cpmlink.net Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cpmlink.net/ibdpAQ
Submission: On March 28 via manual (March 28th 2022, 1:18:20 am UTC) from FI — Scanned from DE

Summary HTTP 150 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 41 IPs in 9 countries across 36 domains to perform 150 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is cpmlink.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 30th 2021. Valid for: a year.

This is the only time cpmlink.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 23	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2 8	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:e000:2:e529:700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	35.190.55.95 35.190.55.95	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
9	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	192.0.78.146 192.0.78.146	2635 (AUTOMATTIC) (AUTOMATTIC)
10	2606:4700::68... 2606:4700::6812:18f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	35.190.41.116 35.190.41.116	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	35.190.50.89 35.190.50.89	15169 (GOOGLE) (GOOGLE)
1	192.99.0.58 192.99.0.58	16276 (OVH) (OVH)
1 1	148.69.64.76 148.69.64.76	12353 (VODAFONE-...) (VODAFONE-PT Vodafone Portugal)
12	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:420	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:b210	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:b110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	143.204.202.245 143.204.202.245	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	184.30.210.29 184.30.210.29	16625 (AKAMAI-AS) (AKAMAI-AS)
1	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 2	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
1 3	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	52.51.211.190 52.51.211.190	16509 (AMAZON-02) (AMAZON-02)
2 2	52.211.111.162 52.211.111.162	16509 (AMAZON-02) (AMAZON-02)
150	41

23 2a06:98c1:3120::7 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

cpmlink.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ahscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gml-grp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:e000:2:e529:700:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.orquideassp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.55.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 95.55.190.35.bc.googleusercontent.com

www.onclickperformance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

wednesdaynaked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.146 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

supertruco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:18f6 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lp.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.50.89 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 89.50.190.35.bc.googleusercontent.com

www.predictivdisplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.0.58 (Brossard, Canada)

ASN16276 (OVH, FR)
PTR: ns500326.ip-192-99-0.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.69.64.76 (Porto, Portugal) 1 redirects

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: are.clevernt.com

sender.clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:420 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.betano.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:b210 (United States)

ASN13335 (CLOUDFLARENET, US)

cov.gmlinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:b110 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.gmlinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.245 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-245.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.210.29 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-210-29.deploy.static.akamaitechnologies.com

ssl.connextra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zz.connextra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.29 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.250 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.211.190 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-211-190.eu-west-1.compute.amazonaws.com

segment.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.111.162 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-111-162.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	326 KB
19	cpmlink.net 1 redirects cpmlink.net	328 KB
18	gstatic.com fonts.gstatic.com www.gstatic.com	707 KB
13	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	207 KB
10	cleverwebserver.com scripts.cleverwebserver.com — Cisco Umbrella Rank: 39071 ui.cleverwebserver.com — Cisco Umbrella Rank: 42260 lp.cleverwebserver.com — Cisco Umbrella Rank: 76887	356 KB
10	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 57	26 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	5 KB
5	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 1093 sync.mathtag.com — Cisco Umbrella Rank: 384	5 KB
4	bidr.io 3 redirects segment.prod.bidr.io — Cisco Umbrella Rank: 10153 match.prod.bidr.io — Cisco Umbrella Rank: 462	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	40 KB
3	adnxs.com 1 redirects secure.adnxs.com — Cisco Umbrella Rank: 359	3 KB
3	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 955	857 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 338	12 KB
3	adform.net 1 redirects s2.adform.net — Cisco Umbrella Rank: 4901 track.adform.net — Cisco Umbrella Rank: 3334	30 KB
3	connextra.com ssl.connextra.com — Cisco Umbrella Rank: 9319 zz.connextra.com — Cisco Umbrella Rank: 15285	3 KB
3	gmlinteractive.com cov.gmlinteractive.com — Cisco Umbrella Rank: 179043 cdn.gmlinteractive.com — Cisco Umbrella Rank: 269370	356 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8832 www.google.de — Cisco Umbrella Rank: 6433	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	500 B
2	mgid.com a.mgid.com — Cisco Umbrella Rank: 18558	6 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	114 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	149 KB
2	betano.de 1 redirects www.betano.de — Cisco Umbrella Rank: 525067	2 KB
2	gml-grp.com 2 redirects gml-grp.com — Cisco Umbrella Rank: 71210	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	73 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716 www.googleadservices.com — Cisco Umbrella Rank: 101	15 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 17418 s4.histats.com — Cisco Umbrella Rank: 14980	5 KB
2	ahscdn.com ahscdn.com — Cisco Umbrella Rank: 270718	14 KB
2	onclickperformance.com www.onclickperformance.com — Cisco Umbrella Rank: 165313	5 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1102	7 KB
1	clevernt.com 1 redirects sender.clevernt.com — Cisco Umbrella Rank: 71586	436 B
1	predictivdisplay.com www.predictivdisplay.com — Cisco Umbrella Rank: 190702	3 KB
1	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 54625	879 B
1	supertruco.com supertruco.com — Cisco Umbrella Rank: 222804	821 B
1	wednesdaynaked.com wednesdaynaked.com
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	2 KB
1	orquideassp.com tags.orquideassp.com — Cisco Umbrella Rank: 100511	1 KB
150	36

	Domain	Requested by
19	cpmlink.net	1 redirects cpmlink.net
12	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	pagead2.googlesyndication.com	cpmlink.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com www.googleadservices.com
9	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
9	fonts.gstatic.com	fonts.googleapis.com www.google.com
8	lp.cleverwebserver.com	cpmlink.net lp.cleverwebserver.com
8	www.google.com	2 redirects cpmlink.net www.gstatic.com tpc.googlesyndication.com www.betano.de
6	fonts.googleapis.com	cpmlink.net googleads.g.doubleclick.net lp.cleverwebserver.com www.betano.de
4	pixel.mathtag.com	ssl.connextra.com pixel.mathtag.com
4	www.google-analytics.com	cpmlink.net www.google-analytics.com www.googletagmanager.com
3	secure.adnxs.com	1 redirects ssl.connextra.com
3	tr.snapchat.com	sc-static.net www.betano.de
3	bat.bing.com	cpmlink.net bat.bing.com www.betano.de
3	securepubads.g.doubleclick.net	cpmlink.net securepubads.g.doubleclick.net
2	match.prod.bidr.io	2 redirects
2	segment.prod.bidr.io	1 redirects ssl.connextra.com
2	zz.connextra.com	ssl.connextra.com
2	track.adform.net	1 redirects www.betano.de
2	www.facebook.com	www.betano.de
2	a.mgid.com	cpmlink.net www.betano.de
2	connect.facebook.net	cpmlink.net connect.facebook.net
2	www.googletagmanager.com	www.betano.de www.googletagmanager.com
2	cdn.gmlinteractive.com	www.betano.de
2	www.betano.de	1 redirects lp.cleverwebserver.com
2	gml-grp.com	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	ahscdn.com	cpmlink.net ahscdn.com
2	www.onclickperformance.com	cpmlink.net
1	sync.mathtag.com	1 redirects
1	www.google.de	www.betano.de
1	s2.adform.net	cpmlink.net
1	ssl.connextra.com	www.googletagmanager.com
1	sc-static.net	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	cov.gmlinteractive.com	www.betano.de
1	sender.clevernt.com	1 redirects
1	s4.histats.com	s10.histats.com
1	www.predictivdisplay.com	www.onclickperformance.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ui.cleverwebserver.com	cpmlink.net
1	youradexchange.com	ahscdn.com
1	s10.histats.com	cpmlink.net
1	scripts.cleverwebserver.com	cpmlink.net
1	supertruco.com	tags.orquideassp.com
1	wednesdaynaked.com	cpmlink.net
1	cdnjs.cloudflare.com	cpmlink.net
1	tags.orquideassp.com	cpmlink.net
150	50

