024 14:19:20 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 626A 0
10 B 73ms
72ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?I2mC0g
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 51C6 42 B
63 B 126ms
125ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D8OmBoEay9BJfaa_UEjwuEKkglqDLkyEmTD-JeriIxkSU0JMZ_mW4U_bayxZBWFzd2tvmgrS0fC0COUzrnjvP9FmUpk08ti8_fjY4eWNJ3BA5t6fw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7701367955671600&output=html&h=600&slotname=5755884573&adk=3187182896&adf=891365235&pi=t.ma~as.5755884573&w=160&lmt=1698166011&format=160x600&url=https%3A%2F%2Favasdemon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698173211684&bpp=4&bdt=473&idt=225&shv=r20231019&mjsv=m202310190101&ptt=9&saldr=aa&correlator=4305960855176&frm=23&ife=1&pv=1&ga_vid=159174282.1698173211&ga_sid=1698173212&ga_hid=798251515&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1102&ady=1681&biw=1600&bih=1200&isw=160&ish=600&ifk=931819970&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44785292%2C44805113%2C44805534%2C44805933%2C31078301%2C31079056&oid=2&pvsid=3214204978976800&tmod=1951927451&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.eo1la53z9tgh&btvi=1&fsb=1&dtd=246

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 51C6 0
20 B 128ms
126ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13440060571841837902&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 51C6 89 KB
31 KB 77ms
75ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 18:46:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/ Frame 51C6 3 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 14:24:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 14:24:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/ Frame 51C6 20 KB
8 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 14:24:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 14:24:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 51C6 187 KB
59 KB 73ms
22ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 18:46:52 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D813 624 B
246 B 58ms
57ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNVbptJ8bMHpnAxrZao2Ed_bJwu29OROoxjICMLAR2lCaNge7n4TkeXV_OgSJQvzPsZn9PceIfOlFuqSDYsQyyNGI1V1Qz1yOk6W-78Zd5J6NgAJDsnIVNlhKvDMghGjKbhUvYLsoSd_FmUhSUvKC_2_ti-koDABijsC8GVu8P4NBbX6AXg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7701367955671600&output=html&h=600&slotname=5755884573&adk=3187182896&adf=891365235&pi=t.ma~as.5755884573&w=160&lmt=1698166011&format=160x600&url=https%3A%2F%2Favasdemon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698173211684&bpp=4&bdt=473&idt=225&shv=r20231019&mjsv=m202310190101&ptt=9&saldr=aa&correlator=4305960855176&frm=23&ife=1&pv=1&ga_vid=159174282.1698173211&ga_sid=1698173212&ga_hid=798251515&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1102&ady=1681&biw=1600&bih=1200&isw=160&ish=600&ifk=931819970&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44785292%2C44805113%2C44805534%2C44805933%2C31078301%2C31079056&oid=2&pvsid=3214204978976800&tmod=1951927451&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.eo1la53z9tgh&btvi=1&fsb=1&dtd=246
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 18:46:52 GMT
expires: Tue, 24 Oct 2023 18:46:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 57AB 0
10 B 26ms
26ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?EGlQIQ
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4101 42 B
63 B 125ms
125ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A5pe25WsFZ6tBTW4zxVQ75b595N-EESLFwNcQHSnFV4s5IBga6U62MNOy0XsxsXwOM-dNunPUntqN3jCDxCrqfEESfGvuCxo638ZYi8tcszbY1e2U

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7701367955671600&output=html&h=90&slotname=3360821374&adk=3887289407&adf=3928560988&pi=t.ma~as.3360821374&w=728&lmt=1698166011&format=728x90&url=https%3A%2F%2Favasdemon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698173211616&bpp=3&bdt=444&idt=233&shv=r20231019&mjsv=m202310190101&ptt=9&saldr=aa&correlator=4305960855176&frm=23&ife=1&pv=2&ga_vid=159174282.1698173211&ga_sid=1698173212&ga_hid=1972417753&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=918&biw=1600&bih=1200&isw=728&ish=90&ifk=873420592&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31079086%2C44805113%2C44805533%2C44805932%2C44806499%2C31078301&oid=2&pvsid=518944053456691&tmod=390886724&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4hc2r9t0ca97&fsb=1&dtd=258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4101 0
20 B 126ms
125ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17786959600993436111&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4101 89 KB
31 KB 97ms
96ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 18:46:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/ Frame 4101 3 KB
1 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 14:24:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 14:24:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/ Frame 4101 20 KB
8 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 14:24:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 14:24:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4101 187 KB
59 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 18:46:52 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C43E 624 B
246 B 83ms
82ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXTCTLHapisTdO_aNoXbnq5PZD7KsOueuFJ7sPGgirEGII94lGcQaV2KECe4y_7kZ6YX_13pyGRLghOe5J5jgszwnZ1nRDFb8_j9V0pfNtUYCeHkIRRiI1J8JhQlZs1m6-IlI1oyxZt7abwIdplVvT6TR_B3rUtu3JPbCfaJA1ktgYANzI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7701367955671600&output=html&h=90&slotname=3360821374&adk=3887289407&adf=3928560988&pi=t.ma~as.3360821374&w=728&lmt=1698166011&format=728x90&url=https%3A%2F%2Favasdemon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698173211616&bpp=3&bdt=444&idt=233&shv=r20231019&mjsv=m202310190101&ptt=9&saldr=aa&correlator=4305960855176&frm=23&ife=1&pv=2&ga_vid=159174282.1698173211&ga_sid=1698173212&ga_hid=1972417753&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=918&biw=1600&bih=1200&isw=728&ish=90&ifk=873420592&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31079086%2C44805113%2C44805533%2C44805932%2C44806499%2C31078301&oid=2&pvsid=518944053456691&tmod=390886724&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4hc2r9t0ca97&fsb=1&dtd=258
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 18:46:52 GMT
expires: Tue, 24 Oct 2023 18:46:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D813
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBVf52TW36etcrCbYrb-enc&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBVf52TW36etcrCbYrb-enc&google_cver=1&C=1

43 B
733 B

41ms
39ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBVf52TW36etcrCbYrb-enc&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNVbptJ8bMHpnAxrZao2Ed_bJwu29OROoxjICMLAR2lCaNge7n4TkeXV_OgSJQvzPsZn9PceIfOlFuqSDYsQyyNGI1V1Qz1yOk6W-78Zd5J6NgAJDsnIVNlhKvDMghGjKbhUvYLsoSd_FmUhSUvKC_2_ti-koDABijsC8GVu8P4NBbX6AXg
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fz8nzGBhhHmQvbC7xhnYqVaZ5%2B2s4Gfd6XdMw5I56NrWLLQ2zpln8Ya8D%2Fkw3U31tP0ey6Uvb8w9ZABD1si5%2FnIuDUg1BI4UUNyC3aLRkGk1g%2F74GPTJ2KdE17mflilgP9nLKEaQTg4cig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81b46293abc390d6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8pc%2FvgGF7cN70hcQJ68IS81DGcZSI5XPZSVUi3GRLfzse2LABHo7kFYo1itnJX0r6ZZXw4CZIZCNNeLavLa647vfFhtiQqtzQzH%2FTeuQG6lH0%2F%2BT7imIkxhG5Aks4U9YVKdmvUsjNej8jg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEBVf52TW36etcrCbYrb-enc&google_cver=1&C=1
cache-control: no-cache
cf-ray: 81b462934e4a65b8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D813
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTgRHCC-6A1HyDn-Di8XNwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKKYPwn0nensN9EkjBwaBQ&google_cver=1

43 B
737 B

39ms
39ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKKYPwn0nensN9EkjBwaBQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNVbptJ8bMHpnAxrZao2Ed_bJwu29OROoxjICMLAR2lCaNge7n4TkeXV_OgSJQvzPsZn9PceIfOlFuqSDYsQyyNGI1V1Qz1yOk6W-78Zd5J6NgAJDsnIVNlhKvDMghGjKbhUvYLsoSd_FmUhSUvKC_2_ti-koDABijsC8GVu8P4NBbX6AXg
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFfqdUoAmhKVt%2BU52h25qeysrvPZ%2Fqzkxc%2BiQHxpEhUn%2FmQQFnCGno9w7AAdG2F5dC11WuWZIqCZlZeTVPTrIC48kPmNmAQHUTDyXEuJSn4BKT9hpIjfU0klJVEJF%2FSY7TFAiH8sPO9krw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81b46293dbf290d6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKKYPwn0nensN9EkjBwaBQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame D813
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFc_hRlQ9Op4EmipU-vWvVg&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFc_hRlQ9Op4EmipU-vWvVg%26google_cver%3D1

43 B
893 B

65ms
59ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFc_hRlQ9Op4EmipU-vWvVg%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNVbptJ8bMHpnAxrZao2Ed_bJwu29OROoxjICMLAR2lCaNge7n4TkeXV_OgSJQvzPsZn9PceIfOlFuqSDYsQyyNGI1V1Qz1yOk6W-78Zd5J6NgAJDsnIVNlhKvDMghGjKbhUvYLsoSd_FmUhSUvKC_2_ti-koDABijsC8GVu8P4NBbX6AXg

Protocol

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
an-x-request-uuid: 13d5b902-de57-476a-91f2-9d1ee66bd6f4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.203; 80.255.10.203; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
an-x-request-uuid: 08ecf67b-458a-41f1-8888-ab8b957583c4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFc_hRlQ9Op4EmipU-vWvVg%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.203; 80.255.10.203; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D813
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI2ODc4MTc5NTkzMjgwNTk2MA%3D%3D

170 B
188 B

26ms
26ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI2ODc4MTc5NTkzMjgwNTk2MA%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
an-x-request-uuid: e15972c3-3508-44f4-99ce-48654bbbe048
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI2ODc4MTc5NTkzMjgwNTk2MA%3D%3D
x-proxy-origin: 80.255.10.203; 80.255.10.203; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 51C6 0
20 B 125ms
124ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5112816988917&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 51C6 0
20 B 125ms
123ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5112816988917&version=m202309260101&ct=77&x=1&cor=13440060571841837000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 51C6 16 KB
12 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-hvinuDW5dJ8rZRxwTkNnmgnxYt_R48h0tQzDyl-h9Db71Br77xOA85XpP0IBDFn42fLIvCDkK-CfN_fyH22cPPIbyNN8tWL5P25wEdLfhHGuRHFaB39bkHPGQ1i5m04MrqYKxh1YppcB2TRID8_w5DQWbWZDPC1stX1ewXa82ehOytY&cry=1&dbm_d=AKAmf-AsRZoU-FysHczC_wT9KX9sE1o1_4DXcJOgPoKEf8gCgWCGPtygotRewDA9W3AF7TOZbZTE0NsI9lCuuOLuEJfo1BTU6l8koboHSOaOH7yvttDcFpuqbdyui9hiKIbmTg_i8WnXW92y3j76e6Bt95X15TIYJvoekqQJhvRwo4B3M5ezykbCPUIS8Q4QBPS1Smk8B0qImQ811SjkyKenYmFUv17kw7wTSiTNltUETFUb6YU6ozMmPfcdHE6yselTZDc7O1-BOieFPceR2Bfrf43q-t0o3KgSeqeIBMkRVy7i7PVptNje7shkCKfnPxoMRjS7RlOKinRA3WApcsbhMJ9ZG3ZHh79h_G5pT2cAC5Ez1mSJstCTFXscNzrJGTKnwyEAvOZvPx8SS6cOCeHdIL8P9fSaWmkGznpr4UX7PHaqgJ7hRXj4GNhxd3DC-HltOKeno5QOcmO_SMZ1P6o92tMPfwmpCBS_orMCOK0iiHk3gb2Cev3jFQLhqBTvuh5WVzjGuZpQlkJplSImUw_cYNCVOHIprHXI9GGbrrwP6eKnjfHvReO06Z8RzEJ8fV1EqJ_5XF8gGwdawRvBvimI2PXWlYQdrL_-vdyEIeKUMR92eB_zGYFEAK3xiHWsNaWXM887ml0wPjyVxDnVJvj1wFKvfUBkSAmQYspzk_CbC2Tai2fp98xc2TWi6KxpF8UpmRa_IQM4hpYtyGZGMROIw-cDMka3HcoaHA7PTzLHhPNJFcNmLZm_fXXvLwvX_WZx-oEKIYJTopIGFQJpLArbGzSkjeTErEsIJUScWmI-N6tqrU0UnIU1lkrePB7LGNE6uyvs37Kos9fwqIO6pMBgN9r34hEWN5E01j6b-vP8eZnSSz2XKNdNjX7DzZ72krA4pzJYsDEEq_26yTRelvx8RrsFZGRstlhHSPVlcqzZcbMN4dOdesZVDRvAKplHL6KJ5I6EUiy7Vhbd9kQnDcipxcc9t4j9zBAjznDBBOmgyg7z_wAnNGPhyDDCMNQwsjrVq1a2kwvFrlWCrTjC2H4-yQjfazB5uztgO-9ygNln_KFXVkK5L-5eMnA0MtAq2II1wMeyL7uPFHmtMDNkqeytBjIrt8EdeRGdUEaakOQKxog8FukNajgEgNILIOuDLXNPncjuDSAGL3qK6t6325NX2aBWUt8P5gpmwdl7DXIXLq53F0MmRxmGl9wjCbtyTmt-0rH3wCKO7moctwAcplwyQaImS-XAtAMq61Z6i-RV5Ee6dNuaquYljApHSLzZtvQllnxtxv0mRD3gXseWbfbp4jzeMLkK0cFwbc3laKxdGEXTqoGWt27-qnFeuTzvAsTd6bzo1_bvLIwnotzD_L36cZoxSn2gDdEtec6gy1dv0Ni4MJSdD5M2ALw-CAa0VSyHL8cDI7l2wLpslu-ARMnEK5SQ8MSD9JCPagD87oUR5XEXSEICtbzFCAkQ44qI67_ZH8rKjDwl_VADokqvjXquhEdL0mUahEy7TCRv2EuI956I-Sz93Cmbah-JUZg043I65B5-MWo-T3liievBeQrnKzPByZXbrGITkq2cvfxdsQOR2sCZD4hdQdJTV4ecFvLcSm_fNBxcue6U1Dx6R4i4GwXwIvHec9iYCD0pD8V1icE0kclPE_kZpzpFCvv5UsknACAVlx9CSLBpCAMz0ooLqKy3AaTdOKx9W1GdIhZ7iEyYuwUR0eNYk4uYMsjicEeWT8UAvvobfwjtCtbmRPbWcBRNRa1RoKyYducWsgcxbaMaye-U2wSiolx01zB2dkMniM9AURYTIZgk-fwA4ey18gfUD2gxuQBZ6_2Uf6ofaQH4do76d2vmLCSV69be6OA9i9O0_cHcZJdJ679-qpNvkhwsFyW6RrPPN8XHfn9Q-YdmcMY4l9fQ4Un3jL5zV1FviJjW0DOP5cZw5XkRPWoDFuloDq7Fr3G-CS9f5cU2_xg-Gc4pYq0OvaEMj0VItjRs_fj0DUcLNApkbFZaMJ9u2F-fckjSiWlQvEHjYQb8Xi9L8zBbWZ0i9TNJog61-VX-2g42Ez42rMoqXNd6IfmsX75Z-c_SEC7FLdliBG3cq4il7bXhiywRDxVqN6eNscfe-cErQrr9gX7QaAwtfjz4yULekOJHclxOSCjx9jn2PDMaSgVxV2nw-RT69VS1CJiph-EI0-y4N69tNGOALUBdfJs2_JZauXalb521mFPzaKyRWELoblAYDOjhi_BGomYBRcy-ajyDHPF_RdhrD5fLOsMiRuCqjQlSB3XurEoyP4MMP1XaFVoOvGSWAPuI6ve0_0wq5DzV-p3_LHfjzflDzi8-ixq1xLWhiqXCvXXEytt_zV1DFne3fOxX1uuCMJi0Nb5tN1bb07_8WMwfHgdpzkgSBaAnVn7r_PJQ9DfqyHWPVvRoE_9i1jzHHtOPH6AGwK_BvKkCa7aGY5rFgzbbeOfxysNJMYFNDMRUeaPhkzxUXTiOK-doN2aS-2Y2qWmlBqARBk04Mi0HJxrlHnNh8bwf34Gxk-qkxRHhGxTIlui4_yRPBIiVuIUnLJwR7W1kg4cnnt9NZj249cysxzpXNGKUZNsSBqrZ_fkO-UTuoMy-lmkPkJ-md_KJpA_sDx7ySxLdWRQ1ysvKOHHXs4oWf7e0X9P1L3lFCqXr8oPV16N6dyr4JI9kqZLjc6w5F9P_B7lIVVLMIyCLSvIyakNjIfDlm1ZDdonkHtch7B4TbHxX9pfD3w4a0NHS8FnT9xPn4biZrdzySWKCZyaAcQ7e17xHLkgZVz5IdimvtCPvECnR7ULfurpfB9Qrmt3gFMjWOBwjEJYmIbeVhw99zmmDwL-EPPA7sSLwC23inIPXRq_J0w_g08opXh3MJj7jegpeCDvFonxpMgocvq5JziQim3lm-F2UkK2QwumqI3KrICAQrBeAAI8ki3QkvtnfhsbvGAwVaBOLEW8IqJkozHVPqIXr5dCVQm_guzQ5bVVj7nC9Yca9OguP9OGzmw75yhmMUW4TAXfX0jSf2-AkOCLrEehF1uxSAqRlAgdMznRIG4CT9t65sMhFo9FlRU548BbE-vDo2-LAZWK7YTl5QCRaBkljK_BYHTIvEV8IsvcIQWWBTuiHBen1d4ccBaDzLvJ3oyWO5Jxx0Z3hytfIhU0J4sCMeaGPT5JtFbh5LaKBU-ItRkpomXFD4VIPIorALB3WJsYD-c6-Amgzm7pllRqLYqpu1OlckTJvZnyjKchntgA81-49dAOriA4sC-sVgXKCYWz9XWfNAWo7gEi3TCNXXpfEPoaY6RxtzlRIdMVHdquVpTT9raiGUkOIWBvjRYeq8OKjPl79bwjmNZ_X1bAkuvohBPWqaoo24OiajREap5aE0ZDBhavLLRwy__5PIj5Trui-xXDKyr_5JL1V6Uz6WdOOD7mlMdH4T5RdhSV9BA1kAZmzpwpYySN526AGrs3eqx2fHSB6DiwYLU89b9JewPvz_2Hiu0slOJPGFUt226Ia7l4Hur4M_kMg3X8bFC8SaTKVekxeXqJrjH67gvqqs2wIP4XCTG4nD_qhpU-a47sUgPIySFFoP2E2NjlnX_6KtKgZz0IEFo_rezlQLeqRcoMDMWqCi9oGeW04Vcyoo-obnUcLGLvGnXjT-UHTy2v_689Hp-6radj1s7yGAjhflETVAQ-t-7RMITIRh0AE1bohLtHnO5VXhL_Hn2iN7WHwUYEmYM5YbKRfo6xkOmkdzEth6ZFqV9Sf8PgkvynhHV-3mBd0KuyFteAYIMX5qgwdbR_G8_7B&cid=CAQSTADICaaN_J363fwUlgfWIaqMQM_ZQ18Ws0YGx0-N4rGP4I1P2jlyxyDJkuFj9MeaaVZ4JGe6Zy2yeUXrBeoiMsLJ4qw-XpwiUgsXH_YYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Favasdemon.com&ds=l&xdt=1&iif=1&cor=13440060571841837000&adk=2307692975&idt=83&cac=0&dtd=43

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e5bbd9f66f479034fb9c4cbd9309c728260c31044748ef7fc95c0e9e16930f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7701367955671600&output=html&h=600&slotname=5755884573&adk=3187182896&adf=891365235&pi=t.ma~as.5755884573&w=160&lmt=1698166011&format=160x600&url=https%3A%2F%2Favasdemon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698173211684&bpp=4&bdt=473&idt=225&shv=r20231019&mjsv=m202310190101&ptt=9&saldr=aa&correlator=4305960855176&frm=23&ife=1&pv=1&ga_vid=159174282.1698173211&ga_sid=1698173212&ga_hid=798251515&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1102&ady=1681&biw=1600&bih=1200&isw=160&ish=600&ifk=931819970&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44785292%2C44805113%2C44805534%2C44805933%2C31078301%2C31079056&oid=2&pvsid=3214204978976800&tmod=1951927451&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.eo1la53z9tgh&btvi=1&fsb=1&dtd=246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12271
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C43E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKKYPwn0nensN9EkjBwaBQ&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKKYPwn0nensN9EkjBwaBQ&google_cver=1&C=1

43 B
773 B

39ms
35ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKKYPwn0nensN9EkjBwaBQ&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXTCTLHapisTdO_aNoXbnq5PZD7KsOueuFJ7sPGgirEGII94lGcQaV2KECe4y_7kZ6YX_13pyGRLghOe5J5jgszwnZ1nRDFb8_j9V0pfNtUYCeHkIRRiI1J8JhQlZs1m6-IlI1oyxZt7abwIdplVvT6TR_B3rUtu3JPbCfaJA1ktgYANzI
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IjVx0yBE7qIxsFksWdRw57Cs9FH4AF6FZVCRybTMqChH7WQ7%2BudRy%2ByHBlKEj%2BWkSwm2tCqCchmWh73HG0NZEyWEC3%2FL0epH4D9P4jU3r7EnTfuO4tKDEVCv9mN2risqup0zgHfm%2B0JiKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81b46293abc190d6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BW3ZAgJ69hUq83CwL4%2BPUhukN60WmYMkOK08kSB8K%2FWHNVOmC9zLFHCOPlNsqlu9lrzkv1TOzNebRXo7Vn%2FUy%2FP5%2BwyhJdcF7Qu%2FIZltFvYaUR0EJWB260DYn%2Fam3jLqsddzfk3P44R1Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEJKKYPwn0nensN9EkjBwaBQ&google_cver=1&C=1
cache-control: no-cache
cf-ray: 81b462935e4d65b8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C43E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTgRHBJAM0Jgwnc3fwRQgwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKKYPwn0nensN9EkjBwaBQ&google_cver=1

43 B
738 B

37ms
37ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKKYPwn0nensN9EkjBwaBQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXTCTLHapisTdO_aNoXbnq5PZD7KsOueuFJ7sPGgirEGII94lGcQaV2KECe4y_7kZ6YX_13pyGRLghOe5J5jgszwnZ1nRDFb8_j9V0pfNtUYCeHkIRRiI1J8JhQlZs1m6-IlI1oyxZt7abwIdplVvT6TR_B3rUtu3JPbCfaJA1ktgYANzI
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nN6uP7taNzHgLDh6r%2B2iK6PdueLjbRsR%2FmoJmu804ayv5XMfb0dRfGmVgX4lPrfD3ZB7Ag5%2BCV%2F6k%2FU1XWSxCtZf336C5u%2F8zjhXrzeWtP%2FEw4ZEQAuiPcy5MMr4FjH9IhGlptqQ4K4uXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81b46293dbe990d6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJKKYPwn0nensN9EkjBwaBQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame C43E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPJYNKw7yg7C2DDp3UAPy4Q&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPJYNKw7yg7C2DDp3UAPy4Q%26google_cver%3D1

43 B
891 B

63ms
57ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPJYNKw7yg7C2DDp3UAPy4Q%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXTCTLHapisTdO_aNoXbnq5PZD7KsOueuFJ7sPGgirEGII94lGcQaV2KECe4y_7kZ6YX_13pyGRLghOe5J5jgszwnZ1nRDFb8_j9V0pfNtUYCeHkIRRiI1J8JhQlZs1m6-IlI1oyxZt7abwIdplVvT6TR_B3rUtu3JPbCfaJA1ktgYANzI

Protocol

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
an-x-request-uuid: 5e6e1afb-1488-46fe-9a5b-ae87b9522fae
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.203; 80.255.10.203; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
an-x-request-uuid: 503e240e-cdd4-4c1a-9dfa-0f3f7c9be5ce
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPJYNKw7yg7C2DDp3UAPy4Q%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.203; 80.255.10.203; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C43E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYwODk2NDA3MzE5MzMwNjg4Ng%3D%3D

170 B
188 B

28ms
28ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYwODk2NDA3MzE5MzMwNjg4Ng%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
an-x-request-uuid: 2be28ab4-0c53-4726-9c59-b4410c3ff097
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYwODk2NDA3MzE5MzMwNjg4Ng%3D%3D
x-proxy-origin: 80.255.10.203; 80.255.10.203; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4101 0
20 B 131ms
130ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5677604319141&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4101 0
20 B 130ms
129ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5677604319141&version=m202309260101&ct=77&x=1&cor=17786959600993436000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4101 16 KB
12 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJcLNCYgUthuEk2nYpXx8LkqIK5BlGA2XPfCQtccXGthBxcLo9QQTk6UWnmOnmRG5znHfFRRrW_yEiDjHdVFOrzzN-b6L35QPVVDs-kykxoSp8sAJFJXPaAnc5nFQFC67lebwpSLd42Hv7At1nNSOZnFTV5dskbULBziQq_XwycJFFMY0&cry=1&dbm_d=AKAmf-CDFyZarzbz-nqIDLCS9tGxftJC7zs-OjF5zm821o3_Wi0ZpMxOVKOJbIlQd8trWHefeFZyM3CkFvGNTaheEU58GTSN_59aF6MZlMMCu0E5BXRz6mNp73AmyZon3iqXYXxuN4wpRSVIfkqCxs_RKaWNhAVjZOb-HC-i18EEDicFDOXJU0I3IMuDCQzIYuPBpKIjvtY37UhSyPwMadAxONP-rEctApHPWvMXa2EmWwUWD_8aKCGI-QR2VXdJXHVBoDKUGiPCEgThjKFsHrYLa27BXrAArUSapTR5Uy788DlTMHtZSZLhB7a9bjoGkTXLKSDYxVkOeVpMkIgefTMSddvqqz04JLE05rEUQDFXuOg0yfFFOwaMIvu2sGStb62lVOksYRrv67hgEwfxQL3OMNEiqQYp-4t-rWcm2N2S3lIhuEDDe8BK3X1vIOQ58cnvU_OAHt5o9FOdXH5z1GPpFIW6KlITKIdryCpGnnlmwaA8RdiEMtT0xNCeXNo43DK0Xt-BbWSC-7xVA0r387XcrvVn20tDkdA7u-h-PiZKgTSU9yIlygzjlvVM_PBgwJVET-zsUBH-LmOABpOlYlhub0a7OyuoBo8t-kpyu0rcNd4gaeEFCXAQ5m9DInfWli9n7zpSXSCA2uOa8peP1iY9Sb8rWHwQVLHvQkt9qO9SCVpNB7m5AHbPHdlKhLXpcdSDr_a4sX5yr4HhPBY8tQsOxS2k5wR4X2UfYsHneIHPxeARiZqUi89WWD1HuQAbKAOYVXslDGAJ43LlUb7WMqIGva6ir72UsR40zm3xEVNuf_MrAl0hdOdsidk10pMYm1n7r5F-hYBMQ7f8hbt5yT89N8iwLkpBJN7fH_Yrk02Tv1MDY33l7QuSY9JW22H0YQg3joZKo0wL3oqA3ETtloTWvDpZoMemKLSyU8qNg_dTobgY-lBkfsgXx-QsNn2xS_7f4JOlxEofX0IrTgg2xdApIsLZjmVY5ucvvX290dtfV-THr7vLfpg3KXgFDjCYjUwqSeTvNaaU3fi2JdihdSEeqdBeRKHjgQekhznHjuAr22QZtCMqQD3FmttqjjGe1HwlqfhzJFveQHT1ACOcAHdbs5SupbgdFj6UG5_act6657s53oNDeZWjpgcUjC2ZwyUZgeJzGcrp67uoHsmCCsijUjiq97jG8BvCamhyHDYNSyjuLHvajrKF-ZWPNogphM9_cS6TkOCXbzkYYCl7zYeaNqGsXmGHtg1MFT2GSq8d3dd8nEot6nrfq8yMCz3IXl4s9TsyZjNQV5slo-U414pY7qZ0luD19gpUgQsBC2jzz57XMTfq54i-KlJYgOuEHpNczUoPd1DDG0UThDHv3hpnArK1GUh0rOLYZ-G7yamz0KNSImQ0kt2TZTE2Rk-TxnvJicFYcFy99bf32W-XhTs24X1MdmSIC4qxp2zjdOP2XqUp6zPe9dVSLMGT6m818Wt5a1TR0JxCi_itJ-p_rYK_FLTKYfwWpJRq8HFtXaAHXjlE1dODwy7o6CMafAUpRNE49wp7U6wp5Tio-QXBkw81jxfd3jTxesmMbxTq0VmMhntDS7wP2aZYR7NmI4fKQsrjDJqq65IiyhP7ufREre-7I6SnvcViyTS8ZHyuTiRDiDxlLI4dX_sCj59UkEr8AmQg_sJzT4qXI7Sbu3MW-s2pxhtOMOhBCxmn3TZ8UmHKHDNFkb-UNlmkF2o1bI30_aJZwfGpVmND7ap5WQzGoSOBSQLTtMTh47iK2YryLsm5r1LvvV2NTNBpgNEEaWpil96MZTlp3P9UTwdRmAD8OVBDM6K0-jdI64bkDckxzLST2WHlAldv2G81oWuo4OslS4c4px2nH8QrNVUMw74SQT1FwiFCYsNLgsW4B3EZgif7-bCq0fPCtzDE-FsMUqm2CXKyvHcwiC70_IvbS8YuLw8NgkqgmQVSIiniK-InlIzQQ30K95V1Q3yJFDMMQDMufosFbPBI57J8cC2DRDKC3woESfKWy9X6PA9nlA9L8whh1SlUO-Q9Fua73X4OOolWW6yavj_m-ex6l32DK8XKqtnWP_OyfsOo68z-pE1keweY7EkjjJOegFxOCV_s3zlbca11Mc9pkIRxz68M8xp2bcjafnq3193aXc5jiR5L_K9YBdH4FhtRX0l3E37E9A3AyKsqMOU-dNxL8vSzlazzF77V-Uo36302nb3ubEqEEprRdHP9mow1pVNEU_p2EIVzJtZlxPK9cX4ijwyct4NkreouYlNugU44qcP6pZsrj39awhO7b_nS-ma5OCX4PcJ6P9MzbvqCKRg4Cz4BA19sdWatsv4OFzXHOW8YVmyPPaqdpIvlBGtMaD4w8GXz20aaCk2NWMO-gGIVAjnXA7IL0XIINT1QAuplnhJ-rQZMwACvLFlVDPXcA7H0zAX4fnfAEzcgBwtWt90dSStKZbLAGV_yZ3XVKrYBDzWCTUb55HYLCNkavjPbzd5xDh91rX4OXFwEUJRp88xzzVQz65oWXOL2wao9DcnaVLecybl7Jg3yeNV9kGN377Qr74KvGAjrjC3pD4RQ445vTmz4RSRrWcCXX3ZWfTXyOUp96k0EabVbjvJLKpkHZ1t6F6eLKwXMWVQ1co86eewX4Agl1U3cYMfyXvdWtpMwb5II_yiNNnpbpgIaR4_NcO-k1VdytuwM5cJYlq62m1AgmHTTs0WG7WQgFB0nYpEGtKL-HjLULaBLC13mblbdNuNtGWGRmWqXm3uU0hRCR1k-SF9-DSUvsPIepris_2c0fWOa0gabbJDsUG1fJYbLZ8Q9_mlEL3uuWzDK0p0XCotN4KFNHKx_0x-t8u-DO26hFsr_XQ1k_aJJjmKDDT4DVVKfz6zov_yVmTfxUGOJIaiHW6KWpmwiMCkeyas_UMaqruwv_uZs7PhgN_kbVxwXk-Myx7ZZQYIgzNt2bCzglyOGc1yHig64xja1aGIdk2YFqepbnJ303mz2_G9uiPTZs2EcD11Yw3dqhaLwiB2l2-zvazqCDcMk28nEA860Bgk6M-mU5L64c9bC4KnpCjhpUWbJDG13_Ua2KcJgmr8SZQJ5jDEAxBEZ2vd2ygxVr6yobXQCh5dx_xDDVUJRYnnz6JUdAy70qS9tRCptvTMmZkDh3U9_Mp0_v9CEfSQYqwkp94Ymm_B8nzBrYHAhcKqr47lOx5jG5n7M1X9sFkc1GVeCm_uj2ckr6bMtl5L4I58xCJiFgV3Fi3ggdKB-sl2Wm80qQZG2RG9AHMfYNWlh8MWZCxMPVunDOlRP2IP7B9UcN5vhO4yQNpz32oR5qx5nfb-50n_26wSiaWvj-JPJnxOnEQTAre6xwwTL1CQcwOBlbSOZmBT2gIXe3QUjHiEeObHFP59pABBPclM27bQ_-YQaWR6C8xWdIj50w7xNRQXdrRxYuTA2LtDufthKgUVHhoEfa3ihUulj7Dytmf09Ovk6LeOrr-qYopN44C5vkmJcS7fMc5RoSjuMRRap24UyI1_p_oRFhwCODY2nl0WBnCl_qGTP--WIA91up1qD1bg09u-zcQ3VGi63utVNc136ThG0dQHsfmHyQydY9YmRjk9LmKhfZ05QpmCC3wVq6psuoMuT6qcq5AdV_LNtKtzrsXLPK9eZQfaQSV0hWfblcsEzVKhwpxdgKLtz1JcYAMC1gbQtjYwih1qsbW-gK2lOn3xU1WKVu6vciE9oRsIjU7dLVEFCw-48ky6dvZzY8fsgfSmUd2Smwq33544Lj-H5BtM&cid=CAQSSwDICaaNr-lteqIK2yBzRgTYegnpEX9pXFcSu0-mztQjQj7zntKLeIvFUFmnj0EZDDiMoXJQgBA8CbLzPIBS3o9dBki8IO5Ps6eFZRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Favasdemon.com&ds=l&xdt=1&iif=1&cor=17786959600993436000&adk=3676778483&idt=121&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a863477ba9e99bb608e862ec41e72c4990c2f780fac60178c4d37aee78e3b0be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7701367955671600&output=html&h=90&slotname=3360821374&adk=3887289407&adf=3928560988&pi=t.ma~as.3360821374&w=728&lmt=1698166011&format=728x90&url=https%3A%2F%2Favasdemon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698173211616&bpp=3&bdt=444&idt=233&shv=r20231019&mjsv=m202310190101&ptt=9&saldr=aa&correlator=4305960855176&frm=23&ife=1&pv=2&ga_vid=159174282.1698173211&ga_sid=1698173212&ga_hid=1972417753&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=918&biw=1600&bih=1200&isw=728&ish=90&ifk=873420592&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31079086%2C44805113%2C44805533%2C44805932%2C44806499%2C31078301&oid=2&pvsid=518944053456691&tmod=390886724&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4hc2r9t0ca97&fsb=1&dtd=258
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12500
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 51C6 41 KB
14 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-hvinuDW5dJ8rZRxwTkNnmgnxYt_R48h0tQzDyl-h9Db71Br77xOA85XpP0IBDFn42fLIvCDkK-CfN_fyH22cPPIbyNN8tWL5P25wEdLfhHGuRHFaB39bkHPGQ1i5m04MrqYKxh1YppcB2TRID8_w5DQWbWZDPC1stX1ewXa82ehOytY&cry=1&dbm_d=AKAmf-AsRZoU-FysHczC_wT9KX9sE1o1_4DXcJOgPoKEf8gCgWCGPtygotRewDA9W3AF7TOZbZTE0NsI9lCuuOLuEJfo1BTU6l8koboHSOaOH7yvttDcFpuqbdyui9hiKIbmTg_i8WnXW92y3j76e6Bt95X15TIYJvoekqQJhvRwo4B3M5ezykbCPUIS8Q4QBPS1Smk8B0qImQ811SjkyKenYmFUv17kw7wTSiTNltUETFUb6YU6ozMmPfcdHE6yselTZDc7O1-BOieFPceR2Bfrf43q-t0o3KgSeqeIBMkRVy7i7PVptNje7shkCKfnPxoMRjS7RlOKinRA3WApcsbhMJ9ZG3ZHh79h_G5pT2cAC5Ez1mSJstCTFXscNzrJGTKnwyEAvOZvPx8SS6cOCeHdIL8P9fSaWmkGznpr4UX7PHaqgJ7hRXj4GNhxd3DC-HltOKeno5QOcmO_SMZ1P6o92tMPfwmpCBS_orMCOK0iiHk3gb2Cev3jFQLhqBTvuh5WVzjGuZpQlkJplSImUw_cYNCVOHIprHXI9GGbrrwP6eKnjfHvReO06Z8RzEJ8fV1EqJ_5XF8gGwdawRvBvimI2PXWlYQdrL_-vdyEIeKUMR92eB_zGYFEAK3xiHWsNaWXM887ml0wPjyVxDnVJvj1wFKvfUBkSAmQYspzk_CbC2Tai2fp98xc2TWi6KxpF8UpmRa_IQM4hpYtyGZGMROIw-cDMka3HcoaHA7PTzLHhPNJFcNmLZm_fXXvLwvX_WZx-oEKIYJTopIGFQJpLArbGzSkjeTErEsIJUScWmI-N6tqrU0UnIU1lkrePB7LGNE6uyvs37Kos9fwqIO6pMBgN9r34hEWN5E01j6b-vP8eZnSSz2XKNdNjX7DzZ72krA4pzJYsDEEq_26yTRelvx8RrsFZGRstlhHSPVlcqzZcbMN4dOdesZVDRvAKplHL6KJ5I6EUiy7Vhbd9kQnDcipxcc9t4j9zBAjznDBBOmgyg7z_wAnNGPhyDDCMNQwsjrVq1a2kwvFrlWCrTjC2H4-yQjfazB5uztgO-9ygNln_KFXVkK5L-5eMnA0MtAq2II1wMeyL7uPFHmtMDNkqeytBjIrt8EdeRGdUEaakOQKxog8FukNajgEgNILIOuDLXNPncjuDSAGL3qK6t6325NX2aBWUt8P5gpmwdl7DXIXLq53F0MmRxmGl9wjCbtyTmt-0rH3wCKO7moctwAcplwyQaImS-XAtAMq61Z6i-RV5Ee6dNuaquYljApHSLzZtvQllnxtxv0mRD3gXseWbfbp4jzeMLkK0cFwbc3laKxdGEXTqoGWt27-qnFeuTzvAsTd6bzo1_bvLIwnotzD_L36cZoxSn2gDdEtec6gy1dv0Ni4MJSdD5M2ALw-CAa0VSyHL8cDI7l2wLpslu-ARMnEK5SQ8MSD9JCPagD87oUR5XEXSEICtbzFCAkQ44qI67_ZH8rKjDwl_VADokqvjXquhEdL0mUahEy7TCRv2EuI956I-Sz93Cmbah-JUZg043I65B5-MWo-T3liievBeQrnKzPByZXbrGITkq2cvfxdsQOR2sCZD4hdQdJTV4ecFvLcSm_fNBxcue6U1Dx6R4i4GwXwIvHec9iYCD0pD8V1icE0kclPE_kZpzpFCvv5UsknACAVlx9CSLBpCAMz0ooLqKy3AaTdOKx9W1GdIhZ7iEyYuwUR0eNYk4uYMsjicEeWT8UAvvobfwjtCtbmRPbWcBRNRa1RoKyYducWsgcxbaMaye-U2wSiolx01zB2dkMniM9AURYTIZgk-fwA4ey18gfUD2gxuQBZ6_2Uf6ofaQH4do76d2vmLCSV69be6OA9i9O0_cHcZJdJ679-qpNvkhwsFyW6RrPPN8XHfn9Q-YdmcMY4l9fQ4Un3jL5zV1FviJjW0DOP5cZw5XkRPWoDFuloDq7Fr3G-CS9f5cU2_xg-Gc4pYq0OvaEMj0VItjRs_fj0DUcLNApkbFZaMJ9u2F-fckjSiWlQvEHjYQb8Xi9L8zBbWZ0i9TNJog61-VX-2g42Ez42rMoqXNd6IfmsX75Z-c_SEC7FLdliBG3cq4il7bXhiywRDxVqN6eNscfe-cErQrr9gX7QaAwtfjz4yULekOJHclxOSCjx9jn2PDMaSgVxV2nw-RT69VS1CJiph-EI0-y4N69tNGOALUBdfJs2_JZauXalb521mFPzaKyRWELoblAYDOjhi_BGomYBRcy-ajyDHPF_RdhrD5fLOsMiRuCqjQlSB3XurEoyP4MMP1XaFVoOvGSWAPuI6ve0_0wq5DzV-p3_LHfjzflDzi8-ixq1xLWhiqXCvXXEytt_zV1DFne3fOxX1uuCMJi0Nb5tN1bb07_8WMwfHgdpzkgSBaAnVn7r_PJQ9DfqyHWPVvRoE_9i1jzHHtOPH6AGwK_BvKkCa7aGY5rFgzbbeOfxysNJMYFNDMRUeaPhkzxUXTiOK-doN2aS-2Y2qWmlBqARBk04Mi0HJxrlHnNh8bwf34Gxk-qkxRHhGxTIlui4_yRPBIiVuIUnLJwR7W1kg4cnnt9NZj249cysxzpXNGKUZNsSBqrZ_fkO-UTuoMy-lmkPkJ-md_KJpA_sDx7ySxLdWRQ1ysvKOHHXs4oWf7e0X9P1L3lFCqXr8oPV16N6dyr4JI9kqZLjc6w5F9P_B7lIVVLMIyCLSvIyakNjIfDlm1ZDdonkHtch7B4TbHxX9pfD3w4a0NHS8FnT9xPn4biZrdzySWKCZyaAcQ7e17xHLkgZVz5IdimvtCPvECnR7ULfurpfB9Qrmt3gFMjWOBwjEJYmIbeVhw99zmmDwL-EPPA7sSLwC23inIPXRq_J0w_g08opXh3MJj7jegpeCDvFonxpMgocvq5JziQim3lm-F2UkK2QwumqI3KrICAQrBeAAI8ki3QkvtnfhsbvGAwVaBOLEW8IqJkozHVPqIXr5dCVQm_guzQ5bVVj7nC9Yca9OguP9OGzmw75yhmMUW4TAXfX0jSf2-AkOCLrEehF1uxSAqRlAgdMznRIG4CT9t65sMhFo9FlRU548BbE-vDo2-LAZWK7YTl5QCRaBkljK_BYHTIvEV8IsvcIQWWBTuiHBen1d4ccBaDzLvJ3oyWO5Jxx0Z3hytfIhU0J4sCMeaGPT5JtFbh5LaKBU-ItRkpomXFD4VIPIorALB3WJsYD-c6-Amgzm7pllRqLYqpu1OlckTJvZnyjKchntgA81-49dAOriA4sC-sVgXKCYWz9XWfNAWo7gEi3TCNXXpfEPoaY6RxtzlRIdMVHdquVpTT9raiGUkOIWBvjRYeq8OKjPl79bwjmNZ_X1bAkuvohBPWqaoo24OiajREap5aE0ZDBhavLLRwy__5PIj5Trui-xXDKyr_5JL1V6Uz6WdOOD7mlMdH4T5RdhSV9BA1kAZmzpwpYySN526AGrs3eqx2fHSB6DiwYLU89b9JewPvz_2Hiu0slOJPGFUt226Ia7l4Hur4M_kMg3X8bFC8SaTKVekxeXqJrjH67gvqqs2wIP4XCTG4nD_qhpU-a47sUgPIySFFoP2E2NjlnX_6KtKgZz0IEFo_rezlQLeqRcoMDMWqCi9oGeW04Vcyoo-obnUcLGLvGnXjT-UHTy2v_689Hp-6radj1s7yGAjhflETVAQ-t-7RMITIRh0AE1bohLtHnO5VXhL_Hn2iN7WHwUYEmYM5YbKRfo6xkOmkdzEth6ZFqV9Sf8PgkvynhHV-3mBd0KuyFteAYIMX5qgwdbR_G8_7B&cid=CAQSTADICaaN_J363fwUlgfWIaqMQM_ZQ18Ws0YGx0-N4rGP4I1P2jlyxyDJkuFj9MeaaVZ4JGe6Zy2yeUXrBeoiMsLJ4qw-XpwiUgsXH_YYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Favasdemon.com&ds=l&xdt=1&iif=1&cor=13440060571841837000&adk=2307692975&idt=83&cac=0&dtd=43