This site contains links to these domains. Also see Links.

Domain
agencyorquidea.com
www.predictivdisplay.com
www.onclickperformance.com
youradexchange.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-30` - `2022-06-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tags.orquideassp.com Amazon	`2021-06-29` - `2022-07-28`	a year	crt.sh
onclickperformance.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-03` - `2023-01-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
wednesdaynaked.com R3	`2022-02-21` - `2022-05-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tls.automattic.com R3	`2022-03-09` - `2022-06-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
histats.com R3	`2022-01-21` - `2022-04-21`	3 months	crt.sh
youradexchange.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-16` - `2022-07-01`	2 years	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
predictivdisplay.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-16` - `2023-02-16`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-04` - `2022-04-04`	3 months	crt.sh
*.connextra.com DigiCert SHA2 Secure Server CA	`2021-07-04` - `2022-07-13`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-13` - `2023-01-13`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://cpmlink.net/ibdpAQ
Frame ID: 5B5E0822B286938B006D998F6ED44C0C
Requests: 55 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhFikTAAAAAIJLhTUiRYGN3ePz22rWeWF6wGbC&co=aHR0cHM6Ly9jcG1saW5rLm5ldDo0NDM.&hl=de&type=image&v=2uoiJ4hP3NUoP9v_eBNfU6CR&theme=light&size=normal&cb=7dk3em53gpxv
Frame ID: FB34FB5BDE921EE95C5ACA793B08D56B
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.cpmlink.net&adk=3789060284&adf=906611538&pi=t.ma~as.www.cpmlink.net&w=300&lmt=1648430294&url=https%3A%2F%2Fcpmlink.net%2FibdpAQ&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648430294331&bpp=9&bdt=1209&idt=113&shv=r20220323&mjsv=m202203210101&ptt=5&saldr=sa&abxe=1&correlator=5177021731116&frm=20&pv=2&ga_vid=145724780.1648430294&ga_sid=1648430294&ga_hid=327551295&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=357&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31061690%2C31063246&oid=2&pvsid=273647848453026&pem=155&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=8tB56kbLrz&p=https%3A//cpmlink.net&dtd=127
Frame ID: EE68DB5AEFF32B37E705A8EB06F26737
Requests: 13 HTTP requests in this frame

Frame: https://www.predictivdisplay.com/jump/next.php?r=3018531&sub1=4941051
Frame ID: 7A93F7B7C899F342FA6B665ACC2A233E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.cpmlink.net_footer_728x90&adk=2044655284&adf=1739877337&pi=t.ma~as.www.cpmlink.net_foo_&w=728&lmt=1648430294&url=https%3A%2F%2Fcpmlink.net%2FibdpAQ&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648430294344&bpp=2&bdt=1221&idt=136&shv=r20220323&mjsv=m202203210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.cpmlink.net&correlator=5177021731116&frm=20&pv=1&ga_vid=145724780.1648430294&ga_sid=1648430294&ga_hid=327551295&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31061690%2C31063246&oid=2&pvsid=273647848453026&pem=155&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NuuahjUWwN&p=https%3A//cpmlink.net&dtd=139
Frame ID: EBC3BB6407FEC270F91756DBCBB08026
Requests: 10 HTTP requests in this frame

Frame: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=558043&group=55001&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUFVWk5NQlNCQUFERQ%3D%3D&ref=aHR0cHM6Ly9jcG1saW5rLm5ldC9pYmRwQVE%3D&r=216923692
Frame ID: B79945B8D0D11B61493382131475282D
Requests: 10 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&k=6LdhFikTAAAAAIJLhTUiRYGN3ePz22rWeWF6wGbC
Frame ID: C9719FCC06B9EB9C2A223FC3AAC15455
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FCEE575B2ADF34DE2FFCA44C518251DE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 670654DA36111AD981BCB1B3159B756B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
Frame ID: A86C3FD64C79339CCD46B3F8E436C9AF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
Frame ID: EBCE5811A1D71E13AE8936CD7A0814DE
Requests: 1 HTTP requests in this frame

Frame: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151
Frame ID: FDDAAC68F04C0734EA5B5D9413FD2FE6
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20190131/zrt_lookup.html
Frame ID: B8C51662707BE679206B8CF855865C86
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&adk=1812271804&adf=3025194257&lmt=1648430295&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcpmlink.net%2FibdpAQ&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648430295159&bpp=1&bdt=2036&idt=1&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5843d1b921f90bd6-22ce7ccf66cd0003%3AT%3D1648430294%3ART%3D1648430294%3AS%3DALNI_MaIihVp1pf9xAs2wQOB-M5Sv6NpPw&prev_slotnames=www.cpmlink.net%2Cwww.cpmlink.net_footer_728x90&nras=1&correlator=5177021731116&frm=20&pv=1&ga_vid=145724780.1648430294&ga_sid=1648430294&ga_hid=327551295&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31061690%2C31063246&oid=2&psts=AGkb-H8tm-ZUsHhSGSaZBo2RwVcaNKWB-6nuZpZNZxO4TuNGQ-kr9aZB_eAWI0Im70UDZBDPWdC5LQjsGAUe%2CAGkb-H-Ysz-NsSV92_BSStWL1TvH_oXLCmh2pjoQuvTRyUVPAAxEHZ2qv2nSahA-sIjzJX4orqZKiudOPAi5LAM&pvsid=273647848453026&pem=155&tmod=1628534417&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=17
Frame ID: 8B628A003E853C3B1A9CE74C08BEC46E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DC7E058B142A46535031AE94DED8D674
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D0D17BF20A367E7DCF9D546C2178DE9E
Requests: 2 HTTP requests in this frame

Frame: https://ssl.connextra.com/universalTag?client=Betano&id=178083&page=homepage
Frame ID: 6510DAFF51C52A4A22D8DFC29678C629
Requests: 8 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=59013e41-1b63-4d8e-a887-ea6d3795d988
Frame ID: 53446BF784DECF5F5D8697BBCDA8FBEA
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=d57e6241-0cd7-4700-aa25-e91b509920b6&no_iframe=1&mt_adid=241596&source=mathtag
Frame ID: A2946ECAF093F50222088DCF6F0E1E04
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CPMlink

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

150
Requests

96 %
HTTPS

51 %
IPv6

36
Domains

50
Subdomains

41
IPs

9
Countries

2801 kB
Transfer

6281 kB
Size

34
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://agencyorquidea.com/

Search URL Search Domain Scan URL

URL: https://www.predictivdisplay.com/jump/next.php?r=3018531&sub1=4941051
Title: Go to website

Search URL Search Domain Scan URL

URL: https://www.onclickperformance.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

URL: https://youradexchange.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://cpmlink.net/assets/audio/audio.mp3 HTTP 302
https://cpmlink.net/

Request Chain 56

https://sender.clevernt.com/transporter/55001.php?ppuc=1&ppu=0&id=558043&ref=aHR0cHM6Ly9jcG1saW5rLm5ldC9pYmRwQVE%3D&ruri=&r=216923692&tok=33419711310201791433&cmpId=&iv=-1&ctr=DE&sz=1200&landing=1&hei=360&mode=topscroll HTTP 302
https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=558043&group=55001&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUFVWk5NQlNCQUFERQ%3D%3D&ref=aHR0cHM6Ly9jcG1saW5rLm5ldC9pYmRwQVE%3D&r=216923692

Request Chain 82

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 83

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 97

https://gml-grp.com/C.ashx?btag=a_1151b_904c_&affid=431&siteid=1151&adid=904&c=YSAAUZNMBSBAADE HTTP 302
https://gml-grp.com/C.ashx?btag=a_1151b_904c_&affid=431&siteid=1151&adid=904&c=YSAAUZNMBSBAADE&AutoR=1 HTTP 302
https://www.betano.de/promos/de/Betano-DE.aspx?btag=a_1151b_904c_YSAAUZNMBSBAADE&utm_medium=431&utm_source=1&siteid=1151 HTTP 302
https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151

Request Chain 141

https://track.adform.net/Serving/TrackPoint/?pm=2284179&ADFPageName=betano.de%7CSportsbook%7Cundefined%7Cundefined&ADFdivider=%7C&ord=322120847850&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&ADFtpmode=2&loc=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D1%26siteid%3D1151 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2284179&ADFPageName=betano.de%7CSportsbook%7Cundefined%7Cundefined&ADFdivider=%7C&ord=322120847850&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&ADFtpmode=2&loc=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D1%26siteid%3D1151

Request Chain 142

https://secure.adnxs.com/seg?add=24290212&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D24290212%26t%3D2

Request Chain 145

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D HTTP 302
https://zz.connextra.com/sync/data/uid/6c883bd680/98516241-0cd8-4b00-a984-81c04da50f01

Request Chain 146

https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-426&value= HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-426&value=&_bee_ppp=1

Request Chain 147

https://match.prod.bidr.io/cookie-sync/geniussports HTTP 303
https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1 HTTP 303
https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAGqT07EghoAADKAOAl1Qw

150 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ibdpAQ Show response
cpmlink.net/ 14 KB
5 KB 237ms
192ms Document
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpmlink.net/ibdpAQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.31
Resource Hash: de7b6b9d278848d174bb5f9d719d5a4711bafc238c8fc5616e1b6617ad95b415

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 28 Mar 2022 01:18:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.31
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAhxaysOyYScxQvMyWgbL%2B%2BSLIusCll5cpfDkO%2B4b8Rjp7wIlxVMk50eFmZWB4uu0CNhKLyzhxmegpNHBq8cXJ%2BMRxRyT1PB6pcPp3SKuvFVcmuTNhuVK8mtzmxzu%2F9y%2FGIBgqY9A%2BjM4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f2c87d2d84d0e2a-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 52ms
30ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

5377b85929b89e53828ca9b7489ea8a9c4a112bd7384c8eadb38b8dea5df6983

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28043
x-xss-protection: 0
server: sffe
etag: "1171 / 161 of 1000 / last-modified: 1648245909"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 28 Mar 2022 01:18:13 GMT