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 501315
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 23:31:37 GMT

GET
H/1.1 200
OK 33lgkyejwpt3 Show response
hal9000.redintelligence.net/zone/ Frame 51C6 11 KB
4 KB 97ms
46ms Script
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/33lgkyejwpt3?subid=&gdpr=&gdpr_consent=&rnd=1698173212091032&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvEBFHBE4ZZjHBa6ovcAPld61kASm5b2gaZ2cnKfJD_AuEAEgtNj2I2CVgoCArAfIAQmpAvAs_mHsx7E-qAMByAObBKoEjQJP0J3rCMKgVHqFuEy5SsqvscYSmGF_-PFAqrY2DrV4pTDrmqEhRfguWazSzroCv7GsrYUgQWz2-DfPJSDxUl-lTE08DLdWK_ghJozvlUGSRoTBLsOE_9FkMxcY3ycdQMv98RPU5fnmtug2pHhmU4p7Rupllb4hrP6r_HhBiV4D6__zWItVO9dCQS1nmzYo9HI5LIOZslhN4Pi_J1yXbySNVloJUTj3pYBlwyZ-hqwYLatBapGEmpeyhHLZSwD1YjKUYC-KwzptZXZW_q7IIShcdlxVnftP_NeF2oFU6kLSD4pc3uS9yKds7IGGhX3W0KKKx6jHIKYML9RybNn57BJ_qppMDyDeWng8r1lBjMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaN_J363fwUlgfWIaqMQM_ZQ18Ws0YGx0-N4rGP4I1P2jlyxyDJkuFj9MeaaVZ4JGe6Zy2yeUXrBeoiMsLJ4qw-XpwiUgsXH_YYAQ%26sig%3DAOD64_1wtqc2e9SiTt0I5-jbG4rfnB0uLA%26client%3Dca-pub-7701367955671600%26dbm_c%3DAKAmf-B0av4AwOyZr4e40amX8OwiZKrOh35Qz_WX4D3aLyY09sMD73_awIcQ1QNsY1d8vrdBQ3yiQp0NeBFOAdG8JxCgtjamG-CAWXlnwTFr478A7nw_kl7dTouHNw9LS0Yi_2MBwALPsgdfXSMouk5lSzQ6fXTkoF9d09oaDQqK9cvaf-iFonA%26cry%3D1%26dbm_d%3DAKAmf-A_WlyaZa358O-ivJvViXGvO3no0ajnBhEPCwrjw9XWSHS0X-I5NQY3fT3FIny98Lx8VGqZ8qh0_Valn0oOTN7OrezekOoPrtcb3O5uM0N5z1Rm_83tuPwnNHUOdkqybD0RXSj0RRBXhYS7OVHzzj4tYFs1tdwOmPv6dKIebq22hB3pHbqj24we7ui-IQx-R_4PuyK_Egtb1YetupY8RhII6LEcQyJV5mrDnV-kHMtV2s5nQPck92yClXOBvGkhuLEzDiMhya4qAvbEcE0iVxpcMOge1Fut2stAQ20b63PtOMXp5xmlESHbc56I2DuMD4kageZHWlGhNgE-Vd-UdPra4fWKS8F6qMJew8Q__2k57S1-ou5nq_2XObUb0cUeYCfPOVT0k4EwI-d1rkPpPYW8FF8ceD6oKa0vURXEfJUd-1Og2lH0zv9tigocSMRmu1fRqOQhGB5qomzTlyEkjpXpqvA96qBD1-KWaB8FQCjecpufnswNg6p9Z6jgJLvhaV8uPEypSodYawLrJI2o5CRiUuY04qH3937ef6gZaAYsLrnreuY%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7701367955671600&output=html&h=600&slotname=5755884573&adk=3187182896&adf=891365235&pi=t.ma~as.5755884573&w=160&lmt=1698166011&format=160x600&url=https%3A%2F%2Favasdemon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698173211684&bpp=4&bdt=473&idt=225&shv=r20231019&mjsv=m202310190101&ptt=9&saldr=aa&correlator=4305960855176&frm=23&ife=1&pv=1&ga_vid=159174282.1698173211&ga_sid=1698173212&ga_hid=798251515&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1102&ady=1681&biw=1600&bih=1200&isw=160&ish=600&ifk=931819970&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44785292%2C44805113%2C44805534%2C44805933%2C31078301%2C31079056&oid=2&pvsid=3214204978976800&tmod=1951927451&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.eo1la53z9tgh&btvi=1&fsb=1&dtd=246
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: c41dff2c56804ca509cb5ccf65924ae2f506b7a8b8bbf1a71d3e6a36c358ac26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:52 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4174
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame C6C6 38 KB
13 KB 47ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 481323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 05:04:49 GMT
expires: Fri, 18 Oct 2024 05:04:49 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4101 41 KB
14 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJcLNCYgUthuEk2nYpXx8LkqIK5BlGA2XPfCQtccXGthBxcLo9QQTk6UWnmOnmRG5znHfFRRrW_yEiDjHdVFOrzzN-b6L35QPVVDs-kykxoSp8sAJFJXPaAnc5nFQFC67lebwpSLd42Hv7At1nNSOZnFTV5dskbULBziQq_XwycJFFMY0&cry=1&dbm_d=AKAmf-CDFyZarzbz-nqIDLCS9tGxftJC7zs-OjF5zm821o3_Wi0ZpMxOVKOJbIlQd8trWHefeFZyM3CkFvGNTaheEU58GTSN_59aF6MZlMMCu0E5BXRz6mNp73AmyZon3iqXYXxuN4wpRSVIfkqCxs_RKaWNhAVjZOb-HC-i18EEDicFDOXJU0I3IMuDCQzIYuPBpKIjvtY37UhSyPwMadAxONP-rEctApHPWvMXa2EmWwUWD_8aKCGI-QR2VXdJXHVBoDKUGiPCEgThjKFsHrYLa27BXrAArUSapTR5Uy788DlTMHtZSZLhB7a9bjoGkTXLKSDYxVkOeVpMkIgefTMSddvqqz04JLE05rEUQDFXuOg0yfFFOwaMIvu2sGStb62lVOksYRrv67hgEwfxQL3OMNEiqQYp-4t-rWcm2N2S3lIhuEDDe8BK3X1vIOQ58cnvU_OAHt5o9FOdXH5z1GPpFIW6KlITKIdryCpGnnlmwaA8RdiEMtT0xNCeXNo43DK0Xt-BbWSC-7xVA0r387XcrvVn20tDkdA7u-h-PiZKgTSU9yIlygzjlvVM_PBgwJVET-zsUBH-LmOABpOlYlhub0a7OyuoBo8t-kpyu0rcNd4gaeEFCXAQ5m9DInfWli9n7zpSXSCA2uOa8peP1iY9Sb8rWHwQVLHvQkt9qO9SCVpNB7m5AHbPHdlKhLXpcdSDr_a4sX5yr4HhPBY8tQsOxS2k5wR4X2UfYsHneIHPxeARiZqUi89WWD1HuQAbKAOYVXslDGAJ43LlUb7WMqIGva6ir72UsR40zm3xEVNuf_MrAl0hdOdsidk10pMYm1n7r5F-hYBMQ7f8hbt5yT89N8iwLkpBJN7fH_Yrk02Tv1MDY33l7QuSY9JW22H0YQg3joZKo0wL3oqA3ETtloTWvDpZoMemKLSyU8qNg_dTobgY-lBkfsgXx-QsNn2xS_7f4JOlxEofX0IrTgg2xdApIsLZjmVY5ucvvX290dtfV-THr7vLfpg3KXgFDjCYjUwqSeTvNaaU3fi2JdihdSEeqdBeRKHjgQekhznHjuAr22QZtCMqQD3FmttqjjGe1HwlqfhzJFveQHT1ACOcAHdbs5SupbgdFj6UG5_act6657s53oNDeZWjpgcUjC2ZwyUZgeJzGcrp67uoHsmCCsijUjiq97jG8BvCamhyHDYNSyjuLHvajrKF-ZWPNogphM9_cS6TkOCXbzkYYCl7zYeaNqGsXmGHtg1MFT2GSq8d3dd8nEot6nrfq8yMCz3IXl4s9TsyZjNQV5slo-U414pY7qZ0luD19gpUgQsBC2jzz57XMTfq54i-KlJYgOuEHpNczUoPd1DDG0UThDHv3hpnArK1GUh0rOLYZ-G7yamz0KNSImQ0kt2TZTE2Rk-TxnvJicFYcFy99bf32W-XhTs24X1MdmSIC4qxp2zjdOP2XqUp6zPe9dVSLMGT6m818Wt5a1TR0JxCi_itJ-p_rYK_FLTKYfwWpJRq8HFtXaAHXjlE1dODwy7o6CMafAUpRNE49wp7U6wp5Tio-QXBkw81jxfd3jTxesmMbxTq0VmMhntDS7wP2aZYR7NmI4fKQsrjDJqq65IiyhP7ufREre-7I6SnvcViyTS8ZHyuTiRDiDxlLI4dX_sCj59UkEr8AmQg_sJzT4qXI7Sbu3MW-s2pxhtOMOhBCxmn3TZ8UmHKHDNFkb-UNlmkF2o1bI30_aJZwfGpVmND7ap5WQzGoSOBSQLTtMTh47iK2YryLsm5r1LvvV2NTNBpgNEEaWpil96MZTlp3P9UTwdRmAD8OVBDM6K0-jdI64bkDckxzLST2WHlAldv2G81oWuo4OslS4c4px2nH8QrNVUMw74SQT1FwiFCYsNLgsW4B3EZgif7-bCq0fPCtzDE-FsMUqm2CXKyvHcwiC70_IvbS8YuLw8NgkqgmQVSIiniK-InlIzQQ30K95V1Q3yJFDMMQDMufosFbPBI57J8cC2DRDKC3woESfKWy9X6PA9nlA9L8whh1SlUO-Q9Fua73X4OOolWW6yavj_m-ex6l32DK8XKqtnWP_OyfsOo68z-pE1keweY7EkjjJOegFxOCV_s3zlbca11Mc9pkIRxz68M8xp2bcjafnq3193aXc5jiR5L_K9YBdH4FhtRX0l3E37E9A3AyKsqMOU-dNxL8vSzlazzF77V-Uo36302nb3ubEqEEprRdHP9mow1pVNEU_p2EIVzJtZlxPK9cX4ijwyct4NkreouYlNugU44qcP6pZsrj39awhO7b_nS-ma5OCX4PcJ6P9MzbvqCKRg4Cz4BA19sdWatsv4OFzXHOW8YVmyPPaqdpIvlBGtMaD4w8GXz20aaCk2NWMO-gGIVAjnXA7IL0XIINT1QAuplnhJ-rQZMwACvLFlVDPXcA7H0zAX4fnfAEzcgBwtWt90dSStKZbLAGV_yZ3XVKrYBDzWCTUb55HYLCNkavjPbzd5xDh91rX4OXFwEUJRp88xzzVQz65oWXOL2wao9DcnaVLecybl7Jg3yeNV9kGN377Qr74KvGAjrjC3pD4RQ445vTmz4RSRrWcCXX3ZWfTXyOUp96k0EabVbjvJLKpkHZ1t6F6eLKwXMWVQ1co86eewX4Agl1U3cYMfyXvdWtpMwb5II_yiNNnpbpgIaR4_NcO-k1VdytuwM5cJYlq62m1AgmHTTs0WG7WQgFB0nYpEGtKL-HjLULaBLC13mblbdNuNtGWGRmWqXm3uU0hRCR1k-SF9-DSUvsPIepris_2c0fWOa0gabbJDsUG1fJYbLZ8Q9_mlEL3uuWzDK0p0XCotN4KFNHKx_0x-t8u-DO26hFsr_XQ1k_aJJjmKDDT4DVVKfz6zov_yVmTfxUGOJIaiHW6KWpmwiMCkeyas_UMaqruwv_uZs7PhgN_kbVxwXk-Myx7ZZQYIgzNt2bCzglyOGc1yHig64xja1aGIdk2YFqepbnJ303mz2_G9uiPTZs2EcD11Yw3dqhaLwiB2l2-zvazqCDcMk28nEA860Bgk6M-mU5L64c9bC4KnpCjhpUWbJDG13_Ua2KcJgmr8SZQJ5jDEAxBEZ2vd2ygxVr6yobXQCh5dx_xDDVUJRYnnz6JUdAy70qS9tRCptvTMmZkDh3U9_Mp0_v9CEfSQYqwkp94Ymm_B8nzBrYHAhcKqr47lOx5jG5n7M1X9sFkc1GVeCm_uj2ckr6bMtl5L4I58xCJiFgV3Fi3ggdKB-sl2Wm80qQZG2RG9AHMfYNWlh8MWZCxMPVunDOlRP2IP7B9UcN5vhO4yQNpz32oR5qx5nfb-50n_26wSiaWvj-JPJnxOnEQTAre6xwwTL1CQcwOBlbSOZmBT2gIXe3QUjHiEeObHFP59pABBPclM27bQ_-YQaWR6C8xWdIj50w7xNRQXdrRxYuTA2LtDufthKgUVHhoEfa3ihUulj7Dytmf09Ovk6LeOrr-qYopN44C5vkmJcS7fMc5RoSjuMRRap24UyI1_p_oRFhwCODY2nl0WBnCl_qGTP--WIA91up1qD1bg09u-zcQ3VGi63utVNc136ThG0dQHsfmHyQydY9YmRjk9LmKhfZ05QpmCC3wVq6psuoMuT6qcq5AdV_LNtKtzrsXLPK9eZQfaQSV0hWfblcsEzVKhwpxdgKLtz1JcYAMC1gbQtjYwih1qsbW-gK2lOn3xU1WKVu6vciE9oRsIjU7dLVEFCw-48ky6dvZzY8fsgfSmUd2Smwq33544Lj-H5BtM&cid=CAQSSwDICaaNr-lteqIK2yBzRgTYegnpEX9pXFcSu0-mztQjQj7zntKLeIvFUFmnj0EZDDiMoXJQgBA8CbLzPIBS3o9dBki8IO5Ps6eFZRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Favasdemon.com&ds=l&xdt=1&iif=1&cor=17786959600993436000&adk=3676778483&idt=121&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 501315
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 23:31:37 GMT

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame 4101 11 KB
4 KB 49ms
15ms Script
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1698173212037957&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVczkHBE4ZcWoApGMvcAPkLKroAWm5b2gaYWVnKfJD_AuEAEgtNj2I2CVgoCArAfIAQmpAvAs_mHsx7E-qAMByAObBKoEhgJP0E8AALa3qUaQ025PYhVkxO83iGV1IrXf2C1bf8ArEUk-P0RmntvoK-eM_fNsTHf-RtdgPlLdFbzuFxZoQ1yBRv80-u3T-u8JkI-9NAHaYjQW1djSexL8sU33-2bWIREJu-KE4oFxTqxQzX3C9Zv5lAZhxPfVvrdI2a0tm2xppEHrdAB-WRx0ScUqVbklv6cIZ92UFSwAQjyMjvcF4i14Zkk3OkS0hQlqcyBkNULECMsoYeCHZnMCDDLePb0mMGJ-5KPm6dq5Nv1swnWq1eQzXTcwMUsMCaANcn87embcgc9_X1DhI1psJD7-N7aSsW06rqn1hPUqXvJZo4Z3ptnywrHvBBShwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREWwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSSwDICaaNr-lteqIK2yBzRgTYegnpEX9pXFcSu0-mztQjQj7zntKLeIvFUFmnj0EZDDiMoXJQgBA8CbLzPIBS3o9dBki8IO5Ps6eFZRgB%26sig%3DAOD64_2GwkoaarWOHpgalIgAjMgAYu5ZUg%26client%3Dca-pub-7701367955671600%26dbm_c%3DAKAmf-DfafHN6qbjlwNwHJpvft1Gallx-18fmxIx6RNVkgDxY2_a0kiBhTzApUxv_G1RmEas1G00fEKGpFWNm1Jjh68HcogIAelUQYhsuTi5buRA8U8NsfOLhvTJOMkBrWiPRO2bmdQnLmb2-wf1wg3yLaepMWd2AjqrXCMFDlqueMGzIhQ6Ocs%26cry%3D1%26dbm_d%3DAKAmf-A-f72huhBklKHSa5vJA-N9vdX6n6HbIOvOm9cFKOz96-P4PzirHGxfn4UY4SDMQf0LYZUG2fRtJtYxPv2LuafYr0eUZLPQjl2DksuTkJGd2xZqQi9_7YzhXwvBcqJAEOkBPArxGxaILuzFqjaAXvfZIgK-zw4MXERrld4GZr6JjB8T9so3VAaaOEqS7scBfDq6F2liz7h03-9QWf0eX1WjHSvYVDzbLCcht8Nj5l9437s6bgIEEn7KpaRiI69HbBmD2bRjP8A0uFkg88c5iPfFkXfpev6kNIXOexKo8tkDfakW_uJ5oj82IvbUXR2Qa9tgL_SD88mCeURmHHTElZZ8u2_gNk6q_fSzwJYdehKK1dDyWog8Zx-r-WlrF7tQy3D4gX_vW-d0fqghQMRsTWw2seYOTdgB3HcykQWP8UZmDongk5dNRxmkzSGpXubSZPuN7JOc6Q938UeqPs2jBTIRjkibrnbWbzq0zAegDVQuKmeaDJ6iea7iWqFCFo9clvZJHRb0ASsRrcDce_OeMXC_vsEUNr-6Gg-yeYH6oNC6AAQObEA%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7701367955671600&output=html&h=90&slotname=3360821374&adk=3887289407&adf=3928560988&pi=t.ma~as.3360821374&w=728&lmt=1698166011&format=728x90&url=https%3A%2F%2Favasdemon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698173211616&bpp=3&bdt=444&idt=233&shv=r20231019&mjsv=m202310190101&ptt=9&saldr=aa&correlator=4305960855176&frm=23&ife=1&pv=2&ga_vid=159174282.1698173211&ga_sid=1698173212&ga_hid=1972417753&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=918&biw=1600&bih=1200&isw=728&ish=90&ifk=873420592&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31079086%2C44805113%2C44805533%2C44805932%2C44806499%2C31078301&oid=2&pvsid=518944053456691&tmod=390886724&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4hc2r9t0ca97&fsb=1&dtd=258
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: c19ae59d6eafbf9617659f916070113714537a4b6aeb096f550a0e2b0ca51d12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:52 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4164
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B524 38 KB
13 KB 14ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 481323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 05:04:49 GMT
expires: Fri, 18 Oct 2024 05:04:49 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal900022.redintelligence.net/ Frame 4101
Redirect Chain

https://hal900022.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=56d2f09758&subid=&uid=0bef36ada86ea751&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900022.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=56d2f09758&subid=&uid=0bef36ada86ea751&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

119ms
93ms

Script
application/x-javascript

144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=56d2f09758&subid=&uid=0bef36ada86ea751&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVczkHBE4ZcWoApGMvcAPkLKroAWm5b2gaYWVnKfJD_AuEAEgtNj2I2CVgoCArAfIAQmpAvAs_mHsx7E-qAMByAObBKoEhgJP0E8AALa3qUaQ025PYhVkxO83iGV1IrXf2C1bf8ArEUk-P0RmntvoK-eM_fNsTHf-RtdgPlLdFbzuFxZoQ1yBRv80-u3T-u8JkI-9NAHaYjQW1djSexL8sU33-2bWIREJu-KE4oFxTqxQzX3C9Zv5lAZhxPfVvrdI2a0tm2xppEHrdAB-WRx0ScUqVbklv6cIZ92UFSwAQjyMjvcF4i14Zkk3OkS0hQlqcyBkNULECMsoYeCHZnMCDDLePb0mMGJ-5KPm6dq5Nv1swnWq1eQzXTcwMUsMCaANcn87embcgc9_X1DhI1psJD7-N7aSsW06rqn1hPUqXvJZo4Z3ptnywrHvBBShwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREWwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSSwDICaaNr-lteqIK2yBzRgTYegnpEX9pXFcSu0-mztQjQj7zntKLeIvFUFmnj0EZDDiMoXJQgBA8CbLzPIBS3o9dBki8IO5Ps6eFZRgB%26sig%3DAOD64_2GwkoaarWOHpgalIgAjMgAYu5ZUg%26client%3Dca-pub-7701367955671600%26dbm_c%3DAKAmf-DfafHN6qbjlwNwHJpvft1Gallx-18fmxIx6RNVkgDxY2_a0kiBhTzApUxv_G1RmEas1G00fEKGpFWNm1Jjh68HcogIAelUQYhsuTi5buRA8U8NsfOLhvTJOMkBrWiPRO2bmdQnLmb2-wf1wg3yLaepMWd2AjqrXCMFDlqueMGzIhQ6Ocs%26cry%3D1%26dbm_d%3DAKAmf-A-f72huhBklKHSa5vJA-N9vdX6n6HbIOvOm9cFKOz96-P4PzirHGxfn4UY4SDMQf0LYZUG2fRtJtYxPv2LuafYr0eUZLPQjl2DksuTkJGd2xZqQi9_7YzhXwvBcqJAEOkBPArxGxaILuzFqjaAXvfZIgK-zw4MXERrld4GZr6JjB8T9so3VAaaOEqS7scBfDq6F2liz7h03-9QWf0eX1WjHSvYVDzbLCcht8Nj5l9437s6bgIEEn7KpaRiI69HbBmD2bRjP8A0uFkg88c5iPfFkXfpev6kNIXOexKo8tkDfakW_uJ5oj82IvbUXR2Qa9tgL_SD88mCeURmHHTElZZ8u2_gNk6q_fSzwJYdehKK1dDyWog8Zx-r-WlrF7tQy3D4gX_vW-d0fqghQMRsTWw2seYOTdgB3HcykQWP8UZmDongk5dNRxmkzSGpXubSZPuN7JOc6Q938UeqPs2jBTIRjkibrnbWbzq0zAegDVQuKmeaDJ6iea7iWqFCFo9clvZJHRb0ASsRrcDce_OeMXC_vsEUNr-6Gg-yeYH6oNC6AAQObEA%26adurl%3D&documentReferer=https%3A%2F%2Favasdemon.com%2F&ancestorOrigins=https%3A%2F%2Favasdemon.com%2Chttps%3A%2F%2Favasdemon.com&random=9966358832851&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7701367955671600&output=html&h=90&slotname=3360821374&adk=3887289407&adf=3928560988&pi=t.ma~as.3360821374&w=728&lmt=1698166011&format=728x90&url=https%3A%2F%2Favasdemon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698173211616&bpp=3&bdt=444&idt=233&shv=r20231019&mjsv=m202310190101&ptt=9&saldr=aa&correlator=4305960855176&frm=23&ife=1&pv=2&ga_vid=159174282.1698173211&ga_sid=1698173212&ga_hid=1972417753&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=918&biw=1600&bih=1200&isw=728&ish=90&ifk=873420592&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31079086%2C44805113%2C44805533%2C44805932%2C44806499%2C31078301&oid=2&pvsid=518944053456691&tmod=390886724&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4hc2r9t0ca97&fsb=1&dtd=258
Protocol: HTTP/1.1
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 3322104f6274a34ec8c4777ea8a2c93d2da16749998318c1e4959f1441b0a6b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 24 Oct 2023 18:46:52 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 31268700152956804444550012487022
Connection: close
Content-Length: 1164
Expires: Tue, 24 Oct 2023 19:46:52 +0200

Redirect headers

Pragma: no-cache
Date: Tue, 24 Oct 2023 18:46:52 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=56d2f09758&subid=&uid=0bef36ada86ea751&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVczkHBE4ZcWoApGMvcAPkLKroAWm5b2gaYWVnKfJD_AuEAEgtNj2I2CVgoCArAfIAQmpAvAs_mHsx7E-qAMByAObBKoEhgJP0E8AALa3qUaQ025PYhVkxO83iGV1IrXf2C1bf8ArEUk-P0RmntvoK-eM_fNsTHf-RtdgPlLdFbzuFxZoQ1yBRv80-u3T-u8JkI-9NAHaYjQW1djSexL8sU33-2bWIREJu-KE4oFxTqxQzX3C9Zv5lAZhxPfVvrdI2a0tm2xppEHrdAB-WRx0ScUqVbklv6cIZ92UFSwAQjyMjvcF4i14Zkk3OkS0hQlqcyBkNULECMsoYeCHZnMCDDLePb0mMGJ-5KPm6dq5Nv1swnWq1eQzXTcwMUsMCaANcn87embcgc9_X1DhI1psJD7-N7aSsW06rqn1hPUqXvJZo4Z3ptnywrHvBBShwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREWwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSSwDICaaNr-lteqIK2yBzRgTYegnpEX9pXFcSu0-mztQjQj7zntKLeIvFUFmnj0EZDDiMoXJQgBA8CbLzPIBS3o9dBki8IO5Ps6eFZRgB%26sig%3DAOD64_2GwkoaarWOHpgalIgAjMgAYu5ZUg%26client%3Dca-pub-7701367955671600%26dbm_c%3DAKAmf-DfafHN6qbjlwNwHJpvft1Gallx-18fmxIx6RNVkgDxY2_a0kiBhTzApUxv_G1RmEas1G00fEKGpFWNm1Jjh68HcogIAelUQYhsuTi5buRA8U8NsfOLhvTJOMkBrWiPRO2bmdQnLmb2-wf1wg3yLaepMWd2AjqrXCMFDlqueMGzIhQ6Ocs%26cry%3D1%26dbm_d%3DAKAmf-A-f72huhBklKHSa5vJA-N9vdX6n6HbIOvOm9cFKOz96-P4PzirHGxfn4UY4SDMQf0LYZUG2fRtJtYxPv2LuafYr0eUZLPQjl2DksuTkJGd2xZqQi9_7YzhXwvBcqJAEOkBPArxGxaILuzFqjaAXvfZIgK-zw4MXERrld4GZr6JjB8T9so3VAaaOEqS7scBfDq6F2liz7h03-9QWf0eX1WjHSvYVDzbLCcht8Nj5l9437s6bgIEEn7KpaRiI69HbBmD2bRjP8A0uFkg88c5iPfFkXfpev6kNIXOexKo8tkDfakW_uJ5oj82IvbUXR2Qa9tgL_SD88mCeURmHHTElZZ8u2_gNk6q_fSzwJYdehKK1dDyWog8Zx-r-WlrF7tQy3D4gX_vW-d0fqghQMRsTWw2seYOTdgB3HcykQWP8UZmDongk5dNRxmkzSGpXubSZPuN7JOc6Q938UeqPs2jBTIRjkibrnbWbzq0zAegDVQuKmeaDJ6iea7iWqFCFo9clvZJHRb0ASsRrcDce_OeMXC_vsEUNr-6Gg-yeYH6oNC6AAQObEA%26adurl%3D&documentReferer=https%3A%2F%2Favasdemon.com%2F&ancestorOrigins=https%3A%2F%2Favasdemon.com%2Chttps%3A%2F%2Favasdemon.com&random=9966358832851&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Tue, 24 Oct 2023 19:46:52 +0200

GET
H3 200 jkeNCdo99qjuYe8I46ZORQC9giCrdAWNIccvlek98BY.js Show response
pagead2.googlesyndication.com/bg/ Frame C6C6 38 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jkeNCdo99qjuYe8I46ZORQC9giCrdAWNIccvlek98BY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e478d09da3df6a8ee61ef08e3a64e4500bd8220ab74058d21c72f95e93df016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 14:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 535222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15023
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Oct 2024 14:06:30 GMT

GET
H/1.1

200
OK

request.php Show response
hal900020.redintelligence.net/ Frame 51C6
Redirect Chain

https://hal900020.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=e661cfd4f4&subid=&uid=dc04f5bab0ba6f3e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900020.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=e661cfd4f4&subid=&uid=dc04f5bab0ba6f3e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

102ms
73ms

Script
application/x-javascript

178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=e661cfd4f4&subid=&uid=dc04f5bab0ba6f3e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvEBFHBE4ZZjHBa6ovcAPld61kASm5b2gaZ2cnKfJD_AuEAEgtNj2I2CVgoCArAfIAQmpAvAs_mHsx7E-qAMByAObBKoEjQJP0J3rCMKgVHqFuEy5SsqvscYSmGF_-PFAqrY2DrV4pTDrmqEhRfguWazSzroCv7GsrYUgQWz2-DfPJSDxUl-lTE08DLdWK_ghJozvlUGSRoTBLsOE_9FkMxcY3ycdQMv98RPU5fnmtug2pHhmU4p7Rupllb4hrP6r_HhBiV4D6__zWItVO9dCQS1nmzYo9HI5LIOZslhN4Pi_J1yXbySNVloJUTj3pYBlwyZ-hqwYLatBapGEmpeyhHLZSwD1YjKUYC-KwzptZXZW_q7IIShcdlxVnftP_NeF2oFU6kLSD4pc3uS9yKds7IGGhX3W0KKKx6jHIKYML9RybNn57BJ_qppMDyDeWng8r1lBjMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaN_J363fwUlgfWIaqMQM_ZQ18Ws0YGx0-N4rGP4I1P2jlyxyDJkuFj9MeaaVZ4JGe6Zy2yeUXrBeoiMsLJ4qw-XpwiUgsXH_YYAQ%26sig%3DAOD64_1wtqc2e9SiTt0I5-jbG4rfnB0uLA%26client%3Dca-pub-7701367955671600%26dbm_c%3DAKAmf-B0av4AwOyZr4e40amX8OwiZKrOh35Qz_WX4D3aLyY09sMD73_awIcQ1QNsY1d8vrdBQ3yiQp0NeBFOAdG8JxCgtjamG-CAWXlnwTFr478A7nw_kl7dTouHNw9LS0Yi_2MBwALPsgdfXSMouk5lSzQ6fXTkoF9d09oaDQqK9cvaf-iFonA%26cry%3D1%26dbm_d%3DAKAmf-A_WlyaZa358O-ivJvViXGvO3no0ajnBhEPCwrjw9XWSHS0X-I5NQY3fT3FIny98Lx8VGqZ8qh0_Valn0oOTN7OrezekOoPrtcb3O5uM0N5z1Rm_83tuPwnNHUOdkqybD0RXSj0RRBXhYS7OVHzzj4tYFs1tdwOmPv6dKIebq22hB3pHbqj24we7ui-IQx-R_4PuyK_Egtb1YetupY8RhII6LEcQyJV5mrDnV-kHMtV2s5nQPck92yClXOBvGkhuLEzDiMhya4qAvbEcE0iVxpcMOge1Fut2stAQ20b63PtOMXp5xmlESHbc56I2DuMD4kageZHWlGhNgE-Vd-UdPra4fWKS8F6qMJew8Q__2k57S1-ou5nq_2XObUb0cUeYCfPOVT0k4EwI-d1rkPpPYW8FF8ceD6oKa0vURXEfJUd-1Og2lH0zv9tigocSMRmu1fRqOQhGB5qomzTlyEkjpXpqvA96qBD1-KWaB8FQCjecpufnswNg6p9Z6jgJLvhaV8uPEypSodYawLrJI2o5CRiUuY04qH3937ef6gZaAYsLrnreuY%26adurl%3D&documentReferer=https%3A%2F%2Favasdemon.com%2F&ancestorOrigins=https%3A%2F%2Favasdemon.com%2Chttps%3A%2F%2Favasdemon.com&random=6799833153718&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7701367955671600&output=html&h=600&slotname=5755884573&adk=3187182896&adf=891365235&pi=t.ma~as.5755884573&w=160&lmt=1698166011&format=160x600&url=https%3A%2F%2Favasdemon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698173211684&bpp=4&bdt=473&idt=225&shv=r20231019&mjsv=m202310190101&ptt=9&saldr=aa&correlator=4305960855176&frm=23&ife=1&pv=1&ga_vid=159174282.1698173211&ga_sid=1698173212&ga_hid=798251515&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1102&ady=1681&biw=1600&bih=1200&isw=160&ish=600&ifk=931819970&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44785292%2C44805113%2C44805534%2C44805933%2C31078301%2C31079056&oid=2&pvsid=3214204978976800&tmod=1951927451&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.eo1la53z9tgh&btvi=1&fsb=1&dtd=246
Protocol: HTTP/1.1
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: 98cede386674abc300acb6c1c9d8010427e51f1709d833c25054f930ee93af17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 24 Oct 2023 18:46:53 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 61631600169924004444556012487020
Connection: close
Content-Length: 1127
Expires: Tue, 24 Oct 2023 19:46:53 +0200

Redirect headers

Pragma: no-cache
Date: Tue, 24 Oct 2023 18:46:52 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=e661cfd4f4&subid=&uid=dc04f5bab0ba6f3e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvEBFHBE4ZZjHBa6ovcAPld61kASm5b2gaZ2cnKfJD_AuEAEgtNj2I2CVgoCArAfIAQmpAvAs_mHsx7E-qAMByAObBKoEjQJP0J3rCMKgVHqFuEy5SsqvscYSmGF_-PFAqrY2DrV4pTDrmqEhRfguWazSzroCv7GsrYUgQWz2-DfPJSDxUl-lTE08DLdWK_ghJozvlUGSRoTBLsOE_9FkMxcY3ycdQMv98RPU5fnmtug2pHhmU4p7Rupllb4hrP6r_HhBiV4D6__zWItVO9dCQS1nmzYo9HI5LIOZslhN4Pi_J1yXbySNVloJUTj3pYBlwyZ-hqwYLatBapGEmpeyhHLZSwD1YjKUYC-KwzptZXZW_q7IIShcdlxVnftP_NeF2oFU6kLSD4pc3uS9yKds7IGGhX3W0KKKx6jHIKYML9RybNn57BJ_qppMDyDeWng8r1lBjMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaN_J363fwUlgfWIaqMQM_ZQ18Ws0YGx0-N4rGP4I1P2jlyxyDJkuFj9MeaaVZ4JGe6Zy2yeUXrBeoiMsLJ4qw-XpwiUgsXH_YYAQ%26sig%3DAOD64_1wtqc2e9SiTt0I5-jbG4rfnB0uLA%26client%3Dca-pub-7701367955671600%26dbm_c%3DAKAmf-B0av4AwOyZr4e40amX8OwiZKrOh35Qz_WX4D3aLyY09sMD73_awIcQ1QNsY1d8vrdBQ3yiQp0NeBFOAdG8JxCgtjamG-CAWXlnwTFr478A7nw_kl7dTouHNw9LS0Yi_2MBwALPsgdfXSMouk5lSzQ6fXTkoF9d09oaDQqK9cvaf-iFonA%26cry%3D1%26dbm_d%3DAKAmf-A_WlyaZa358O-ivJvViXGvO3no0ajnBhEPCwrjw9XWSHS0X-I5NQY3fT3FIny98Lx8VGqZ8qh0_Valn0oOTN7OrezekOoPrtcb3O5uM0N5z1Rm_83tuPwnNHUOdkqybD0RXSj0RRBXhYS7OVHzzj4tYFs1tdwOmPv6dKIebq22hB3pHbqj24we7ui-IQx-R_4PuyK_Egtb1YetupY8RhII6LEcQyJV5mrDnV-kHMtV2s5nQPck92yClXOBvGkhuLEzDiMhya4qAvbEcE0iVxpcMOge1Fut2stAQ20b63PtOMXp5xmlESHbc56I2DuMD4kageZHWlGhNgE-Vd-UdPra4fWKS8F6qMJew8Q__2k57S1-ou5nq_2XObUb0cUeYCfPOVT0k4EwI-d1rkPpPYW8FF8ceD6oKa0vURXEfJUd-1Og2lH0zv9tigocSMRmu1fRqOQhGB5qomzTlyEkjpXpqvA96qBD1-KWaB8FQCjecpufnswNg6p9Z6jgJLvhaV8uPEypSodYawLrJI2o5CRiUuY04qH3937ef6gZaAYsLrnreuY%26adurl%3D&documentReferer=https%3A%2F%2Favasdemon.com%2F&ancestorOrigins=https%3A%2F%2Favasdemon.com%2Chttps%3A%2F%2Favasdemon.com&random=6799833153718&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Tue, 24 Oct 2023 19:46:52 +0200

GET
H3 200 jkeNCdo99qjuYe8I46ZORQC9giCrdAWNIccvlek98BY.js Show response
pagead2.googlesyndication.com/bg/ Frame B524 38 KB
15 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jkeNCdo99qjuYe8I46ZORQC9giCrdAWNIccvlek98BY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e478d09da3df6a8ee61ef08e3a64e4500bd8220ab74058d21c72f95e93df016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 14:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 535222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15023
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Oct 2024 14:06:30 GMT

GET
H2

200

htlp Show response
futalis.de/ Frame 4AD8
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=31268700152956804444550012487022&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3233064892

350 B
401 B

64ms
15ms

Document
text/html

49.12.16.151
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3233064892
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=56d2f09758&subid=&uid=0bef36ada86ea751&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVczkHBE4ZcWoApGMvcAPkLKroAWm5b2gaYWVnKfJD_AuEAEgtNj2I2CVgoCArAfIAQmpAvAs_mHsx7E-qAMByAObBKoEhgJP0E8AALa3qUaQ025PYhVkxO83iGV1IrXf2C1bf8ArEUk-P0RmntvoK-eM_fNsTHf-RtdgPlLdFbzuFxZoQ1yBRv80-u3T-u8JkI-9NAHaYjQW1djSexL8sU33-2bWIREJu-KE4oFxTqxQzX3C9Zv5lAZhxPfVvrdI2a0tm2xppEHrdAB-WRx0ScUqVbklv6cIZ92UFSwAQjyMjvcF4i14Zkk3OkS0hQlqcyBkNULECMsoYeCHZnMCDDLePb0mMGJ-5KPm6dq5Nv1swnWq1eQzXTcwMUsMCaANcn87embcgc9_X1DhI1psJD7-N7aSsW06rqn1hPUqXvJZo4Z3ptnywrHvBBShwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREWwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSSwDICaaNr-lteqIK2yBzRgTYegnpEX9pXFcSu0-mztQjQj7zntKLeIvFUFmnj0EZDDiMoXJQgBA8CbLzPIBS3o9dBki8IO5Ps6eFZRgB%26sig%3DAOD64_2GwkoaarWOHpgalIgAjMgAYu5ZUg%26client%3Dca-pub-7701367955671600%26dbm_c%3DAKAmf-DfafHN6qbjlwNwHJpvft1Gallx-18fmxIx6RNVkgDxY2_a0kiBhTzApUxv_G1RmEas1G00fEKGpFWNm1Jjh68HcogIAelUQYhsuTi5buRA8U8NsfOLhvTJOMkBrWiPRO2bmdQnLmb2-wf1wg3yLaepMWd2AjqrXCMFDlqueMGzIhQ6Ocs%26cry%3D1%26dbm_d%3DAKAmf-A-f72huhBklKHSa5vJA-N9vdX6n6HbIOvOm9cFKOz96-P4PzirHGxfn4UY4SDMQf0LYZUG2fRtJtYxPv2LuafYr0eUZLPQjl2DksuTkJGd2xZqQi9_7YzhXwvBcqJAEOkBPArxGxaILuzFqjaAXvfZIgK-zw4MXERrld4GZr6JjB8T9so3VAaaOEqS7scBfDq6F2liz7h03-9QWf0eX1WjHSvYVDzbLCcht8Nj5l9437s6bgIEEn7KpaRiI69HbBmD2bRjP8A0uFkg88c5iPfFkXfpev6kNIXOexKo8tkDfakW_uJ5oj82IvbUXR2Qa9tgL_SD88mCeURmHHTElZZ8u2_gNk6q_fSzwJYdehKK1dDyWog8Zx-r-WlrF7tQy3D4gX_vW-d0fqghQMRsTWw2seYOTdgB3HcykQWP8UZmDongk5dNRxmkzSGpXubSZPuN7JOc6Q938UeqPs2jBTIRjkibrnbWbzq0zAegDVQuKmeaDJ6iea7iWqFCFo9clvZJHRb0ASsRrcDce_OeMXC_vsEUNr-6Gg-yeYH6oNC6AAQObEA%26adurl%3D&documentReferer=https%3A%2F%2Favasdemon.com%2F&ancestorOrigins=https%3A%2F%2Favasdemon.com%2Chttps%3A%2F%2Favasdemon.com&random=9966358832851&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-1.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 24 Oct 2023 18:46:53 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3233064892
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame A6BD 0
616 B 1559ms
1287ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=31268700152956804444550012487022&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=56d2f09758&subid=&uid=0bef36ada86ea751&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVczkHBE4ZcWoApGMvcAPkLKroAWm5b2gaYWVnKfJD_AuEAEgtNj2I2CVgoCArAfIAQmpAvAs_mHsx7E-qAMByAObBKoEhgJP0E8AALa3qUaQ025PYhVkxO83iGV1IrXf2C1bf8ArEUk-P0RmntvoK-eM_fNsTHf-RtdgPlLdFbzuFxZoQ1yBRv80-u3T-u8JkI-9NAHaYjQW1djSexL8sU33-2bWIREJu-KE4oFxTqxQzX3C9Zv5lAZhxPfVvrdI2a0tm2xppEHrdAB-WRx0ScUqVbklv6cIZ92UFSwAQjyMjvcF4i14Zkk3OkS0hQlqcyBkNULECMsoYeCHZnMCDDLePb0mMGJ-5KPm6dq5Nv1swnWq1eQzXTcwMUsMCaANcn87embcgc9_X1DhI1psJD7-N7aSsW06rqn1hPUqXvJZo4Z3ptnywrHvBBShwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CREWwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSSwDICaaNr-lteqIK2yBzRgTYegnpEX9pXFcSu0-mztQjQj7zntKLeIvFUFmnj0EZDDiMoXJQgBA8CbLzPIBS3o9dBki8IO5Ps6eFZRgB%26sig%3DAOD64_2GwkoaarWOHpgalIgAjMgAYu5ZUg%26client%3Dca-pub-7701367955671600%26dbm_c%3DAKAmf-DfafHN6qbjlwNwHJpvft1Gallx-18fmxIx6RNVkgDxY2_a0kiBhTzApUxv_G1RmEas1G00fEKGpFWNm1Jjh68HcogIAelUQYhsuTi5buRA8U8NsfOLhvTJOMkBrWiPRO2bmdQnLmb2-wf1wg3yLaepMWd2AjqrXCMFDlqueMGzIhQ6Ocs%26cry%3D1%26dbm_d%3DAKAmf-A-f72huhBklKHSa5vJA-N9vdX6n6HbIOvOm9cFKOz96-P4PzirHGxfn4UY4SDMQf0LYZUG2fRtJtYxPv2LuafYr0eUZLPQjl2DksuTkJGd2xZqQi9_7YzhXwvBcqJAEOkBPArxGxaILuzFqjaAXvfZIgK-zw4MXERrld4GZr6JjB8T9so3VAaaOEqS7scBfDq6F2liz7h03-9QWf0eX1WjHSvYVDzbLCcht8Nj5l9437s6bgIEEn7KpaRiI69HbBmD2bRjP8A0uFkg88c5iPfFkXfpev6kNIXOexKo8tkDfakW_uJ5oj82IvbUXR2Qa9tgL_SD88mCeURmHHTElZZ8u2_gNk6q_fSzwJYdehKK1dDyWog8Zx-r-WlrF7tQy3D4gX_vW-d0fqghQMRsTWw2seYOTdgB3HcykQWP8UZmDongk5dNRxmkzSGpXubSZPuN7JOc6Q938UeqPs2jBTIRjkibrnbWbzq0zAegDVQuKmeaDJ6iea7iWqFCFo9clvZJHRb0ASsRrcDce_OeMXC_vsEUNr-6Gg-yeYH6oNC6AAQObEA%26adurl%3D&documentReferer=https%3A%2F%2Favasdemon.com%2F&ancestorOrigins=https%3A%2F%2Favasdemon.com%2Chttps%3A%2F%2Favasdemon.com&random=9966358832851&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"SourceEventId":"17200521800103984","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Tue, 24 Oct 2023 18:46:54 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40027
x-iplb-request-id: 50FF0ACB:A28C_91EFC182:01BB_6538111D_4523159:1193B