GET
H2 200 bootstrap.min.css
cpmlink.net/assets/css/ 118 KB
20 KB 26ms
24ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpmlink.net/assets/css/bootstrap.min.css
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 340ded89dcd9a565acfcbebaf72213b6ea7cbcb5a984fc5593c04034f62397ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/ibdpAQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Sep 2017 20:57:58 GMT
server: cloudflare
age: 3591
etag: W/"59adbe56-1d9b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNsINqTbxlH8wNvy49qac1JvP0jH6ZAgp7Y9e2rBXAKpWy3N5EQCrR5rdYxdp%2BtRXK602g8XI8uZcDUCyrHkoMoMfxEa9CLy8blIR9XK2Jwf8i8xTLZTykoY3qSIFK8jR%2BSXHzfJA36eng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f2c87d4292a0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 vendor.css
cpmlink.net/assets/css/ 41 KB
12 KB 24ms
22ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpmlink.net/assets/css/vendor.css
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23f4c65222542b6b0413245692e9a08067ec26e4d3fee74409a2bd5fd6e1ff10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/ibdpAQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Sep 2017 20:57:58 GMT
server: cloudflare
age: 3591
etag: W/"59adbe56-a2ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9%2FTB8EA3xo66%2BiBSxBrx5QKuqiwwJyqc1uw0L9wvZ8cQJR4mwUoEPxQjBkgtrC%2BECIOSiiw3Z2Ltr6vIPePGNeZtuf1z2ZxFlxTPMnbkXstej%2BHS9HsYLirQ265tcVO4WHI1Ok0AvxaFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f2c87d4292c0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
cpmlink.net/assets/css/ 210 KB
19 KB 40ms
39ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpmlink.net/assets/css/style.css
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21cb8a534a479c2d092ee724140b7a4a7a17b9a36537d7d77106e4cfefd34ab4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/ibdpAQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Sep 2017 20:57:58 GMT
server: cloudflare
age: 3591
etag: W/"59adbe56-347c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJ70a6QjYWfYUZqTo6HNSe2NIe%2BwSSRf%2F81wjj8c0lBbCrbXN9M6X5qcoidAHfgQ6cr2fZMAdIwfDizRyNL3yghCjiJ4U%2FGLdctUvNpBSYTr04pIlGn12OasjR%2Fgz7BC%2BiRPuut27Njm2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f2c87d4292d0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 demo.css
cpmlink.net/assets/css/ 4 KB
1 KB 23ms
22ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpmlink.net/assets/css/demo.css
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a94ea175c1bccc3a074849d2fa39fbe5cc1368c1857a0b68241d38fada53d13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/ibdpAQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Sep 2017 20:57:58 GMT
server: cloudflare
age: 3591
etag: W/"59adbe56-11b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HbwBp1PIKMox9BneuQor7bN62ZD%2BEumcLgYjuoWS5lqEGPvmBrQNF5sKjMymhn1GtoB74yYQqTbDQLD6v51BCBeU78c2ZrD%2FQlU%2BGO2L37z7viPsYws2QKgByyRoaZFvXOG8VgIoVoURSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f2c87d4292e0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 custom.css
cpmlink.net/assets/css/ 184 B
443 B 22ms
21ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpmlink.net/assets/css/custom.css
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42aa86bd96c4636962d26e433b3e7e929596027ce358314f329a8e69f407ecd1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/ibdpAQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Sep 2017 20:57:58 GMT
server: cloudflare
age: 3591
etag: W/"59adbe56-b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VZjltkRulrj%2BXFIjY8fbwidvfOsLeCf6KOvH%2BOcHJvJiE%2BmtBIPkIvBfPLMVZkSWG1nPNeAE9bqEU6blRMtXW1IXjqoOsrTV22RcnWYs9iCD1b24Cy%2FSEmutqeaz8KTGGvd04zld%2F3ldg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f2c87d4292f0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-1.11.3.min.js Show response
cpmlink.net/assets/js/vendor/ 94 KB
34 KB 41ms
40ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpmlink.net/assets/js/vendor/jquery-1.11.3.min.js
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/ibdpAQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Sep 2017 20:58:42 GMT
server: cloudflare
age: 3591
etag: W/"59adbe82-176d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omWARNwIOqRpAbixAvnKICxx%2FA6JQHK%2Fv6QuC7ZbpedMyuTifd%2B6ikM9JiM3aHPr9xky6qWw8fjlWWIdG2zq6MTpPgJTbLuIDCDEoPaaZ4vUNTWHuaiMX%2FzYxLKkrpGKj5p6om%2BvBsWvlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f2c87d429310e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 html5shiv.min.js Show response
cpmlink.net/assets/js/vendor/ 3 KB
2 KB 24ms
23ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpmlink.net/assets/js/vendor/html5shiv.min.js
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc9cbf19b48bae0d28f72e59e67d6ec34ab1644087ec2e8e42954180d1586b48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/ibdpAQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Sep 2017 20:58:42 GMT
server: cloudflare
age: 3591
etag: W/"59adbe82-aaa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQb6oMu6sMGhk9T0kODeZp2QQy5JbBNPTHgtXaA%2F6sWkjJOtyE2eO0am4N9Jq%2FBSAmuX4ybQfRAAlk7HXNQtXpxP0woJKd5CNIgk8l5UBoxUt%2BDRAU82y1NshFsGD9e4M7tz%2FgU2Z249pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f2c87d429320e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
991 B 45ms
15ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Requested by

Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1494fa2daeddbb2d1869cb94d39225bc5d1d3fc4b2a14e3f32a957e48139d0f0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 578
x-xss-protection: 1; mode=block
expires: Mon, 28 Mar 2022 01:18:13 GMT

GET
H3 200 site-header-logo.png
cpmlink.net/assets/img/ 64 KB
65 KB 42ms
40ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cpmlink.net/assets/img/site-header-logo.png
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8ee67cfaf180d033a0d146a2bcccb871186a6b0df132373c0d8574b884da4d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/ibdpAQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1079
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65579
last-modified: Mon, 04 Sep 2017 20:58:02 GMT
server: cloudflare
etag: "59adbe5a-1002b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yieg5ZBtSl5oSuAfm9JVmC5wFP7mxqZjCPr4%2BqxN1IZYb5FKMxveritVuIRwKtKVFU40b1rQ%2BftFSBpduNy7f5uMy1V0Nb5%2BudfAHjKITNfXSbi3UCEYfhkV%2FTcICC1KZuwXfgTv%2FrKtYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6f2c87d4dd0083a2-MXP

GET
H2 200 7958 Show response
tags.orquideassp.com/tag/ 666 B
1 KB 63ms
6ms Script
text/javascript 2600:9000:2057:e000:2:e529:700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.orquideassp.com/tag/7958

Requested by

Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:e000:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

9d4f6a81b8ab0cc8d116f5abc6f0fdc6c6b3254bd2b42a58425691f425d02d39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2624
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
date: Mon, 28 Mar 2022 00:36:16 GMT
content-length: 666
x-xss-protection: 1; mode=block
server: nginx/1.16.1
etag: W/"29a-DfGCG81HEHhx05E30U3Zf806xVU"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: i5JNN6Uqwibf9-dzYtHWjTISHNEd2bOHepFfEQwCMXN1HgR6ATAdYg==

GET
H2 200 display.php Show response
www.onclickperformance.com/a/ 12 KB
5 KB 182ms
141ms Script
application/javascript 35.190.55.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onclickperformance.com/a/display.php?r=4941051
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.55.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.55.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: c1f180edff4b0807e2f0f37cbda68245e3768805f032802f24d4b4c8ce7fd752

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:13 GMT
content-encoding: gzip
alt-svc: clear
server: openresty
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
link: <www.predictivdisplay.com>; rel=dns-prefetch,<www.predictivdisplay.com>; rel=preconnect,<www.onclickperformance.com>; rel=dns-prefetch,<www.onclickperformance.com>; rel=preconnect
via: 1.1 google