GET
H/1.1 200
OK 89f7480c0afa0150827cf163f8728151
pv.medialead.de/trck/epv/ Frame 267B 0
616 B 5327ms
5277ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=31268700152956804444550012487022&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"SourceEventId":"25200521800103636","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Tue, 24 Oct 2023 18:46:55 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: 50FF0ACB:A28A_91EFC182:01BB_6538111D_457273B:19776

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame 4101 0
616 B 5330ms
4240ms Script
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=31268700152956804444550012487022&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:55 GMT
strict-transport-security: max-age=15768000
attribution-reporting-register-source: {"SourceEventId":"17200521800103984","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
server: nginx
host: pv.medialead.de
x-iplb-request-id: 50FF0ACB:A286_91EFC182:01BB_6538111E_45231C0:1193B
x-iplb-instance: 40027
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 4101 43 B
632 B 5331ms
4233ms Image
image/gif 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=31268700152956804444550012487022&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:56 GMT
strict-transport-security: max-age=15768000
attribution-reporting-register-source: {"SourceEventId":"17200521800103984","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
server: nginx
host: pv.medialead.de
x-iplb-request-id: 50FF0ACB:A284_91EFC182:01BB_6538111E_4572744:19774
x-iplb-instance: 40028
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6C6 0
20 B 128ms
128ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bp4-JHBE4ZczzJ6a07_UP9oKH0AEAAAAAOAHgBAI&bg=!aGulayTNAAao7_3LiO87ADQBe5WfOMFeHeseXsBA7kkPFUvM4u6ErI_0ekqZBe4fw-stV498KScDMups0hwPLV0AOPneAgAAANFSAAAABWgBBwoAdwQNNkd-bXDK6K7RFQIUgJLiUzHZnvGCku9iWqwPwnZ4IV1XdM3KX01Gv-WW0nmggJ97GshU4seTjvkDxShGb21GrT9u_a5VALzhLiGgNM0ul4p24tLMEOEgYCXP6ket6jgxyvaCC5jMICt67XXqsWhvqQssGjKXmQLvChN2Bu0o4IwU5CYuqJ3YqTp47qXX_A2Ecw5hFyJZtnLnvlpnRywrjZf3N9zG6ZYXMnINJGrjr-H_RHYjl6eX9hTO21T-yfFjF0aNatyfhhIIXQ9JtrEezZGLBPu9gBtBe9Kpm42hqEHo6YTTfG8zlHlmrg1dROGe46VaU44d5A6ZIn_MKqTe5snvQy-nvpenaM64RIqTGs2TbigTCrMJZBzIvIlQ0HHAwbuASDzM9LDo6TexLZjigsT0XqtXZKCUlo_wspklY55s_5ZZi2bPPL6bTygK0ZWN9zJQ2Q-hSMEXrS7fwPPl4a_W-lwT56gZAxaJkvh53ex49Te1v4t89zNt6GrmW6w41Tqz9rcW283535F5jX_0-BqZCjtDhwHIgYYIOa-f5GNsrKujnQuJ22JATuU0aWY9lVcua7k9EYdLiowPYuvwQGBUXmgJ3IMECcnUbtZYc8ByH-t1QaK873w1WobhY_mXXgSfpzeMdxUv7Ajo7igsVoSelxTkOSP8Xtukj0dusj9fS4RshlhrjhMohAk_2a4wThb0LjhmwjiE_AeMvV2IqaeWvumqjKuceOaFuMC16GPgjKsHvrt-NlXsSsOR7XbyY9dWkwA3ngDxfaoucHXZa7tCNSU8FU1GKVAKpBeJYG2V9C5ieLgFM_0ngyTdQpTchCF4cjDUxzbv9UAKsJvVlgv7aVrH28_8NWEI8z-0XHCbBEkHH1Q6DmFJw-99JqNd9HODB0--4yPUAfced1gm3EmPKHjRFCOkI-1FmMrjaTCnL4V0gWg2ZUnAn5myV0ScEWrqrjLB_yT956sebGK2O-rzrB8KG2z0x-6Ummh8-45EHwfCKRsh7Liieq21ENPa4VuMSz98ZXB4YP-xzXGL7LSfY87YGo0skZaK-OI8kVpndZwokzVsWO8FIsA8xDZyfPY47V8iWw8aaP8mWx4-UddhKfv1Hgf5sXlUdcFCQMiSdXoTckqwImnf7j1XFAXFBE2gMMlPgQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0413 0
0 129ms
129ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231019&jk=3214204978976800&bg=!cnGlcT7NAAaMkNwkrJA7ADQBe5WfOAxLPN6mT_K05tpQ3Q0_n0z5x5TXTvZUNUZQWN2c1ywj_lJdrIldzNuq3X3GprKuAgAAASxSAAAABWgBBwoAihwcOV2S8_QDC4lFmujfEHa5uceWtTVI6rp4ifbBon2By2d_Ca3hrwo5HNFojbrDzPmdZeKREk_YtfgAZWRYoPJvN86dJT448vab2qPq92zbwJqr4cgsDQGHklGDkw3Sf7ATAOk4Z2BokCQN6JrMKZ30DvlWNqmE1a7PFjQM_uNUi9DTeWy9jkW9O5kC1G-VdEOzaiRMmmuOtReLwXsDh4TEBaGf-jfFeH7DYaZ0A_kTvMrhXxzTtY4qTlkF7qcWzkqpJ_nEzFYQmfyzaP-AF0d0j5VovAouK2PFGo2BX5O2zE5zNQcmOvbkp4cqwA0JJFqlVTvqjMjEB86MD8YNeXtCCR6qHurG8lAf8R56W4rkOHRMh1EAxD4fyfOzD-LChaer3Vpp4OFPO01Jkrk7j5Z8JkQRk6QgHqsli9w2ipNBCYXTfQKvPUyOtcDXKcmNC2kNkV6nFJ5voEdbjzdzhMVelUh4C03ATuUb57-pg6C4ZykmslyoZ9jh-rOzFL-baPJPGDAIrodhqWXJQsofmPEhIglsZ_M7Tlxy0eZCT473vIvHmp5kdjPAvIHuYUkmBTw35VOB-JMHha82MZXVTNSRrG-dZwiBB1s9T29b-fY0qd9pSVKweWMwWrVFssXRNmD31l0vUgtXTnp5t9YO7fpTVgRFujsv6FnBdimPQprDFJ9dsQXIrRTrrL7ojJX9WfR4HAQXcBGFZ_W1lwsz2ztWfoTW84V7Rtk35yow9hGE--EQcHuVkMv0MFMaQUzsD0JM9bEIbDfuYX3xMf6fQAi_Q-SSigD8F_E42tHGiEv9yt_YypAK0SIABtO1TkpXR22-GS6l3noTEtjv7KiHUDQcyo3RVCUcdRsZykaEbGjlOiyxLKO63quGu0PNcJgsErcGryFOZjxi-NEWoDwNHgFCxrsdTCPMdQtJxf3ijDZ9-WgvmqYCrVMloWGeBP-L1aMLTl7IBJ0hOOnlEcPvvDXqhCFDwey3xZWDqEXHbNyJuDjzZzoMNss9NSAWHI-i8AICCO0mkIDnlalbFeIR2gaL7qh72Vnzonpix4qyAHG-X76VJN821X6j9TnxDPv4ij8xsblM1_KLaHfHCuTd0574PBsfBF5kleOqCei-OOknKTJvAOAmxxtuEWOTBUpEFdc
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B524 0
20 B 129ms
129ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bp-MvHBE4ZZ3bKoyFgAfSqIe4DwAAAAA4AeAEAg&bg=!fn2lfTLNAAao7_3LiO87ADQBe5WfOOuXVJfmeHvuVx20vYTTk9efbS26ui3smaEBUJxdoEMXqVk18Ggqufgo62T6mB13AgAAAMhSAAAABGgBBwoARx_07Et2DhKTifYGsSIWtmbW-mWoJa_nDzKLviKXWn-D-SJDwdp4wArMg4jwfDa1d3LDJ2Ljl6Q3X-kS8SN2kBSfbD6w7ilYmQL8f2Fh9XqhjrrhuPHu5zsuPBQOn1wBv2MqZbaMMNyFCToIWtQ7qeBqWujaWvfiqPcAEQOASUDH5qYFt9ZYVRt1F3Tddsd69RJRAhYEZCrwG_XLe4zYxt24I8Q1OYb4U0pZENyEJEFeLl-TKeN22hFzEe2Npy1IgCp3WB8-u8d57FYIf3idIpkXDrS-lhEkI4JiP91u0f2K5eLGWASlUj7CnqesCIuyFNtuDTFdJzVy-OSY_DaiSfG1LqVuBmnfELBu4MYHXRS6nLAPGdbu9nCKBuzKmOmi2z2MJeOYf4lCz-PAZATueBwIHGQ-PeU-ehmbNgQxU1hJc7GleirOEySgdoGuHo9eZyLal8NWW7nWyI3TxmVQRGmLl2FZRrJOIx6lbgtn5F3Bv10lfCltfv4-gaVBEk4YB5VuimR7tVfxCrnt-YAn_y41wtPAkSeGKn3W7TJP80LYAjQ27V5hnN3505pfSZXXhLPNN-Zl6poHZwIg2wUvmkeesf49jul3pCDx_5ihwY8QEakBhM0-jnM7CI68balP9KBsCjVdRn7aqs7DukgcKBefbv2CRiOKlj_PV2jMAskgrRxdan608XelxmxdPN2r8Cfy8yeZBmvDc4FxBQGON9SY3Izqmkt0lHyRgS-TI_uLxBFovFXyCiUsUEb8xmOdkiIPCtd7pwnPQj4_E3FhgWuTNk5mw6tY8KAx7AayO5H338YxAeXNAIMFxW8qknYitkNmaPbqH6KpBRkL6fExo9N4HLkfdjs0jmsq49fSxs1HPjwqmRe_s8Ud0y790kRrlEk2cEicGy_rZuaze5VD3mBo2b0-4cQxhuFiVlCMINCrbdzrhDSPip7gGluwzQszUN2BY80udBTIksX9m5Phk3i1-P3IudJQP9P9iypL3yQ43lAryqG7nWPKXX-li_KStUnXVMH7pGIPTc1ti77VqQTVCGU2DVQzBhe-1yogvO_qV2SMUHvpXFLQ5tnKmXMoBi57frsbI4O2K5lfQ5rdDkeOStmjqS8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 62F7 0
0 129ms
128ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231019&jk=518944053456691&bg=!fH-lfzDNAAaMkNwkrJA7ADQBe5WfOCCSPWrqQ_yYwaJ21-NaLPHou8okhUPFfV9Vg2CMSsmzCzXbCxulsEDkDPYqYN3QAgAAASJSAAAABmgBBwoARLQJrpd6JQtOnJnHgMZGjFah6WV9AajekcH2FSXXXYxALewlmnBGflzYNWc0mwr4QHyT3TZp8xPdIzttD5DsZcsXxcPOmQLj8phlX74JP9_ObV6pxQd9LEHatzG98Gv5gzPT6U4tz3RanUMPDKTpKMhutAiG6haKd3utOgkC7I3O_RIoLeOnUwrvi0kKduBL-ULmAsh3iRC2NN2mBMtwaLIPrp7Zy_N7D8hLAtWnUa4PLqGlPNhnQuqxG4E5NEQlFLlDprd428EskspCIMWJ71Ss_cc2snmHr0pO0fGgHjgCHiBxreQLoSgB_6VYXrAGXiy0Wk4SF1FDSkVuBs-0CdSmNu76D_hCle1bFoqkOUjbr6epjf-9R4wMB2H7PU-JFbZ6zw4tv3rlOxzlj4qDXYJu3jCfboLaaLbjeCVd4QV5EF0d0SgSfdim3AOG_8z3BxGajNbQcC_DMqdzcxvSPb58G8jOBpxFudT0Tk7isT7arkxAQchp5EX0bZXLqW6cEBVTcXTq1KrExFfSzqMIJ32SD-n0s6ZeAW-3lv3B-AHe6ACQmBDlQOkUskDBiKA7HIMDxrg2eO-EqmHJF88t7UcXgnQAUj5nv0lRsaTH-_XQA3kTge_6pbx8ipFViZpjoIN2V14ZE3aAcVqGG1fz4siY9l9rbPCJam2Zs0pxz_j-9WdI5T7B7fY8RPD7A_uPcYBvUxFm35KqpbL_zwPH8Z5FLmr2fHp-0uewVYIRlHExkV-_vbGo0xolahef4-JlWeL5DPo7hlNkEHpGNJXWYEPz2KDAi9OjGEnwLKMeHRfxLde6xpNjvyPYHi1CoJPgObzz4bEimoPpJSkgfGpOv8y4z5M0zyu5Krk_-OltFsdsvoRcmxfxYwSlOIyV1bsHGTVWZDMi0uph6PaXh0Ch1_HJ3UsuOCtdDKmQkoFjfcxPr5RwU47M1uSRQIpLgtYiwRab4M9s_lYAOGYM_AQOlT13S4QeEdONtXVpzPKfznup4WL73YvnB_ADI2FN1sQZgCf4An_dPoQugpCqEP99BNTPnS0-34Lz2VbZMM176PSHU9sOHiIRU3_udg
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avasdemon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H2

200

htlp Show response
futalis.de/ Frame 9769
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=61631600169924004444556012487020&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3233064893

350 B
400 B

93ms
44ms

Document
text/html

49.12.16.151
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3233064893
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=e661cfd4f4&subid=&uid=dc04f5bab0ba6f3e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvEBFHBE4ZZjHBa6ovcAPld61kASm5b2gaZ2cnKfJD_AuEAEgtNj2I2CVgoCArAfIAQmpAvAs_mHsx7E-qAMByAObBKoEjQJP0J3rCMKgVHqFuEy5SsqvscYSmGF_-PFAqrY2DrV4pTDrmqEhRfguWazSzroCv7GsrYUgQWz2-DfPJSDxUl-lTE08DLdWK_ghJozvlUGSRoTBLsOE_9FkMxcY3ycdQMv98RPU5fnmtug2pHhmU4p7Rupllb4hrP6r_HhBiV4D6__zWItVO9dCQS1nmzYo9HI5LIOZslhN4Pi_J1yXbySNVloJUTj3pYBlwyZ-hqwYLatBapGEmpeyhHLZSwD1YjKUYC-KwzptZXZW_q7IIShcdlxVnftP_NeF2oFU6kLSD4pc3uS9yKds7IGGhX3W0KKKx6jHIKYML9RybNn57BJ_qppMDyDeWng8r1lBjMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaN_J363fwUlgfWIaqMQM_ZQ18Ws0YGx0-N4rGP4I1P2jlyxyDJkuFj9MeaaVZ4JGe6Zy2yeUXrBeoiMsLJ4qw-XpwiUgsXH_YYAQ%26sig%3DAOD64_1wtqc2e9SiTt0I5-jbG4rfnB0uLA%26client%3Dca-pub-7701367955671600%26dbm_c%3DAKAmf-B0av4AwOyZr4e40amX8OwiZKrOh35Qz_WX4D3aLyY09sMD73_awIcQ1QNsY1d8vrdBQ3yiQp0NeBFOAdG8JxCgtjamG-CAWXlnwTFr478A7nw_kl7dTouHNw9LS0Yi_2MBwALPsgdfXSMouk5lSzQ6fXTkoF9d09oaDQqK9cvaf-iFonA%26cry%3D1%26dbm_d%3DAKAmf-A_WlyaZa358O-ivJvViXGvO3no0ajnBhEPCwrjw9XWSHS0X-I5NQY3fT3FIny98Lx8VGqZ8qh0_Valn0oOTN7OrezekOoPrtcb3O5uM0N5z1Rm_83tuPwnNHUOdkqybD0RXSj0RRBXhYS7OVHzzj4tYFs1tdwOmPv6dKIebq22hB3pHbqj24we7ui-IQx-R_4PuyK_Egtb1YetupY8RhII6LEcQyJV5mrDnV-kHMtV2s5nQPck92yClXOBvGkhuLEzDiMhya4qAvbEcE0iVxpcMOge1Fut2stAQ20b63PtOMXp5xmlESHbc56I2DuMD4kageZHWlGhNgE-Vd-UdPra4fWKS8F6qMJew8Q__2k57S1-ou5nq_2XObUb0cUeYCfPOVT0k4EwI-d1rkPpPYW8FF8ceD6oKa0vURXEfJUd-1Og2lH0zv9tigocSMRmu1fRqOQhGB5qomzTlyEkjpXpqvA96qBD1-KWaB8FQCjecpufnswNg6p9Z6jgJLvhaV8uPEypSodYawLrJI2o5CRiUuY04qH3937ef6gZaAYsLrnreuY%26adurl%3D&documentReferer=https%3A%2F%2Favasdemon.com%2F&ancestorOrigins=https%3A%2F%2Favasdemon.com%2Chttps%3A%2F%2Favasdemon.com&random=6799833153718&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-1.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 24 Oct 2023 18:46:53 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3233064893
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H/1.1 200
OK e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame F549 0
616 B 1187ms
1134ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=61631600169924004444556012487020&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=e661cfd4f4&subid=&uid=dc04f5bab0ba6f3e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvEBFHBE4ZZjHBa6ovcAPld61kASm5b2gaZ2cnKfJD_AuEAEgtNj2I2CVgoCArAfIAQmpAvAs_mHsx7E-qAMByAObBKoEjQJP0J3rCMKgVHqFuEy5SsqvscYSmGF_-PFAqrY2DrV4pTDrmqEhRfguWazSzroCv7GsrYUgQWz2-DfPJSDxUl-lTE08DLdWK_ghJozvlUGSRoTBLsOE_9FkMxcY3ycdQMv98RPU5fnmtug2pHhmU4p7Rupllb4hrP6r_HhBiV4D6__zWItVO9dCQS1nmzYo9HI5LIOZslhN4Pi_J1yXbySNVloJUTj3pYBlwyZ-hqwYLatBapGEmpeyhHLZSwD1YjKUYC-KwzptZXZW_q7IIShcdlxVnftP_NeF2oFU6kLSD4pc3uS9yKds7IGGhX3W0KKKx6jHIKYML9RybNn57BJ_qppMDyDeWng8r1lBjMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaN_J363fwUlgfWIaqMQM_ZQ18Ws0YGx0-N4rGP4I1P2jlyxyDJkuFj9MeaaVZ4JGe6Zy2yeUXrBeoiMsLJ4qw-XpwiUgsXH_YYAQ%26sig%3DAOD64_1wtqc2e9SiTt0I5-jbG4rfnB0uLA%26client%3Dca-pub-7701367955671600%26dbm_c%3DAKAmf-B0av4AwOyZr4e40amX8OwiZKrOh35Qz_WX4D3aLyY09sMD73_awIcQ1QNsY1d8vrdBQ3yiQp0NeBFOAdG8JxCgtjamG-CAWXlnwTFr478A7nw_kl7dTouHNw9LS0Yi_2MBwALPsgdfXSMouk5lSzQ6fXTkoF9d09oaDQqK9cvaf-iFonA%26cry%3D1%26dbm_d%3DAKAmf-A_WlyaZa358O-ivJvViXGvO3no0ajnBhEPCwrjw9XWSHS0X-I5NQY3fT3FIny98Lx8VGqZ8qh0_Valn0oOTN7OrezekOoPrtcb3O5uM0N5z1Rm_83tuPwnNHUOdkqybD0RXSj0RRBXhYS7OVHzzj4tYFs1tdwOmPv6dKIebq22hB3pHbqj24we7ui-IQx-R_4PuyK_Egtb1YetupY8RhII6LEcQyJV5mrDnV-kHMtV2s5nQPck92yClXOBvGkhuLEzDiMhya4qAvbEcE0iVxpcMOge1Fut2stAQ20b63PtOMXp5xmlESHbc56I2DuMD4kageZHWlGhNgE-Vd-UdPra4fWKS8F6qMJew8Q__2k57S1-ou5nq_2XObUb0cUeYCfPOVT0k4EwI-d1rkPpPYW8FF8ceD6oKa0vURXEfJUd-1Og2lH0zv9tigocSMRmu1fRqOQhGB5qomzTlyEkjpXpqvA96qBD1-KWaB8FQCjecpufnswNg6p9Z6jgJLvhaV8uPEypSodYawLrJI2o5CRiUuY04qH3937ef6gZaAYsLrnreuY%26adurl%3D&documentReferer=https%3A%2F%2Favasdemon.com%2F&ancestorOrigins=https%3A%2F%2Favasdemon.com%2Chttps%3A%2F%2Favasdemon.com&random=6799833153718&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"SourceEventId":"17200521800104416","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Tue, 24 Oct 2023 18:46:54 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40027
x-iplb-request-id: 50FF0ACB:A28E_91EFC182:01BB_6538111D_451BE81:1193D

GET
H/1.1 200
OK 89f7480c0afa0150827cf163f8728151
pv.medialead.de/trck/epv/ Frame D5BC 0
616 B 5106ms
4248ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=61631600169924004444556012487020&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"SourceEventId":"25200521800103636","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Tue, 24 Oct 2023 18:46:55 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: 50FF0ACB:A288_91EFC182:01BB_6538111E_45727CC:19776

GET
H2

200

activityi;dc_pre=CMecm5msj4IDFSsMogMdNCoEaQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5877783153756.009 Show response
5994599.fls.doubleclick.net/ Frame 2B59
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5877783153756.009?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMecm5msj4IDFSsMogMdNCoEaQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5877783153756.009?