GET
H2 200 suv4.js Show response
ahscdn.com/script/ 25 KB
9 KB 68ms
22ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ahscdn.com/script/suv4.js
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e852a247d062e228c6ed8b9de5bf0665abcd5049107bef3a2c1c9786a40d918b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=Y87NCQ==, md5=fHZOm2m4i8Je9zHdGRWDEQ==
date: Mon, 28 Mar 2022 01:18:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 177
x-guploader-uploadid: ADPycdvF1P-EidWLe6LDJgm96sNVnNuBe3y15DUCRD31-o6s6ITJiaDb3c2H9KMTql2PrPhTHQx4dw95102uQumWZwg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 24 Mar 2022 17:34:11 GMT
server: cloudflare
etag: W/"7c764e9b69b88bc25ef731dd19158311"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IOYpIxSQ1s8JPM4e2nhbTMVA8RMxWrM%2B4qGS9b3KC%2B1%2FsxOjZ03zA785%2F2n1%2BGmQ4gZpSbzfBCpwWxladG51l7ptcgfz9NCa51VYb5I2ZU8n2hQ5rVX2Kllw%2Be2s07VVD%2FtPmbLZWHwL"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648143251714137
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 25179
cf-ray: 6f2c87d51fcc59d7-MXP
expires: Mon, 28 Mar 2022 01:29:18 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 116 KB
40 KB 55ms
24ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6eda70ce710ba56966b3bf0661cb42277d14f38c8317ca0fb872072129f2effe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40353
x-xss-protection: 0
server: cafe
etag: 8209120073391991341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 01:18:13 GMT

GET
H3 200 mail.png
cpmlink.net/assets/img/icon/ 3 KB
3 KB 28ms
26ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cpmlink.net/assets/img/icon/mail.png
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1752cce959f2b747aa5103a49d0abcbe7cf10b75cf121dd5968c41669d3dafdd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/ibdpAQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1077
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2865
last-modified: Mon, 04 Sep 2017 20:58:39 GMT
server: cloudflare
etag: "59adbe7f-b31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67l89%2FYI1Z2A39EIK4asrgtnSE%2FsrHhM3T1UikBB8nRvn%2BjimUURi5krBTl0Hr7RdkGdxgvkOP6Yu6AOR4ZpYymmBVVLd4O%2FhLnof3DmTUrWd5%2Fw2IKkfLFlEzkPTpiMyuZujwMiMbg%2BwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6f2c87d4dd0183a2-MXP

GET
H3 200 email-decode.min.js Show response
cpmlink.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 26ms
23ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cpmlink.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/ibdpAQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Mar 2022 11:29:35 GMT
server: cloudflare
etag: W/"623c561f-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWadZyVBwT43%2FtW4J%2FnYKovXQVG5gt0bGky5JJkgQWOAXDsSSSUZHj9ByMZ0%2Fd1RvPDjkqQ3wYvpWpS1E3u1ZYeCLMbVwE7qrZfl%2BwszJzpe6Q%2Fd54azcb94YqYkk52oTPmS0vbgUwhHlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f2c87d4dcf783a2-MXP
vary: Accept-Encoding
expires: Wed, 30 Mar 2022 01:18:13 GMT

GET
H3 200 bootstrap.min.js Show response
cpmlink.net/assets/js/vendor/ 36 KB
10 KB 82ms
80ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpmlink.net/assets/js/vendor/bootstrap.min.js
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/ibdpAQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Sep 2017 20:58:42 GMT
server: cloudflare
age: 1739
etag: W/"59adbe82-9004"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHOEUNUYjzffA%2BoznG%2BFyQmoxCYSHayj83Q7Tgvl3VP7G9R6aCZjApbPdSjt5IDunuVXKVbl7%2BPtCBwhTrp4xYHLM%2FndZWfiXsU%2FmCpefbfNKKFQ5e6blWvAoof2nhN5aeVlphKtYhR0Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f2c87d4dcf883a2-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 plugin.js Show response
cpmlink.net/assets/js/vendor/ 183 KB
54 KB 64ms
61ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpmlink.net/assets/js/vendor/plugin.js
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a3ceb3329bf885f2c4fe0bf0c89dd38768e32cbe77edb105dec1d14797d4048

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/ibdpAQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Sep 2017 20:58:42 GMT
server: cloudflare
age: 4700
etag: W/"59adbe82-2dc11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSE6CWjFs5bQE716ilVaJvp167mMLsVyvE28UH%2Fkb2AMJRNaVuTOQu5A8epzPjfH15WxYk4yCUe%2BK0BN5rQuoHnKgWNX%2Bx5KikRP0aYbV7wdMNfRAe0GQQzElYtDikCGo9Pm9xL6NsYEHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f2c87d4dcf983a2-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 variable.js Show response
cpmlink.net/assets/js/ 5 KB
2 KB 28ms
26ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpmlink.net/assets/js/variable.js
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b37f97b340e05e69a40b4cde0aaf886a2a3880b30ebdda8f4112f3f040b06c3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/ibdpAQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 31 Oct 2021 13:14:33 GMT
server: cloudflare
age: 1080
etag: W/"617e96b9-12fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVGbraK6FfLTDKIsl%2BUkUsIpBp0bkKldf%2F4BkU6t%2BPQqWNmSccQqzr%2BIMxYCoIJUbYUYrQhs82hZrrM2p7VnxI4RbB7aXG5n1r8avAnz8ibMefbFtOLMWl2aHUT1J4qnX0MenNjToGGawA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f2c87d4dcfa83a2-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 main.js Show response
cpmlink.net/assets/js/ 42 KB
7 KB 29ms
27ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpmlink.net/assets/js/main.js
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeada280b27d34605088afb50b61da8b93cf9653f8036aa8a0a846a24f0a8aa3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/ibdpAQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Sep 2017 20:58:03 GMT
server: cloudflare
age: 3696
etag: W/"59adbe5b-a615"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HM7zV6qVt2KoHI6LtS0K%2BohJ0qU2g6DNyzjDE3X8lCsB75gVwwXtNkzomc23Jtd3LEc6lhrd3um68OGoKlH43nN8iv5MgT5tp%2FFZgG1g5lAvna5OKEFkLS9paM%2Bu0OU1v2ODZUlQu9ypcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f2c87d4dcfb83a2-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 demo.js Show response
cpmlink.net/assets/js/ 1 KB
1 KB 83ms
81ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpmlink.net/assets/js/demo.js
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf288902cc77198ef17f2904d9033ed564e9af5f603054777f43dd9a1407920f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/ibdpAQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Sep 2017 20:58:03 GMT
server: cloudflare
age: 3690
etag: W/"59adbe5b-5f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBv%2FPYnPEGuRw%2B5s4BZBREE20KLzGMF12muvQBIEIdqsEPSiPEYOJGrCHecdeaa1rdj5QU1hYDmvpJHZf7LKNUpW%2BrG9pXwF7N9IQPOhprT09VPXNWptYr7i4xJRJTJw4how3IZmLsKIUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f2c87d4dcfc83a2-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 app.js Show response
cpmlink.net/assets/ 920 B
926 B 83ms
81ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpmlink.net/assets/app.js
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5d01de11399b5118258d41f61690255097cdac5733915e2d629c3fba1ccf91e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/ibdpAQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Nov 2018 19:56:40 GMT
server: cloudflare
age: 1080
etag: W/"5bf1c3f8-398"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMrQdtQVjzvo6Bf4Nv%2BiBAtWcP%2FWNcIixL9%2BOObPeTcCyH2NGcBl8u5BK%2B1aBfmyaddfa9V%2FNWhGKVdMFjsgcL%2B%2B180qRRdxfhbue82rdbVv2rmq4oDITwx3uauhKYSvcEKNkOP4nPs27A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f2c87d4dcff83a2-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 blockadblock.min.js Show response
cdnjs.cloudflare.com/ajax/libs/blockadblock/3.2.1/ 5 KB
2 KB 59ms
29ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/blockadblock/3.2.1/blockadblock.min.js