391 B
326 B

60ms
59ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CMecm5msj4IDFSsMogMdNCoEaQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5877783153756.009?

Requested by

Host: avasdemon.com
URL: https://avasdemon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

ee9178afadba4a0aca57d2f763162629c247782a6b679c1edfeff1b3770be930

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 217
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 18:46:53 GMT
expires: Tue, 24 Oct 2023 18:46:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 18:46:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMecm5msj4IDFSsMogMdNCoEaQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5877783153756.009?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900020.redintelligence.net/ Frame DB08 7 KB
2 KB 44ms
23ms Document
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/request_content.php?s=61631600169924004444556012487020&a=fd30efee
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=e661cfd4f4&subid=&uid=dc04f5bab0ba6f3e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvEBFHBE4ZZjHBa6ovcAPld61kASm5b2gaZ2cnKfJD_AuEAEgtNj2I2CVgoCArAfIAQmpAvAs_mHsx7E-qAMByAObBKoEjQJP0J3rCMKgVHqFuEy5SsqvscYSmGF_-PFAqrY2DrV4pTDrmqEhRfguWazSzroCv7GsrYUgQWz2-DfPJSDxUl-lTE08DLdWK_ghJozvlUGSRoTBLsOE_9FkMxcY3ycdQMv98RPU5fnmtug2pHhmU4p7Rupllb4hrP6r_HhBiV4D6__zWItVO9dCQS1nmzYo9HI5LIOZslhN4Pi_J1yXbySNVloJUTj3pYBlwyZ-hqwYLatBapGEmpeyhHLZSwD1YjKUYC-KwzptZXZW_q7IIShcdlxVnftP_NeF2oFU6kLSD4pc3uS9yKds7IGGhX3W0KKKx6jHIKYML9RybNn57BJ_qppMDyDeWng8r1lBjMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaN_J363fwUlgfWIaqMQM_ZQ18Ws0YGx0-N4rGP4I1P2jlyxyDJkuFj9MeaaVZ4JGe6Zy2yeUXrBeoiMsLJ4qw-XpwiUgsXH_YYAQ%26sig%3DAOD64_1wtqc2e9SiTt0I5-jbG4rfnB0uLA%26client%3Dca-pub-7701367955671600%26dbm_c%3DAKAmf-B0av4AwOyZr4e40amX8OwiZKrOh35Qz_WX4D3aLyY09sMD73_awIcQ1QNsY1d8vrdBQ3yiQp0NeBFOAdG8JxCgtjamG-CAWXlnwTFr478A7nw_kl7dTouHNw9LS0Yi_2MBwALPsgdfXSMouk5lSzQ6fXTkoF9d09oaDQqK9cvaf-iFonA%26cry%3D1%26dbm_d%3DAKAmf-A_WlyaZa358O-ivJvViXGvO3no0ajnBhEPCwrjw9XWSHS0X-I5NQY3fT3FIny98Lx8VGqZ8qh0_Valn0oOTN7OrezekOoPrtcb3O5uM0N5z1Rm_83tuPwnNHUOdkqybD0RXSj0RRBXhYS7OVHzzj4tYFs1tdwOmPv6dKIebq22hB3pHbqj24we7ui-IQx-R_4PuyK_Egtb1YetupY8RhII6LEcQyJV5mrDnV-kHMtV2s5nQPck92yClXOBvGkhuLEzDiMhya4qAvbEcE0iVxpcMOge1Fut2stAQ20b63PtOMXp5xmlESHbc56I2DuMD4kageZHWlGhNgE-Vd-UdPra4fWKS8F6qMJew8Q__2k57S1-ou5nq_2XObUb0cUeYCfPOVT0k4EwI-d1rkPpPYW8FF8ceD6oKa0vURXEfJUd-1Og2lH0zv9tigocSMRmu1fRqOQhGB5qomzTlyEkjpXpqvA96qBD1-KWaB8FQCjecpufnswNg6p9Z6jgJLvhaV8uPEypSodYawLrJI2o5CRiUuY04qH3937ef6gZaAYsLrnreuY%26adurl%3D&documentReferer=https%3A%2F%2Favasdemon.com%2F&ancestorOrigins=https%3A%2F%2Favasdemon.com%2Chttps%3A%2F%2Favasdemon.com&random=6799833153718&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: 3f3f04eead8814db15a073b9e5c4e5eb1445b35a9848e9d05cb798e2b58f79bd

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2044
Content-Type: text/html; charset=utf-8
Date: Tue, 24 Oct 2023 18:46:53 GMT
Expires: Tue, 24 Oct 2023 19:46:53 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 51C6
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=61631600169924004444556012487020&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=61631600169924004444556012487020&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
632 B

1491ms
384ms

Image
image/gif

145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=61631600169924004444556012487020&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:54 GMT
strict-transport-security: max-age=15768000
attribution-reporting-register-source: {"SourceEventId":"17200521800104416","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
server: nginx
host: pv.medialead.de
x-iplb-request-id: 50FF0ACB:A28E_91EFC182:01BB_6538111E_451BF18:1193D
x-iplb-instance: 40027
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=61631600169924004444556012487020&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Tue, 24 Oct 2023 18:46:53 GMT
server: nginx
content-length: 154
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 51C6 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5445fda46ea805b9625cab44def2b6a37d85a705686b7c3754f0244d16860dd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame DB08 5 KB
1 KB 111ms
20ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=61631600169924004444556012487020&a=fd30efee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 24 Oct 2023 18:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 17:19:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 24 Oct 2023 18:46:53 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame DB08 20 KB
20 KB 305ms
268ms Image
image/png 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=61631600169924004444556012487020&a=fd30efee
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: 2b794bdede7b5fdadef95d935fdfbb1ffa0cb486337d7e895525507c6a830678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:53 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 20626
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame DB08 27 KB
27 KB 334ms
49ms Image
image/png 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=61631600169924004444556012487020&a=fd30efee
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: 9acad58d41c25d7e0886e99307acc19238fe4b165100211737e2aea6b8560882

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:53 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 27706
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame DB08 19 KB
19 KB 1052ms
16ms Image
image/png 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/50502/creativesup/Fyrst-1200x627.jpg
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=61631600169924004444556012487020&a=fd30efee
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: 9334b60b7dc233c0847890b7ee5749a3b1ac9b9b254182bb87972a0ef3e4870a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:54 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 19697
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 4AD8 5 KB
5 KB 55ms
52ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3233064892
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:53 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1592 0
0 128ms
127ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231019&jk=3214204978976800&rc=
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8C6E 0
0 168ms
167ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231019&jk=518944053456691&rc=
Requested by: Host: avasdemon.com
URL: https://avasdemon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 9769 5 KB
5 KB 36ms
35ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3233064893
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:53 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H/1.1 200
OK viewability Show response
hal900020.redintelligence.net/ Frame DB08 0
150 B 33ms
13ms Script
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/viewability?s=61631600169924004444556012487020&a=3bc82ee1&vb=m
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=61631600169924004444556012487020&a=fd30efee
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/request_content.php?s=61631600169924004444556012487020&a=fd30efee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:53 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame DB08 14 KB
15 KB 83ms
48ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900020.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 16:23:45 GMT
x-content-type-options: nosniff
age: 440588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 16:23:45 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame DB08 15 KB
15 KB 67ms
33ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900020.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:02:57 GMT
x-content-type-options: nosniff
age: 380636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Oct 2024 09:02:57 GMT

GET
H2 200 dc_pre=CMecm5msj4IDFSsMogMdNCoEaQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5877783153756.009
adservice.google.com/ddm/fls/z/ Frame 2B59 42 B
401 B 127ms
51ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMecm5msj4IDFSsMogMdNCoEaQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5877783153756.009

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMecm5msj4IDFSsMogMdNCoEaQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5877783153756.009?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Oct 2023 18:46:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK runtime-a697c5a1ae32bd7e4d42.js Show response
platform.twitter.com/_next/static/chunks/ Frame B492 4 KB
3 KB 20ms
20ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/avasdemon?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=700px&origin=https%3A%2F%2Favasdemon.com%2F&sessionId=38185cc0198bffac3982b28463eb8e0275a59b9d&showHeader=true&showReplies=false&theme=dark&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: d709d1a1a12f372cbd746fb29638bbbe4e88a256998da13c8c859a7fd6a29f6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:54 GMT
Content-Encoding: gzip
Age: 1289662
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2232
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/675D)
Etag: "4e8885e68df79c40c3a7aeda8d14bb81+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK modules.20f98d7498a59035a762.js Show response
platform.twitter.com/_next/static/chunks/ Frame B492 286 KB
94 KB 37ms
16ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/avasdemon?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=700px&origin=https%3A%2F%2Favasdemon.com%2F&sessionId=38185cc0198bffac3982b28463eb8e0275a59b9d&showHeader=true&showReplies=false&theme=dark&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: 9013a9ca40a672ee35978b117e54d8b342cb591e8951f599a2b6dfef9d9fa723

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:54 GMT
Content-Encoding: gzip
Age: 1289662
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 95842
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/6727)
Etag: "1c54378254eefb52fea75b3c31dfe51d+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK main-fd9ef5eb169057cda26d.js Show response
platform.twitter.com/_next/static/chunks/ Frame B492 90 B
684 B 64ms
15ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/main-fd9ef5eb169057cda26d.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/avasdemon?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=700px&origin=https%3A%2F%2Favasdemon.com%2F&sessionId=38185cc0198bffac3982b28463eb8e0275a59b9d&showHeader=true&showReplies=false&theme=dark&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: eefd62bfe6d0ad2f3f2b7bddb8f2c46d7c8b6ed4897e3f9309968a58dc078753

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:54 GMT
Age: 1289663
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 90
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/6796)
Etag: "1d1fa0644a94523711b2bb99a8d652bc"
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes

GET
H/1.1 200
OK _app-88bf420a57d49e33be53.js Show response
platform.twitter.com/_next/static/chunks/pages/ Frame B492 1 KB
1 KB 79ms
15ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/pages/_app-88bf420a57d49e33be53.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/avasdemon?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=700px&origin=https%3A%2F%2Favasdemon.com%2F&sessionId=38185cc0198bffac3982b28463eb8e0275a59b9d&showHeader=true&showReplies=false&theme=dark&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6752) /
Resource Hash: 729cfa84928e7a87a4a4551df25c1406da86af8f0ebd2f579460546d11722326

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:54 GMT
Content-Encoding: gzip
Age: 1289662
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=
Content-Length: 668
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/6752)
Etag: "2856f57c62c238a564ef576bbc50ca4a+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK %5BscreenName%5D-c33f0b02841cffc3e9b4.js Show response
platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/ Frame B492 13 KB
2 KB 95ms
15ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c33f0b02841cffc3e9b4.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/avasdemon?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=700px&origin=https%3A%2F%2Favasdemon.com%2F&sessionId=38185cc0198bffac3982b28463eb8e0275a59b9d&showHeader=true&showReplies=false&theme=dark&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D4) /
Resource Hash: bd18e405cbfb6fb5c27224b38e792c8b6542d9b7eae37aa5883808b69392dcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:54 GMT
Content-Encoding: gzip
Age: 1289662
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 1290
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/67D4)
Etag: "e78034c651c8a81b2acd83dc7e7ad407+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK _buildManifest.js Show response
platform.twitter.com/_next/static/pc7SXdI2p34p0Y95uXWdA/ Frame B492 1 KB
1 KB 105ms
12ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/pc7SXdI2p34p0Y95uXWdA/_buildManifest.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/avasdemon?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=700px&origin=https%3A%2F%2Favasdemon.com%2F&sessionId=38185cc0198bffac3982b28463eb8e0275a59b9d&showHeader=true&showReplies=false&theme=dark&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668B) /
Resource Hash: 7a4a63c52bdfab0ab459b1b77dad4a4ce4e1f7dfdfdba0b2013ba32f0690e15f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:54 GMT
Content-Encoding: gzip
Age: 1289662
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 451
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/668B)
Etag: "bd9a3afe8a64146469f036be13628170+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK _ssgManifest.js Show response
platform.twitter.com/_next/static/pc7SXdI2p34p0Y95uXWdA/ Frame B492 76 B
670 B 87ms
12ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/pc7SXdI2p34p0Y95uXWdA/_ssgManifest.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/avasdemon?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=700px&origin=https%3A%2F%2Favasdemon.com%2F&sessionId=38185cc0198bffac3982b28463eb8e0275a59b9d&showHeader=true&showReplies=false&theme=dark&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: 653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:54 GMT
Age: 1289663
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 76
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/6760)
Etag: "abee47769bf307639ace4945f9cfd4ff"
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes

GET
H/1.1 200
OK 2.691622e4391d1973cb65.js Show response
platform.twitter.com/_next/static/chunks/ Frame B492 23 KB
8 KB 11ms
11ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: 2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:54 GMT
Content-Encoding: gzip
Age: 1289662
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 7674
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/669E)
Etag: "942b5b928a24465d1906b4716131d896+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 16.f331e94703acc65738d5.js Show response
platform.twitter.com/_next/static/chunks/ Frame B492 38 KB
12 KB 12ms
12ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/16.f331e94703acc65738d5.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BE) /
Resource Hash: 3effab7013cf9a1b25fc76975f042ec2caef2a7726c8de4c3de934f3de4d4adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:54 GMT
Content-Encoding: gzip
Age: 1289663
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 12161
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/67BE)
Etag: "5c87233703fee60cd3de98c5812d90de+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 0.9098e7e4385bbbc1cefe.js Show response
platform.twitter.com/_next/static/chunks/ Frame B492 246 KB
77 KB 17ms
16ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/0.9098e7e4385bbbc1cefe.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: 5a8495469faaa41a4ffd046646ab9ac451effad6b9609eb870c758ae138a4dd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:54 GMT
Content-Encoding: gzip
Age: 1289662
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 77945
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/6712)
Etag: "7d7fd30a3c04f91bb6e42719e657c333+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 4.1579d566fe7ef23f99dd.js Show response
platform.twitter.com/_next/static/chunks/ Frame B492 234 KB
63 KB 13ms
12ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/4.1579d566fe7ef23f99dd.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D5) /
Resource Hash: 9562e67b97f96f4f008179b61f9fcc006620c32307cec3ad9fe2e6d0b58378e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:54 GMT
Content-Encoding: gzip
Age: 1289662
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 63766
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/67D5)
Etag: "b19ad66a33044952a2778e4e1de5b11f+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 1.2a1457a8c568f1533384.js Show response
platform.twitter.com/_next/static/chunks/ Frame B492 163 KB
49 KB 47ms
19ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/1.2a1457a8c568f1533384.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: 6e4c7f45987f5b5e2e4a0addcd924e736312fd3b2c42f7bcd41feb242fcf721e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:54 GMT
Content-Encoding: gzip
Age: 1289662
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 49719
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/6711)
Etag: "207cde851cb385975ed7fa54f14a46d9+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 3.623849758c2a16a878a7.js Show response
platform.twitter.com/_next/static/chunks/ Frame B492 654 KB
161 KB 53ms
16ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/3.623849758c2a16a878a7.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C1) /
Resource Hash: a66da3004ab7904cb4abc086d932fde6720e5db5ae6acc974e48fa3b16d69ab0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:54 GMT
Content-Encoding: gzip
Age: 1289662
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 164147
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/67C1)
Etag: "618712ac658424673c59e506a6c7d1d8+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 6.902e7a204f7eea980629.js Show response
platform.twitter.com/_next/static/chunks/ Frame B492 2 KB
2 KB 65ms
12ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/6.902e7a204f7eea980629.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: 713a5085778002ac882de664c065bc7a55a26c6091d12c39a038bac7b70dcf45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:54 GMT
Content-Encoding: gzip
Age: 1289662
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 1276
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/674C)
Etag: "0e9ca787dfdcbf5ffeb7df678ec8f6df+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK ondemand.Dropdown.0890ced0fe3b29a4c947.js Show response
platform.twitter.com/_next/static/chunks/ Frame B492 7 KB
3 KB 16ms
15ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/ondemand.Dropdown.0890ced0fe3b29a4c947.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67DF) /
Resource Hash: 1c0486acafe63a074adbd08ecc9cad99ee106f3701e2b93c2a75533774f7faba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:54 GMT
Content-Encoding: gzip
Age: 1289663
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2822
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/67DF)
Etag: "ee85bb78f0eb1080fd5fc8c4d4cddbb8+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK vendors~loaders.card.DefaultCard.6ebd84b26b4a019a7168.js Show response
platform.twitter.com/_next/static/chunks/ Frame B492 246 KB
75 KB 13ms
13ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/vendors~loaders.card.DefaultCard.6ebd84b26b4a019a7168.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6752) /
Resource Hash: 6552ceeb4617a68a81aaf70e3632d417781e9467f7005995133b31763ae18c26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:55 GMT
Content-Encoding: gzip
Age: 1289663
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=
Content-Length: 76009
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/6752)
Etag: "d888d5b76baa81c2f6a36576c7b8da21+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK loaders.card.DefaultCard.262cfc15a0e5197fca17.js Show response
platform.twitter.com/_next/static/chunks/ Frame B492 281 KB
65 KB 11ms
10ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/loaders.card.DefaultCard.262cfc15a0e5197fca17.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674B) /
Resource Hash: 06907a1cc098815c5df9e01d4b29e9f16950e22d9d416b5743eae215615f8bc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:55 GMT
Content-Encoding: gzip
Age: 1289663
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 66098
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/674B)
Etag: "b880a487058007b698c90d1f939cf426+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 1f499.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 368 B
429 B 2245ms
15ms Image
image/svg+xml 104.244.43.131

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f499.svg

Requested by

Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/avasdemon?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=700px&origin=https%3A%2F%2Favasdemon.com%2F&sessionId=38185cc0198bffac3982b28463eb8e0275a59b9d&showHeader=true&showReplies=false&theme=dark&transparent=false&widgetsVersion=01917f4d1d4cb%3A1696883169554

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 -, , ASN (),

Reverse DNS

Software

Resource Hash

44cb18486c627b7e38f3d6fd9bb5c3609ef8193d66046933230ec104420bf314

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 24 Oct 2023 18:46:58 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 269
x-served-by: cache-fty21369-FTY, cache-fra-eddf8230058-FRA
last-modified: Wed, 21 Feb 2018 22:31:04 GMT
etag: "43yYXt2ga31fRVm8g4wb3g=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: 94b8a54c2b12dd13
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 25 Jul 2024 20:40:35 GMT

GET
H2 200 2728.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 1 KB
670 B 2247ms
17ms Image
image/svg+xml 104.244.43.131

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/2728.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 -, , ASN (),

Reverse DNS

Software

Resource Hash

9271962e9fc8257ce9e008bde83ac1408a2f196db6142548769f290873b70b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 24 Oct 2023 18:46:58 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 508
x-served-by: cache-fty21363-FTY, cache-fra-eddf8230058-FRA
last-modified: Wed, 21 Feb 2018 22:32:28 GMT
etag: "6CCjBscyuQUVmJ2tqZlalw=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: 0ade6d940ee54937
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 25 Jul 2024 20:55:37 GMT

GET
H2 200 1f438.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 800 B
799 B 2244ms
14ms Image
image/svg+xml 104.244.43.131

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f438.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 -, , ASN (),