Requested by

Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df35392ebe2722ddcafc180639031db9a8ed65c3d5f5e94833fdb74435d1a77a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 16689066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1309
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8b-1289"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZm47c9hY2DBpf0D3S4923yKSZG%2FYLTfc%2FHvLqle0zXNrSU4OCo6V7U5iFfz8axkzq%2F2NuDaNZE%2FCK%2B%2BWAU2fsU%2Bdg%2FXBLu9TTtyovFE%2B8qkoxm%2B5rIe1PRol%2BhQz9Uz%2Bl2kNB%2BXPxR6753awKLwmVBr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f2c87d4ffea23f7-ZRH
expires: Sat, 18 Mar 2023 01:18:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 57ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Host: cpmlink.net
URL: https://cpmlink.net/assets/css/demo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4c0088d08089d4ecfd95333d9db3b56ac6a3b9af2374e083680b39391f7a75ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 00:29:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 28 Mar 2022 01:18:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Mar 2022 01:18:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 26 KB
1 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Requested by

Host: cpmlink.net
URL: https://cpmlink.net/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

53bff42130f5bff8f3a92e259f20357ad8b46271cb9daa75a9485d401aeaa77f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 00:11:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 28 Mar 2022 01:18:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Mar 2022 01:18:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
919 B 39ms
17ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,300,300italic,400italic,700,700italic,900,900italic

Requested by

Host: cpmlink.net
URL: https://cpmlink.net/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4fd8f2497f4eae64faeed51279a09d163f6de88341731cdf9a8494d7af5c191

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 27 Mar 2022 23:21:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 28 Mar 2022 01:18:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Mar 2022 01:18:13 GMT

GET
H3 200 pubads_impl_2022031601.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
124 KB 22ms
7ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 21:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126823
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 08:34:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Mar 2023 21:10:14 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 67 B
93 B 32ms
15ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cpmlink.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

6b5a08f5a9fb942b9c3c787aad423f3d2940e38f567646e6d7ceb1d12c87d493

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Mar 2022 01:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
expires: Mon, 28 Mar 2022 01:18:13 GMT

GET
H/1.1 403
Forbidden invoke.js
wednesdaynaked.com/9f4b4d55b7f52dcfc13d90affd83d44e/ 0
0 1088ms
106ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wednesdaynaked.com/9f4b4d55b7f52dcfc13d90affd83d44e/invoke.js
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://cpmlink.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 28 Mar 2022 01:18:14 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 33ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cpmlink.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 22:45:30 GMT
x-content-type-options: nosniff
age: 441163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Mar 2023 22:45:30 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/ 361 KB
143 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0315120b66d5141c4d2e381fb5b33602ac16ae8a11d3f9b53073c04ed1e2082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cpmlink.net/
Origin: https://cpmlink.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 15:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145570
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 04:03:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Mar 2023 15:34:13 GMT

GET
H2 200 icon.svg
supertruco.com/ 1 KB
821 B 353ms
330ms Image
image/svg+xml 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supertruco.com/icon.svg

Requested by

Host: tags.orquideassp.com
URL: https://tags.orquideassp.com/tag/7958

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6b54b9d51b8e7575fc6ac2e2bfd7826e021c3385b15f6e07581d58234219a3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 19 Mar 2021 14:39:52 GMT
server: nginx
etag: W/"6054b7b8-47c"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
date: Mon, 28 Mar 2022 01:18:14 GMT
x-ac: 2.hhn _atomic_ams
expires: Mon, 04 Apr 2022 01:18:14 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/ 297 KB
107 KB 47ms
33ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=cpmlink.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21994bdae3461f5becc2dea2235b90d1f2fcf5b6aab4a0124f01e10a0d190406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109448
x-xss-protection: 0
server: cafe
etag: 15985811394868545631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 01:18:14 GMT

GET
H2 200 164a143cd0f576d99fd84ef694aa137b.js Show response
scripts.cleverwebserver.com/ 134 KB
52 KB 65ms
26ms Script
application/javascript 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/164a143cd0f576d99fd84ef694aa137b.js
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f57881061b40bba374093d31f1b4ddce8a8ae2216ff4b39937df5a7bc9aa425

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 798
x-amz-request-id: FHKRTXW65WS4RE0G
x-amz-id-2: Shc5G0gqXw8QVzxlXac5/C9aCNI1SvB+69gmLStRGGtjaW6weh72YZnxYeO07GyIAfthB5LDo74=
last-modified: Thu, 17 Mar 2022 12:27:26 GMT
server: cloudflare
etag: W/"d471517cf270a66cb84bfdbd18780ec1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: o3kr5v.rHEM3uTAayM__WTfVVXYikLQK
cf-ray: 6f2c87dbe9e4cc3e-ZRH
expires: Mon, 28 Mar 2022 01:48:14 GMT