Reverse DNS

Software

Resource Hash

82f93e8eec264c4c0f1c932e61b80735904d8f853cbfabd80965576deb827d41

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 24 Oct 2023 18:46:58 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 398
x-served-by: cache-fty21383-FTY, cache-fra-eddf8230058-FRA
last-modified: Thu, 16 Apr 2020 18:04:38 GMT
etag: "aK8Gu6yfSDDQj6R08gH5Kw=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: d9bcd3984b08e624
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 14 Aug 2024 10:21:42 GMT

GET
H2 200 1f3f5.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 2 KB
1 KB 2246ms
16ms Image
image/svg+xml 104.244.43.131

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f3f5.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 -, , ASN (),

Reverse DNS

Software

Resource Hash

453deb09c84abd4df63c8cb9ac393e79062fcf0dd9ab61919d12eb034ccf647e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 24 Oct 2023 18:46:58 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1053
x-served-by: cache-fty21331-FTY, cache-fra-eddf8230058-FRA
last-modified: Fri, 13 Sep 2019 20:58:22 GMT
etag: "k29xJfz0BaXRi9hLC1L0ew=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: a6cf6c856a2d2624
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 12 Sep 2024 06:53:15 GMT

GET
H2 200 1f90d.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 368 B
395 B 2246ms
17ms Image
image/svg+xml 104.244.43.131

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f90d.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 -, , ASN (),

Reverse DNS

Software

Resource Hash

51a00ee7247f707d292238195dee7683340b034c7843a9e6297d395bda0ee941

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 24 Oct 2023 18:46:58 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 268
x-served-by: cache-fty21383-FTY, cache-fra-eddf8230058-FRA
last-modified: Thu, 28 Mar 2019 18:40:27 GMT
etag: "de80j0/Qc6DuI3WE+jUOpg=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: 1ed55b93a2195ac3
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 25 Jul 2024 20:45:57 GMT

GET
H2 200 1f33b.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 1 KB
1 KB 2247ms
18ms Image
image/svg+xml 104.244.43.131

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f33b.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 -, , ASN (),

Reverse DNS

Software

Resource Hash

a8fc55b2149272c096cde2ed6c1481e7a2b6c8d20ae7657bf39c6f4117dd2f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 24 Oct 2023 18:46:58 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 727
x-served-by: cache-fty21328-FTY, cache-fra-eddf8230058-FRA
last-modified: Wed, 21 Feb 2018 22:30:49 GMT
etag: "uBJshXqsrx1yJvpVBbX1yw=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: b7bfb3e2b4323558
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 25 Jul 2024 20:30:07 GMT

GET 1f578.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f370.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f31f.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 269c.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f48e.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f41b.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1fae7.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f33f.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f98b.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 2604.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f47d.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f4ab.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f49b.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f49c.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f5a4.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f339.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f337.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f33c.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1fa90.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f315.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f498.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f352.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f34b.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 2651.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f340.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f469-200d-1f680.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f338.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f407.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f53a.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f53b.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f308.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 2764.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f483.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f485.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f47b.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f440.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f44c.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f60d.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f495.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f4d5.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f531.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f525.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET 1f3b6.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B492 0
0

GET
H/1.1 200
OK vendors~ondemand.LottieWeb.d0dde7eb339d57b45e0d.js
platform.twitter.com/_next/static/chunks/ Frame B492 148 KB
42 KB 1947ms
1947ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.d0dde7eb339d57b45e0d.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E2) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 18:46:58 GMT
Content-Encoding: gzip
Age: 1289666
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 41941
Last-Modified: Wed, 13 Sep 2023 20:30:36 GMT
Server: ECS (frb/67E2)
Etag: "5e006b62c5bde14eb6fa194e2cee465c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 like.4.json
abs.twimg.com/sticky/animations/ Frame B492 0
0 1996ms
20ms Fetch
application/json 2606:2800:233:8173:898f:63b3:95c3:79d2

General

Check archive.org

Show headers Download Go to

Full URL

https://abs.twimg.com/sticky/animations/like.4.json

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/3.623849758c2a16a878a7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 -, , ASN (),

Reverse DNS

Software

ECAcc (frc/4C86) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
age: 352539
x-ton-expected-size: 24292
x-cache: HIT
content-length: 1897
x-response-time: 8
surrogate-key: twitter-assets
last-modified: Mon, 24 Jul 2023 17:39:20 GMT
server: ECAcc (frc/4C86)
etag: "YKYmOkwIx9KztN7bQT7x8g=="
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-transaction-id: 1407c36aaa6fab61
perf: 7626143928
x-connection-hash: 0d11d6b99e51647aff1c037fd3d045d6ea814270b50b0300a8268ab697296c62
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 23 Oct 2024 18:46:58 GMT

GET
H2 200 DUz256YV4AIBjVI.jpg
pbs.twimg.com/tweet_video_thumb/ Frame B492 16 KB
0 1881ms
18ms Image
image/jpeg 192.229.233.50

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/DUz256YV4AIBjVI.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 -, , ASN (),

Reverse DNS

Software

ECS (frb/6713) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:58 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 552649
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 64157
x-response-time: 115
surrogate-key: tweet_video_thumb tweet_video_thumb/bucket/9 tweet_video_thumb/958412295507402754
last-modified: Tue, 30 Jan 2018 18:49:12 GMT
server: ECS (frb/6713)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 8fa95d7a091016f1
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 5e744947cd7e45b00b096a8c55ca56669126deca7e156f0023824e822b7e5f58
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET Dfl3OSHW0A0bh9K.jpg
pbs.twimg.com/tweet_video_thumb/ Frame B492 0
0

GET
H2 200 DgUeZWIX4AE5xww.jpg
pbs.twimg.com/tweet_video_thumb/ Frame B492 16 KB
0 1880ms
17ms Image
image/jpeg 192.229.233.50

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/DgUeZWIX4AE5xww.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 -, , ASN (),

Reverse DNS

Software

ECS (frb/6712) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:46:58 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 552649
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 84048
x-response-time: 115
surrogate-key: tweet_video_thumb tweet_video_thumb/bucket/0 tweet_video_thumb/1010247112200806401
last-modified: Fri, 22 Jun 2018 19:42:15 GMT
server: ECS (frb/6712)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 3077f426222c41c0
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: c13f5c18177156b5a5e2b93935c3af2bdc1b5cfe2842ea98cb11b463c012af78
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET DY7gXDdVwAA1Hz5.jpg
pbs.twimg.com/tweet_video_thumb/ Frame B492 0
0

GET CqgDXm0XgAI9WNs.jpg
pbs.twimg.com/tweet_video_thumb/ Frame B492 0
0

GET CsWImo-WAAQYO_j.jpg
pbs.twimg.com/tweet_video_thumb/ Frame B492 0
0

GET jot
syndication.twitter.com/i/ Frame B492 0
0

GET QtynSbTU_normal.jpg
pbs.twimg.com/profile_images/1653256454420447232/ Frame B492 0
0

GET FHMu73JUYAEvA7r
pbs.twimg.com/media/ Frame B492 0
0

GET Evb8nRCXUAMuOvV
pbs.twimg.com/media/ Frame B492 0
0

GET FWdt-WsVEAAi3VJ
pbs.twimg.com/media/ Frame B492 0
0

GET FbdruENagAAmZLB
pbs.twimg.com/media/ Frame B492 0
0

GET Fbdr9qDagAAPcN7
pbs.twimg.com/media/ Frame B492 0
0

GET FbdsikWaIAAPe1F
pbs.twimg.com/media/ Frame B492 0
0

GET Eaw3BiyWoAAic-J
pbs.twimg.com/media/ Frame B492 0
0

GET Fg__GFgagAATeT6
pbs.twimg.com/media/ Frame B492 0
0

GET Fg__HIYaYAIJUlk
pbs.twimg.com/media/ Frame B492 0
0

GET Fg__r-vaEAAqaLW
pbs.twimg.com/media/ Frame B492 0
0

GET Fg__3FRaUAEgUPr
pbs.twimg.com/media/ Frame B492 0
0

GET DlE_S2-U4AAznnO
pbs.twimg.com/media/ Frame B492 0
0

GET DlE_S3fUcAAGuOW
pbs.twimg.com/media/ Frame B492 0
0

GET DlE_V6lUUAA7ckN
pbs.twimg.com/media/ Frame B492 0
0

GET DlE_WmzUYAAy5AO
pbs.twimg.com/media/ Frame B492 0
0

GET EaIFhRyWoAEH1rq
pbs.twimg.com/media/ Frame B492 0
0

GET FgJASDRaUAAqd3o
pbs.twimg.com/media/ Frame B492 0
0

GET FYKQ2HaUcAEXjgY
pbs.twimg.com/media/ Frame B492 0
0

GET DV4KOgNUMAAEUv7
pbs.twimg.com/media/ Frame B492 0
0

GET DV4KOgYUQAAqg29
pbs.twimg.com/media/ Frame B492 0
0

GET DV4KoIuV4AAte5H
pbs.twimg.com/media/ Frame B492 0
0

GET DV4Kry_VwAA7XrU
pbs.twimg.com/media/ Frame B492 0
0

GET D-0uVXwWsAAdcEy
pbs.twimg.com/media/ Frame B492 0
0

GET FVlOuEpVEAAqOUC
pbs.twimg.com/media/ Frame B492 0
0

GET DQ3rfuxUMAA2B_C
pbs.twimg.com/media/ Frame B492 0
0

GET EYg1y33WsAU-IsK
pbs.twimg.com/media/ Frame B492 0
0

GET EvlkaOOXIAgOw0M
pbs.twimg.com/media/ Frame B492 0
0

GET EGtRFs4WoAAo3qD
pbs.twimg.com/media/ Frame B492 0
0

GET DkCWzPHWwAA8oOk
pbs.twimg.com/media/ Frame B492 0
0

GET DkCWzwsX0AALouF
pbs.twimg.com/media/ Frame B492 0
0

GET DkCW0UIWwAEcfc2
pbs.twimg.com/media/ Frame B492 0
0

GET DkCW0znX0AA7iGL
pbs.twimg.com/media/ Frame B492 0
0

GET D7_X734W4AIj-ps
pbs.twimg.com/media/ Frame B492 0
0

GET FvPdJxpaAAEo_-n
pbs.twimg.com/media/ Frame B492 0
0

GET EcIB3AsWkAAhred
pbs.twimg.com/media/ Frame B492 0
0

GET FbdNMLIagAABAZP
pbs.twimg.com/media/ Frame B492 0
0

GET D6TVTXFXsAI10VM
pbs.twimg.com/media/ Frame B492 0
0

GET FXWszYDVUAAiE9C
pbs.twimg.com/media/ Frame B492 0
0

GET FXDGY4aUcAAU6gF
pbs.twimg.com/media/ Frame B492 0
0

GET Ffsjg8QaEAIbPPO
pbs.twimg.com/media/ Frame B492 0
0

GET DTxav74VMAIZnlc
pbs.twimg.com/media/ Frame B492 0
0

GET DTxav77U0AASbK0
pbs.twimg.com/media/ Frame B492 0
0

GET FUIUnvHUsAAjTL8
pbs.twimg.com/media/ Frame B492 0
0

GET Eh9YL0sWoAEBUzI
pbs.twimg.com/media/ Frame B492 0
0

GET Eh9YL07XgAA83T_
pbs.twimg.com/media/ Frame B492 0
0

GET Dek4atJUwAETi-b
pbs.twimg.com/media/ Frame B492 0
0

GET EHLvrqYWoAAR7Bs
pbs.twimg.com/media/ Frame B492 0
0

GET EHLvrqZXYAM-Vm0
pbs.twimg.com/media/ Frame B492 0
0

GET EHLvrqqX0AAZJTL
pbs.twimg.com/media/ Frame B492 0
0

GET EHLvrqYXUAMByAk
pbs.twimg.com/media/ Frame B492 0
0

GET DGuZJs_VwAAgDWN
pbs.twimg.com/media/ Frame B492 0
0

GET DGuZJs9VwAAITpY
pbs.twimg.com/media/ Frame B492 0
0

GET DGuZOj9V0AAA_EP
pbs.twimg.com/media/ Frame B492 0
0

GET DGuZfqBV0AAYBuI
pbs.twimg.com/media/ Frame B492 0
0

GET DQDKvMqVQAAWeVx
pbs.twimg.com/media/ Frame B492 0
0

GET CuGtYkkXYAAmHkU
pbs.twimg.com/media/ Frame B492 0
0

GET DZps0_jVwAANU8V
pbs.twimg.com/media/ Frame B492 0
0

GET FVZc30bUEAEzeNG
pbs.twimg.com/media/ Frame B492 0
0

GET EcXiAOVXkAQ4xI5
pbs.twimg.com/media/ Frame B492 0
0

GET FXlrCNWaQAAHkDh
pbs.twimg.com/media/ Frame B492 0
0

GET Dfith9nXcAUEqmZ
pbs.twimg.com/media/ Frame B492 0
0

GET EjSN3vpWoAAvjND
pbs.twimg.com/media/ Frame B492 0
0

GET EjSN3v3XYAUnHLz
pbs.twimg.com/media/ Frame B492 0
0

GET EjSN3wEWsAInQNp
pbs.twimg.com/media/ Frame B492 0
0

GET EjSN3wOX0AIjUri
pbs.twimg.com/media/ Frame B492 0
0

GET EOwvNOEXUAAdpxr
pbs.twimg.com/media/ Frame B492 0
0

GET EOwvNOCX0AYkyKr
pbs.twimg.com/media/ Frame B492 0
0

GET FDtdyD9VEAI5tAo
pbs.twimg.com/media/ Frame B492 0
0

GET D0MMxLcX0AE7clI
pbs.twimg.com/media/ Frame B492 0
0

GET D2swrD1XcAADqz_
pbs.twimg.com/media/ Frame B492 0
0

GET DLkchTJVoAAlA1L
pbs.twimg.com/media/ Frame B492 0
0

GET DWGp1nEU0AEjfKS
pbs.twimg.com/media/ Frame B492 0
0

GET E9mtz7bUcAU2iwK
pbs.twimg.com/media/ Frame B492 0
0

GET EObwAlYXUAIj5yi
pbs.twimg.com/media/ Frame B492 0
0

GET EYeigPiWkAEjxrh
pbs.twimg.com/media/ Frame B492 0
0

GET EcbKN1BXYAM5Grh
pbs.twimg.com/media/ Frame B492 0
0

GET Ekfu4uNXgAA_tFz
pbs.twimg.com/media/ Frame B492 0
0

GET Dad4dwRXkAAlKp4
pbs.twimg.com/media/ Frame B492 0
0

GET EHrHQVPXYAgIGeM
pbs.twimg.com/media/ Frame B492 0
0

GET EgXMpAAWsAEjLnT
pbs.twimg.com/media/ Frame B492 0
0

GET DbRgvheWAAE2qQp
pbs.twimg.com/media/ Frame B492 0
0

GET Da4ao6KUMAA759o
pbs.twimg.com/media/ Frame B492 0
0

GET Da4ao6IU0AAzB2e
pbs.twimg.com/media/ Frame B492 0
0

GET EC6IEBuXkAAtvpF
pbs.twimg.com/media/ Frame B492 0
0

GET E_XbfHqXEAIMYus
pbs.twimg.com/media/ Frame B492 0
0

GET DVnuLKKVQAE6lUr
pbs.twimg.com/media/ Frame B492 0
0

GET DVnuLLbVAAAEuVy
pbs.twimg.com/media/ Frame B492 0
0

GET DVnuLKJVoAEOdBV
pbs.twimg.com/media/ Frame B492 0
0

GET DVnuLKMVQAANSCA
pbs.twimg.com/media/ Frame B492 0
0

GET EP0VY8LX4AAViZQ
pbs.twimg.com/media/ Frame B492 0
0

GET DlOsBYoVsAA2oee
pbs.twimg.com/media/ Frame B492 0
0

GET DlOsEjnV4AAtin9
pbs.twimg.com/media/ Frame B492 0
0

GET DlOsEjvU8AE98Cj
pbs.twimg.com/media/ Frame B492 0
0

GET DlOsEjqVAAADeu4
pbs.twimg.com/media/ Frame B492 0
0

GET DQ8z9yfVwAAa_vo
pbs.twimg.com/media/ Frame B492 0
0

GET C33LRBbWcAAHNpG
pbs.twimg.com/media/ Frame B492 0
0

GET FvGI9_uaAAUeTQj
pbs.twimg.com/media/ Frame B492 0
0

GET DSPIUoCUQAAtIMf
pbs.twimg.com/media/ Frame B492 0
0

GET EYlv0eVWAAA-J3f
pbs.twimg.com/media/ Frame B492 0
0

GET C3wr3SzVMAAQna8
pbs.twimg.com/media/ Frame B492 0
0

GET Eue8Oa4XcAQUCF-
pbs.twimg.com/media/ Frame B492 0
0

GET C5X7dDPWYAAHemM
pbs.twimg.com/media/ Frame B492 0
0

GET C5X7ksdUMAAFQtu
pbs.twimg.com/media/ Frame B492 0
0

GET C5X7oB3UYAAIyNO
pbs.twimg.com/media/ Frame B492 0
0

GET C5X7xVPUcAA_7yx
pbs.twimg.com/media/ Frame B492 0
0

GET EMMDE10WoAE10I0
pbs.twimg.com/media/ Frame B492 0
0

GET FbhBIu6aUAAh4LI
pbs.twimg.com/media/ Frame B492 0
0

GET FbhBIu6acAA77EK
pbs.twimg.com/media/ Frame B492 0
0

GET DjxZWX7XcAA6mYM
pbs.twimg.com/media/ Frame B492 0
0

GET DRc6VfWVAAAbJWh
pbs.twimg.com/media/ Frame B492 0
0

GET FvpqU5naMAIFAP0
pbs.twimg.com/media/ Frame B492 0
0

GET FvpqU5naEAA9agw
pbs.twimg.com/media/ Frame B492 0
0

GET FvpqfQXaYAAd2-C
pbs.twimg.com/media/ Frame B492 0
0

GET DEQlSooUQAAyhdX
pbs.twimg.com/media/ Frame B492 0
0

GET DigzrDoUYAAIwkR
pbs.twimg.com/media/ Frame B492 0
0

GET DigzsvcUYAUXHE_
pbs.twimg.com/media/ Frame B492 0
0

GET DigzswCUYAAnDf4
pbs.twimg.com/media/ Frame B492 0
0

GET DigzswMVMAEaE-i
pbs.twimg.com/media/ Frame B492 0
0

GET FdDNC7JaIAAepSw
pbs.twimg.com/media/ Frame B492 0
0

GET FdDNbVvaIAE6mHp
pbs.twimg.com/media/ Frame B492 0
0

GET FdDNcToaMAAmy70
pbs.twimg.com/media/ Frame B492 0
0

GET CPOkcP4UYAAjeRq
pbs.twimg.com/media/ Frame B492 0
0

GET Dd-x8ArV0AEEaA6
pbs.twimg.com/media/ Frame B492 0
0

GET FfnkMlCaMAE2VUG
pbs.twimg.com/media/ Frame B492 0
0

GET Ddg0DLMV0AARBHy
pbs.twimg.com/media/ Frame B492 0
0

GET Ddg0DuYVwAAUd3y
pbs.twimg.com/media/ Frame B492 0
0

GET Ddg0EKtVAAEbIgr
pbs.twimg.com/media/ Frame B492 0
0

GET Ddg0ElJVAAI-GJH
pbs.twimg.com/media/ Frame B492 0
0

GET DiBt1sEW0AAzglX
pbs.twimg.com/media/ Frame B492 0
0

GET DcTty5nU0AA9nYC
pbs.twimg.com/media/ Frame B492 0
0

GET EhkKbvmWsAACyVQ
pbs.twimg.com/media/ Frame B492 0
0

GET EIZMO7OXUAMwG0e
pbs.twimg.com/media/ Frame B492 0
0

GET EIZMO7PXYAA7jhJ
pbs.twimg.com/media/ Frame B492 0
0

GET EIZMO7NWsAEbGu8
pbs.twimg.com/media/ Frame B492 0
0

GET DXzI36JVwAA5ENG
pbs.twimg.com/media/ Frame B492 0
0

GET E9hwWqsVkAgksrh
pbs.twimg.com/media/ Frame B492 0
0

GET FgAM60aUcAEc2Ej
pbs.twimg.com/media/ Frame B492 0
0

GET FVOutWNVIAA0FKZ
pbs.twimg.com/media/ Frame B492 0
0

GET ENYtn5ZUUAA-4O7
pbs.twimg.com/media/ Frame B492 0
0

GET ENYtn5ZVAAAXuSY
pbs.twimg.com/media/ Frame B492 0
0

GET DbLkHEeU0AA9fdQ
pbs.twimg.com/media/ Frame B492 0
0

GET DbLkHEgUMAANkRk
pbs.twimg.com/media/ Frame B492 0
0

GET DzoPpUEWkAApii3
pbs.twimg.com/media/ Frame B492 0
0

GET DzoPqPYX4AAXxjT
pbs.twimg.com/media/ Frame B492 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f578.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f370.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f31f.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/269c.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f48e.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f41b.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1fae7.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f33f.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f98b.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/2604.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f47d.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f4ab.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f49b.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f49c.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f5a4.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f339.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f337.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f33c.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1fa90.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f315.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f498.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f352.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f34b.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/2651.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f340.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f469-200d-1f680.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f338.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f407.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f53a.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f53b.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f308.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/2764.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f483.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f485.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f47b.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f440.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f44c.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f60d.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f495.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f4d5.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f531.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f525.svg

Domain: abs-0.twimg.com
URL: https://abs-0.twimg.com/emoji/v2/svg/1f3b6.svg

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/tweet_video_thumb/Dfl3OSHW0A0bh9K.jpg

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/tweet_video_thumb/DY7gXDdVwAA1Hz5.jpg

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/tweet_video_thumb/CqgDXm0XgAI9WNs.jpg

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/tweet_video_thumb/CsWImo-WAAQYO_j.jpg

Domain: syndication.twitter.com
URL: https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1698173216461%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2201917f4d1d4cb%3A1696883169554%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Favasdemon.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22d2b21d1%3A1693532938118%22%2C%22widget_data_source%22%3A%22screen-name%3Aavasdemon%22%7D&dnt=1&session_id=38185cc0198bffac3982b28463eb8e0275a59b9d

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/profile_images/1653256454420447232/QtynSbTU_normal.jpg

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FHMu73JUYAEvA7r?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/Evb8nRCXUAMuOvV?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FWdt-WsVEAAi3VJ?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FbdruENagAAmZLB?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/Fbdr9qDagAAPcN7?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FbdsikWaIAAPe1F?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/Eaw3BiyWoAAic-J?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/Fg__GFgagAATeT6?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/Fg__HIYaYAIJUlk?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/Fg__r-vaEAAqaLW?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/Fg__3FRaUAEgUPr?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DlE_S2-U4AAznnO?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DlE_S3fUcAAGuOW?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DlE_V6lUUAA7ckN?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DlE_WmzUYAAy5AO?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EaIFhRyWoAEH1rq?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FgJASDRaUAAqd3o?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FYKQ2HaUcAEXjgY?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DV4KOgNUMAAEUv7?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DV4KOgYUQAAqg29?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DV4KoIuV4AAte5H?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DV4Kry_VwAA7XrU?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/D-0uVXwWsAAdcEy?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FVlOuEpVEAAqOUC?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DQ3rfuxUMAA2B_C?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EYg1y33WsAU-IsK?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EvlkaOOXIAgOw0M?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EGtRFs4WoAAo3qD?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DkCWzPHWwAA8oOk?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DkCWzwsX0AALouF?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DkCW0UIWwAEcfc2?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DkCW0znX0AA7iGL?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/D7_X734W4AIj-ps?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FvPdJxpaAAEo_-n?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EcIB3AsWkAAhred?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FbdNMLIagAABAZP?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/D6TVTXFXsAI10VM?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FXWszYDVUAAiE9C?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FXDGY4aUcAAU6gF?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/Ffsjg8QaEAIbPPO?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DTxav74VMAIZnlc?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DTxav77U0AASbK0?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FUIUnvHUsAAjTL8?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/Eh9YL0sWoAEBUzI?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/Eh9YL07XgAA83T_?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/Dek4atJUwAETi-b?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EHLvrqYWoAAR7Bs?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EHLvrqZXYAM-Vm0?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EHLvrqqX0AAZJTL?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EHLvrqYXUAMByAk?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DGuZJs_VwAAgDWN?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DGuZJs9VwAAITpY?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DGuZOj9V0AAA_EP?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DGuZfqBV0AAYBuI?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DQDKvMqVQAAWeVx?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/CuGtYkkXYAAmHkU?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DZps0_jVwAANU8V?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FVZc30bUEAEzeNG?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EcXiAOVXkAQ4xI5?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FXlrCNWaQAAHkDh?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/Dfith9nXcAUEqmZ?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EjSN3vpWoAAvjND?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EjSN3v3XYAUnHLz?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EjSN3wEWsAInQNp?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EjSN3wOX0AIjUri?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EOwvNOEXUAAdpxr?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EOwvNOCX0AYkyKr?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FDtdyD9VEAI5tAo?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/D0MMxLcX0AE7clI?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/D2swrD1XcAADqz_?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DLkchTJVoAAlA1L?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DWGp1nEU0AEjfKS?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/E9mtz7bUcAU2iwK?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EObwAlYXUAIj5yi?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EYeigPiWkAEjxrh?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EcbKN1BXYAM5Grh?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/Ekfu4uNXgAA_tFz?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/Dad4dwRXkAAlKp4?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EHrHQVPXYAgIGeM?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EgXMpAAWsAEjLnT?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DbRgvheWAAE2qQp?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/Da4ao6KUMAA759o?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/Da4ao6IU0AAzB2e?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EC6IEBuXkAAtvpF?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/E_XbfHqXEAIMYus?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DVnuLKKVQAE6lUr?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DVnuLLbVAAAEuVy?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DVnuLKJVoAEOdBV?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DVnuLKMVQAANSCA?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EP0VY8LX4AAViZQ?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DlOsBYoVsAA2oee?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DlOsEjnV4AAtin9?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DlOsEjvU8AE98Cj?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DlOsEjqVAAADeu4?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DQ8z9yfVwAAa_vo?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/C33LRBbWcAAHNpG?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FvGI9_uaAAUeTQj?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DSPIUoCUQAAtIMf?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EYlv0eVWAAA-J3f?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/C3wr3SzVMAAQna8?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/Eue8Oa4XcAQUCF-?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/C5X7dDPWYAAHemM?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/C5X7ksdUMAAFQtu?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/C5X7oB3UYAAIyNO?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/C5X7xVPUcAA_7yx?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EMMDE10WoAE10I0?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FbhBIu6aUAAh4LI?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FbhBIu6acAA77EK?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DjxZWX7XcAA6mYM?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DRc6VfWVAAAbJWh?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FvpqU5naMAIFAP0?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FvpqU5naEAA9agw?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FvpqfQXaYAAd2-C?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DEQlSooUQAAyhdX?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DigzrDoUYAAIwkR?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DigzsvcUYAUXHE_?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DigzswCUYAAnDf4?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DigzswMVMAEaE-i?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FdDNC7JaIAAepSw?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FdDNbVvaIAE6mHp?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FdDNcToaMAAmy70?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/CPOkcP4UYAAjeRq?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/Dd-x8ArV0AEEaA6?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FfnkMlCaMAE2VUG?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/Ddg0DLMV0AARBHy?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/Ddg0DuYVwAAUd3y?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/Ddg0EKtVAAEbIgr?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/Ddg0ElJVAAI-GJH?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DiBt1sEW0AAzglX?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DcTty5nU0AA9nYC?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EhkKbvmWsAACyVQ?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EIZMO7OXUAMwG0e?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EIZMO7PXYAA7jhJ?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/EIZMO7NWsAEbGu8?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DXzI36JVwAA5ENG?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/E9hwWqsVkAgksrh?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FgAM60aUcAEc2Ej?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/FVOutWNVIAA0FKZ?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/ENYtn5ZUUAA-4O7?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/ENYtn5ZVAAAXuSY?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DbLkHEeU0AA9fdQ?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DbLkHEgUMAANkRk?format=jpg&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DzoPpUEWkAApii3?format=png&name=120x120

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/media/DzoPqPYX4AAXxjT?format=jpg&name=120x120

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
avasdemon.com/	1969-12-31 23:59:59	Name: latest_page Value: 1
.avasdemon.com/	1970-01-21 01:18:53	Name: _ga Value: GA1.2.159174282.1698173211
.avasdemon.com/	1970-01-20 15:44:19	Name: _gid Value: GA1.2.36337213.1698173211
.avasdemon.com/	1970-01-20 15:42:53	Name: _gat Value: 1
.lijit.com/	1970-01-20 16:26:05	Name: ctag Value:
.avasdemon.com/	1970-01-21 01:18:53	Name: _ga_NKPS5VX6VN Value: GS1.2.1698173211.1.0.1698173211.60.0.0
.doubleclick.net/	1970-01-21 01:04:29	Name: IDE Value: AHWqTUnWjP6Vx6whSiLyF857p-qSkEIyWVNkNlcJruzV_Eo6DLtr4RPP5fqdjBzK
.casalemedia.com/	1970-01-20 17:52:29	Name: CMPS Value: 2222
.casalemedia.com/	1970-01-20 17:52:29	Name: CMPRO Value: 2222
.doubleclick.net/	1970-01-20 20:02:05	Name: APC Value: AfxxVi4HV0g_E69OQvtCcChZ3P8raSDFkcFU37Qtr9po2Dbsxc9NZg
.casalemedia.com/	1970-01-21 00:28:29	Name: CMID Value: ZTgRHBJAM0Jgwnc3fwRQgwAA
.adnxs.com/	1970-01-20 17:52:29	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVJfJZQx!]tbPl1M>e)ZlrFUfJ+tGXxoHIiYBU><#K8NZj2`EoRE8Af7*Sb#om+'u$z03If)y3KL9D3I?+SB<JlR
.adnxs.com/	1970-01-20 17:52:29	Name: uuid2 Value: 8608964073193306886
.redintelligence.net/	1970-01-20 17:52:29	Name: 8lcfmzhxc8d6_uid Value: 6d6dec338304befc
.retailads.net/	1970-01-20 16:26:05	Name: ppb2172 Value: 3233064892
.avasdemon.com/	1970-01-21 01:04:29	Name: __gads Value: ID=f6548a2ac8aa80ee:T=1698173211:RT=1698173211:S=ALNI_MYHeNw5x_SdFp8JvcW6Zpd0XryhhQ
.avasdemon.com/	1970-01-21 01:04:29	Name: __gpi Value: UID=00000ca1c3a387f6:T=1698173211:RT=1698173211:S=ALNI_MZJUSCZigM9QItzIWrMxZHzDGGvWw
.futalis.de/	1970-01-20 17:09:17	Name: raSIDb Value: 3233064893

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://avasdemon.com/ Message: Mixed Content: The page at 'https://avasdemon.com/' was loaded over HTTPS, but requested an insecure element 'http://www.avasdemon.com/webtoon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://avasdemon.com/ Message: Mixed Content: The page at 'https://avasdemon.com/' was loaded over HTTPS, but requested an insecure element 'http://www.avasdemon.com/patreonTop.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://avasdemon.com/ Message: Mixed Content: The page at 'https://avasdemon.com/' was loaded over HTTPS, but requested an insecure element 'http://www.avasdemon.com/bookstores.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://avasdemon.com/(Line 124) Message: Mixed Content: The page at 'https://avasdemon.com/' was loaded over HTTPS, but requested an insecure element 'http://www.avasdemon.com/webtoon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://avasdemon.com/(Line 124) Message: Mixed Content: The page at 'https://avasdemon.com/' was loaded over HTTPS, but requested an insecure element 'http://www.avasdemon.com/patreonTop.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://avasdemon.com/(Line 124) Message: Mixed Content: The page at 'https://avasdemon.com/' was loaded over HTTPS, but requested an insecure element 'http://www.avasdemon.com/bookstores.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
abs-0.twimg.com
abs.twimg.com
adservice.google.com
ap.lijit.com
avasdemon.com
cdn.retailads.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
e0.extreme-dm.com
feedburner.google.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900020.redintelligence.net
hal900022.redintelligence.net
ib.adnxs.com
medialead.de
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
platform.twitter.com
pv.medialead.de
pxdrop.lijit.com
region1.analytics.google.com
s3-us-west-2.amazonaws.com
stats.g.doubleclick.net
syndication.twitter.com
t1.extreme-dm.com
tpc.googlesyndication.com
vap2ams1.lijit.com
www.avasdemon.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
abs-0.twimg.com
pbs.twimg.com
syndication.twitter.com
104.18.26.193
104.244.42.8
104.244.43.131
142.250.185.98
142.250.186.70
144.76.104.53
145.239.193.130
159.69.70.9
178.63.52.121
18.208.5.78
185.89.210.82
192.229.233.50
2.17.100.224
2001:4860:4802:32::36
216.52.2.6
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:a1d
2606:4700:20::ac43:474c
2a00:1450:4001:806::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9d
2a01:4f8:d0a:2321::2
49.12.16.151
52.92.251.200
94.23.99.218
01ebbe8030676be461f2d3266a1c7f8abcec73d32f322c5b6544bfbf833f01d1
06907a1cc098815c5df9e01d4b29e9f16950e22d9d416b5743eae215615f8bc2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0caab7de2b6d190e7fad15e5e81b2e8130ac073fe1960149c597b9ac12509d1c
0e5fc861a11b6d14c5d12e449a9bba6008ddb865beaa7f5a885e89bbf6c9b690
10f9d5b496101cdbaf798ca05653be168cca1ecfa3dda75fc55d17deb4817203
19cf60073c073c33a298d4d0f8e69298ce0a1fd8bf05e676b89f923bd03d181f
1c0486acafe63a074adbd08ecc9cad99ee106f3701e2b93c2a75533774f7faba
1cf58ef1d75d7cdd8e7da95a6a6111b5038e74f4b9bf88fe32bf893bc635f872
20d0999d70f6a345bb5a30c42961b2effc21fa3779b2d1bdb250af34c53f7f57
223efde76cd9bc8b52f99c757eb59dbebd2a7eb2488305c4f839d4e419266070
2a388ce485f03cf61ed5aace153028458a4b85614867658ece6b9ad54c462675
2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67
2b794bdede7b5fdadef95d935fdfbb1ffa0cb486337d7e895525507c6a830678
2d2764f92ade836d62421fafee25631dc42e846d0219939c7376e9473d58a601
2d967d407e5f078b2edf90fa5d2709880d8fca8b38b4ce8bd1361051099095a9
2dea8920e32f728df4b11ffb4cb24af08ddf2f8338486d33d217046d95341d0d
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3105f89805d4ba49826026a24398330bdf6fc106f97c898dadd16a534828d7b6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3322104f6274a34ec8c4777ea8a2c93d2da16749998318c1e4959f1441b0a6b1
3effab7013cf9a1b25fc76975f042ec2caef2a7726c8de4c3de934f3de4d4adc
3f3f04eead8814db15a073b9e5c4e5eb1445b35a9848e9d05cb798e2b58f79bd
42541090ee260f24092887bbd04edba9f0d81ad5da3c7e25f1580637bdeb8a12
42ef1916c929a991588da489067c81538d1580662159ac65bb079c4591e9cb71
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44cb18486c627b7e38f3d6fd9bb5c3609ef8193d66046933230ec104420bf314
453deb09c84abd4df63c8cb9ac393e79062fcf0dd9ab61919d12eb034ccf647e
48c7db6d839d307798dae0e5f6a9b6b7a8c534575f6e587131fbeef6343bcec6
48f2030375e13e9a75bb5e6bb16ad5b0408605ca36cd8123ea6fe784bc4713e6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4eb00d2dd0bdc3bfb97f608353eb9083f8aebd91c49f791c427f1541f67b8a7f
51a00ee7247f707d292238195dee7683340b034c7843a9e6297d395bda0ee941
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
529c60b8b846412053f6c14cd065c35ac2a261adf446695a0be7fa349f5887f3
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5445fda46ea805b9625cab44def2b6a37d85a705686b7c3754f0244d16860dd7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a20cfb04f3c59b7d1df7e407ba2191faf44befffad609cc94d7100148e9a9d
54c2f6a0ca1715f8c1e8c1ded945312c8bef62f19fb351e539a4f0b09d75618e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5a8495469faaa41a4ffd046646ab9ac451effad6b9609eb870c758ae138a4dd9
5aadfd697417ac1e5e545943d8cb8ee9e8e9ed3fa9ed9b3f65bff9fb329dac01
5c4158b86597facd9d85c9996614f6141598013c394c770b3057508249998a0e
5e8dd214218b0079b92803ad10617a2fb86fe1ea302d3646be0c5c0c2d0216b9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
6552ceeb4617a68a81aaf70e3632d417781e9467f7005995133b31763ae18c26
67bb5af503f3200b23811caa27ea37d7d3b3fa2bf96c8253a64489cc775cf56f
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6e369f77b8f53bc579813e0e9d9262a958f8bcdf0a8670dd8c7f89202b5c6daf
6e4c7f45987f5b5e2e4a0addcd924e736312fd3b2c42f7bcd41feb242fcf721e
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
713a5085778002ac882de664c065bc7a55a26c6091d12c39a038bac7b70dcf45
729cfa84928e7a87a4a4551df25c1406da86af8f0ebd2f579460546d11722326
748f6ef248b62d270b58170e9d7cfa214ab22b893ac61b1a2959f68e62d8a503
7a4a63c52bdfab0ab459b1b77dad4a4ce4e1f7dfdfdba0b2013ba32f0690e15f
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
82f93e8eec264c4c0f1c932e61b80735904d8f853cbfabd80965576deb827d41
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88736d6780aa1fc63e5caafb6328fd70f73c7ec87ba4b7ca833ff3c59de22394
8e2aac02b0dbdfa237f77f38915ad71c504d1252f8a27ec99cb3ca733bcafa8f
8e478d09da3df6a8ee61ef08e3a64e4500bd8220ab74058d21c72f95e93df016
8f386eea050ee8354b89a3db613c913ea6f7c734e1e07d64470ccd194cec4faa
9013a9ca40a672ee35978b117e54d8b342cb591e8951f599a2b6dfef9d9fa723
9271962e9fc8257ce9e008bde83ac1408a2f196db6142548769f290873b70b93
9334b60b7dc233c0847890b7ee5749a3b1ac9b9b254182bb87972a0ef3e4870a
935777d17caa8bfbf152ca453b6adc895300b00607c50af59855f0b84e2e7a62
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
9562e67b97f96f4f008179b61f9fcc006620c32307cec3ad9fe2e6d0b58378e3
97e73a6f5f96c533cc4e5dc61e2d69f175e33888e85d72232b073822df243aed
98cede386674abc300acb6c1c9d8010427e51f1709d833c25054f930ee93af17
9acad58d41c25d7e0886e99307acc19238fe4b165100211737e2aea6b8560882
9b8c3a9409cbea399e4d1d5e88a73e4cc595113151aab2d7c5135fb3b54ebd98
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
9e5bbd9f66f479034fb9c4cbd9309c728260c31044748ef7fc95c0e9e16930f4
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
a4d34ba920164a291133631fd8e416f97d4c54610c6e3a685e12ddef054e6b7a
a66da3004ab7904cb4abc086d932fde6720e5db5ae6acc974e48fa3b16d69ab0
a845215a5303c1d706e923402f6fa524189a35d50990bf20b1e0e4ca276fb1b3
a863477ba9e99bb608e862ec41e72c4990c2f780fac60178c4d37aee78e3b0be
a8fc55b2149272c096cde2ed6c1481e7a2b6c8d20ae7657bf39c6f4117dd2f2a
ab8d01c97d0c58075504ab82f9eea73cc83ebc380d450109c1039dfd416c3311
aca22059ae12351b0817fe300a00e1c1a1c8ed4b71644dc6c9ab605490aa2cb0
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
af2d1052c77580b3b28ec1e883213f85f63718645669cac9dceb86853eed22a6
b04335d34769c1a5457e48323ffd27dc1b90d38f7e4872c198ea8cbf9d694cbd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
b9c4da3444ccd759c7b2ba86705426755554e767cbd386eafce86c7fcb0126af
bd18e405cbfb6fb5c27224b38e792c8b6542d9b7eae37aa5883808b69392dcef
c19ae59d6eafbf9617659f916070113714537a4b6aeb096f550a0e2b0ca51d12
c4006899e26897e6c56ab10fb3c4982066797ea684a3b41b77870041aebcb34f
c41dff2c56804ca509cb5ccf65924ae2f506b7a8b8bbf1a71d3e6a36c358ac26
c78a488c4addff65472d62a516e1beffb79729db7a849f68458337f387203906
c937b4fd2d41aa691d798b912b1a10b06850d2afe6834f4170ae58896930c857
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cd93ded227292a9463b5c0c6ad48e8f66f8c00252d5f3d7bf5e1d8d3fc9180ed
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d58af0582af58bf919b133a4e74abd80a9787932d3ef96c294d8a2f00ef653e9
d709d1a1a12f372cbd746fb29638bbbe4e88a256998da13c8c859a7fd6a29f6c
d90264133bc9cfa6f0470e8a143fa640b6a9a41ebc1f84ad770e0c7b143771f8
dc121f67c847840d9c6ce382c27b93c801af9ce47a9b18e7bfd6e4d0436acde3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de863ff2c44dc41dc6844f89bc11fdbc3ef6e48202f245802f7f150fee914b68
e21224dc534d48773cbc60aeedd6104671ef2d2ccfd474b4543887dd22609a24
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa7021059b802b9d6e3fedb3213703fbea81400c6e79ec1688013d894f4e0d6
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb9b9bdebef11782576fcdec7363614ee65194a66556a66f39b01f3e3ec0e674
ecbfdd88419d91597a80f58a2732fb9a34c7694e0e24506e1727dd68a814d74b
ee9178afadba4a0aca57d2f763162629c247782a6b679c1edfeff1b3770be930
eefd62bfe6d0ad2f3f2b7bddb8f2c46d7c8b6ed4897e3f9309968a58dc078753
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f94506564b50e8679d5cb657e457f45d459536c69a257f12517ccd3fd0bed6ff
fd05e14740f8f4d7f06b76c9b934fd775d675733436a1f2b5127fc850369ce1f
fe28d525feb98eddfad147fb2f77af03f3f62b2a2c4c9407e537761539ecc524

avasdemon.com Open in urlscan Pro 2606:4700:20::ac43:474c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

371 Requests

45 %HTTPS

54 %IPv6

22 Domains

39 Subdomains

36 IPs

5 Countries

5871 kBTransfer

10106 kBSize

18 Cookies

16 Outgoing links

Page URL History

Redirected requests

371 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

avasdemon.com Open in urlscan Pro
2606:4700:20::ac43:474c Public Scan

Screenshot
Live screenshot

Full Image

371
Requests

45 %
HTTPS

54 %
IPv6

22
Domains

39
Subdomains

36
IPs

5
Countries

5871 kB
Transfer

10106 kB
Size

18
Cookies

371 HTTP transactions
1 data transactions