GET
H3 200 ut.js Show response
ahscdn.com/script/ 14 KB
5 KB 46ms
24ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ahscdn.com/script/ut.js?cb=1648430294343
Requested by: Host: ahscdn.com
URL: https://ahscdn.com/script/suv4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53eb084df0c47e777e1c2a42ceacaf83d5cd82e20ffb837ea602423a3cc6ad5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=kWfCMQ==, md5=OQrCqTd4+2SrnIZFEmjs4Q==
date: Mon, 28 Mar 2022 01:18:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3386
x-guploader-uploadid: ADPycduIIH4qu4NkyOXgNPmvabapcaRsZ1wF04G9pa8Btl6cxf3toKyo1_4FTpB0gVFFxg0ArPwkZYGxd5fTaqPWcIzMUq8V5g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 24 Mar 2022 17:34:34 GMT
server: cloudflare
etag: W/"390ac2a93778fb64ab9c86451268ece1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxfwHJM0aCgHkYeF%2FRxdo%2BRycVhtL7KnN7Skbn%2BpkrRnl%2FSZZ5dqu5DVFpS5fUSCRRru0%2BiqiPC3bgonf9NWy0RvVQ75avbg0vvxxpKp%2FIusPdppfzMtn0B%2BXYeFU5YBnXU5lomV%2FR%2FB"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648143274581139
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 14210
cf-ray: 6f2c87dbdf25f917-MXP
expires: Mon, 28 Mar 2022 00:25:00 GMT

GET
H3 200 u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v28/ 19 KB
19 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v28/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,300,300italic,400italic,700,700italic,900,900italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cpmlink.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 21:28:50 GMT
x-content-type-options: nosniff
age: 359364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19780
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:22:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 21:28:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4408
date: Mon, 28 Mar 2022 00:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 28 Mar 2022 02:04:46 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 64ms
10ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:16:16 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "-375139978"
x-cacheable: Matched cache
content-type: text/javascript
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 4364
x-request-id: 1016693391

GET
H2 200 suurl4.php Show response
youradexchange.com/script/ 940 B
879 B 237ms
214ms Fetch
application/json 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl4.php?r=4941071&cbur=0.35015732171449665&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=CPMlink&cbpage=https%3A%2F%2Fcpmlink.net%2FibdpAQ&cbref=&cbdescription=Earn%20money%20for%20each%20visitor%20to%20your%20shortened%20links%20with%20CPMlink!%20We%20pay%20for%20each%20visit%20to%20your%20short%20link.&cbkeywords=CPMlink%2C%20short%20links%2C%20link%20shortener%2C%20paid%20url%20shortener%2C%20make%20money%20online%2C%20short%20link%20and%20earn%20money&cbcdn=ahscdn.com&aggr=0&chmob=%3F0
Requested by: Host: ahscdn.com
URL: https://ahscdn.com/script/suv4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 9fdd307f1450478aac1f153ae0b5b51218dab647fc43b45c887a3a0fd74c5d3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 28 Mar 2022 01:18:14 GMT
content-encoding: gzip
server: openresty
alt-svc: clear
via: 1.1 google
content-type: application/json; charset=utf-8

GET
H3

200

/
cpmlink.net/
Redirect Chain

https://cpmlink.net/assets/audio/audio.mp3
https://cpmlink.net/

89 KB
89 KB

330ms
329ms

Media
text/html

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpmlink.net/
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: H3
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.31
Resource Hash: bc28fa44d52082885f05af08d731877df2a1b2d55bb57309315f1d650b2f896c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/ibdpAQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:18:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.31
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fl4Hbz7tetPYU%2BfLGm6XrbuVwtSpDZFPpBSqeX%2F4wLIIG%2BdDEpLEqbDuuWdTLmwjfz67rpEVbcLRQ7PgXzvtR0Rw6W9jzadg4Nxjdwk6iSCzTZUOp7OmlCIxYZTmmHIWKr1IKfuSW0Sr9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6f2c87dd7c1583a2-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:18:14 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.31
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQg0SmTz0mh%2Ba3pnfLMB3kDTPSNVpT7EfguM%2Fy73vneqGC3P96pGQzDAtwt%2BMcdKspEDyYIDcU6xMhgEGqDEiVMPP62FvTKz%2FBPoRJFuGC5oLolURZZF2utmgA4lNl2T7Fs0k2Bb3oTYGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://cpmlink.net
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6f2c87dbfb0f83a2-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame FB34 43 KB
22 KB 42ms
25ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhFikTAAAAAIJLhTUiRYGN3ePz22rWeWF6wGbC&co=aHR0cHM6Ly9jcG1saW5rLm5ldDo0NDM.&hl=de&type=image&v=2uoiJ4hP3NUoP9v_eBNfU6CR&theme=light&size=normal&cb=7dk3em53gpxv

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4c98631fccebef2e3c9ba5199db85a52d68e67ccc8eef4090549a732593f077e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GVT/1Jf+7FnkhGOMNNCsiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Mar 2022 01:18:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-GVT/1Jf+7FnkhGOMNNCsiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22729
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=327551295&t=pageview&_s=1&dl=https%3A%2F%2Fcpmlink.net%2FibdpAQ&ul=en-us&de=UTF-8&dt=CPMlink&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=976794178&gjid=1926564790&cid=145724780.1648430294&tid=UA-92969876-1&_gid=78728548.1648430294&_r=1&_slc=1&z=942568760

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cpmlink.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:18:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cpmlink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ui.cleverwebserver.com/ 144 B
186 B 149ms
140ms Script
application/javascript 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a04c3c81c8b05420df27b941867dcc36a76df5ad2e7dc7caacada17c645fe5eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6f2c87dc5a0dcc3e-ZRH
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
415 B 15ms
14ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=cpmlink.net&callback=_gfp_s_&client=ca-pub-7913044002918072

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7913044002918072&plah=cpmlink.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

890659fab7bd61f32cc5587af93c2ba5c455bb2173c573cb4d007f342d8f1b13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 36ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cpmlink.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Mar 2022 01:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 43ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cpmlink.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Mar 2022 01:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EE68 75 KB
26 KB 247ms
225ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.cpmlink.net&adk=3789060284&adf=906611538&pi=t.ma~as.www.cpmlink.net&w=300&lmt=1648430294&url=https%3A%2F%2Fcpmlink.net%2FibdpAQ&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648430294331&bpp=9&bdt=1209&idt=113&shv=r20220323&mjsv=m202203210101&ptt=5&saldr=sa&abxe=1&correlator=5177021731116&frm=20&pv=2&ga_vid=145724780.1648430294&ga_sid=1648430294&ga_hid=327551295&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=357&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31061690%2C31063246&oid=2&pvsid=273647848453026&pem=155&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=8tB56kbLrz&p=https%3A//cpmlink.net&dtd=127

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88a7ddaff0592f22bce404487de8e4f604bf0008a27f2551954cbf1c0d70f227

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 28 Mar 2022 01:18:14 GMT
server: cafe
content-length: 26639
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Mar 2022 01:18:14 GMT
cache-control: private

GET
H2 200 next.php Show response
www.predictivdisplay.com/jump/ Frame 7A93 7 KB
3 KB 152ms
118ms Document
text/html 35.190.50.89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.predictivdisplay.com/jump/next.php?r=3018531&sub1=4941051
Requested by: Host: www.onclickperformance.com
URL: https://www.onclickperformance.com/a/display.php?r=4941051
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.50.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 89.50.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: f09c8f40b8d48c09ade411f727d0d68f2c01e22f3c2c575ba834f013adf77821

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/

Response headers

server: openresty
date: Mon, 28 Mar 2022 01:18:14 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EBC3 54 KB
23 KB 213ms
213ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.cpmlink.net_footer_728x90&adk=2044655284&adf=1739877337&pi=t.ma~as.www.cpmlink.net_foo_&w=728&lmt=1648430294&url=https%3A%2F%2Fcpmlink.net%2FibdpAQ&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648430294344&bpp=2&bdt=1221&idt=136&shv=r20220323&mjsv=m202203210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.cpmlink.net&correlator=5177021731116&frm=20&pv=1&ga_vid=145724780.1648430294&ga_sid=1648430294&ga_hid=327551295&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31061690%2C31063246&oid=2&pvsid=273647848453026&pem=155&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NuuahjUWwN&p=https%3A//cpmlink.net&dtd=139

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ed36cc050fda42823ee78b2d8e6bbbdcf41061752de473edb3fb1e63ca33208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 28 Mar 2022 01:18:14 GMT
server: cafe
content-length: 23270
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Mar 2022 01:18:14 GMT
cache-control: private

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/ Frame FB34 51 KB
24 KB 21ms
7ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhFikTAAAAAIJLhTUiRYGN3ePz22rWeWF6wGbC&co=aHR0cHM6Ly9jcG1saW5rLm5ldDo0NDM.&hl=de&type=image&v=2uoiJ4hP3NUoP9v_eBNfU6CR&theme=light&size=normal&cb=7dk3em53gpxv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 20:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 04:03:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Mar 2023 20:06:46 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/ Frame FB34 361 KB
142 KB 25ms
11ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0315120b66d5141c4d2e381fb5b33602ac16ae8a11d3f9b53073c04ed1e2082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 15:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145570
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 04:03:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Mar 2023 15:34:13 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
186 B 297ms
96ms Script
text/html 192.99.0.58
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?3254176&@f16&@g1&@h1&@i1&@j1648430294487&@k0&@l1&@mCPMlink&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:178850943&@b3:1648430294&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcpmlink.net%2FibdpAQ&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.0.58 Brossard, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns500326.ip-192-99-0.net
Software: /
Resource Hash: 21abf00181b2fcc67a010984c3a99ca69283ed0c2af25a1b7bffed987678b9e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 01:18:14 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame FB34 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FB34 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame FB34 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 279485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 31 Mar 2022 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FB34 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 482409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 11:18:05 GMT

GET
H2

200

/ Show response
lp.cleverwebserver.com/betano/de/sports/grp1/ Frame B799
Redirect Chain

https://sender.clevernt.com/transporter/55001.php?ppuc=1&ppu=0&id=558043&ref=aHR0cHM6Ly9jcG1saW5rLm5ldC9pYmRwQVE%3D&ruri=&r=216923692&tok=33419711310201791433&cmpId=&iv=-1&ctr=DE&sz=1200&landing=1&...
https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=558043&group=55001&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUF...

1 KB
691 B

141ms
131ms

Document
text/html

2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=558043&group=55001&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUFVWk5NQlNCQUFERQ%3D%3D&ref=aHR0cHM6Ly9jcG1saW5rLm5ldC9pYmRwQVE%3D&r=216923692
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdd535b6939d9a84113242bb3d0515623544b6576541613d3e6130583f8af149

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

date: Mon, 28 Mar 2022 01:18:14 GMT
content-type: text/html
x-amz-id-2: GbuYm4BZeNOFJ4k8pgRFXDwQ8nYqAUgVGSIgP2CPdV63zaZT8ZzTX1AYtUr+UJ2Vayy1VuV9bcQ=
x-amz-request-id: FMCK4RK3JF7YSTCC
last-modified: Fri, 25 Mar 2022 14:47:36 GMT
cf-cache-status: MISS
expires: Mon, 28 Mar 2022 01:48:14 GMT
cache-control: public, max-age=1800
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6f2c87dedb16cc3e-ZRH
content-encoding: br

Redirect headers

server: nginx
date: Mon, 28 Mar 2022 01:18:14 GMT
content-type: text/html; charset=UTF-8
location: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=558043&group=55001&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUFVWk5NQlNCQUFERQ%3D%3D&ref=aHR0cHM6Ly9jcG1saW5rLm5ldC9pYmRwQVE%3D&r=216923692
expires: Fri, 27 Jun 1986 23:00:00 GMT
last-modified: Mon, 28 Mar 2022 01:18:14 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma: no-cache

GET
DATA 200
OK truncated
/ 655 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame FB34 102 B
134 B 16ms
16ms Other
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR

Requested by

Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b3802ba95862b1fad8da321f4079cbc476e5ddc09a7138d1244c61100111af8f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhFikTAAAAAIJLhTUiRYGN3ePz22rWeWF6wGbC&co=aHR0cHM6Ly9jcG1saW5rLm5ldDo0NDM.&hl=de&type=image&v=2uoiJ4hP3NUoP9v_eBNfU6CR&theme=light&size=normal&cb=7dk3em53gpxv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 28 Mar 2022 01:18:14 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame C971 7 KB
1 KB 18ms
18ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&k=6LdhFikTAAAAAIJLhTUiRYGN3ePz22rWeWF6wGbC

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ff18ae76c54e7c269e0df3b8332ba00667620f0d1a71ae1a7babdde902751b45

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Z7Ai9tVR9ldeBwY0LpzAQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Mar 2022 01:18:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-Z7Ai9tVR9ldeBwY0LpzAQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1110
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 10805168888862468839
tpc.googlesyndication.com/daca_images/simgad/ Frame EBC3 21 KB
21 KB 43ms
19ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10805168888862468839

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.cpmlink.net_footer_728x90&adk=2044655284&adf=1739877337&pi=t.ma~as.www.cpmlink.net_foo_&w=728&lmt=1648430294&url=https%3A%2F%2Fcpmlink.net%2FibdpAQ&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648430294344&bpp=2&bdt=1221&idt=136&shv=r20220323&mjsv=m202203210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.cpmlink.net&correlator=5177021731116&frm=20&pv=1&ga_vid=145724780.1648430294&ga_sid=1648430294&ga_hid=327551295&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31061690%2C31063246&oid=2&pvsid=273647848453026&pem=155&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NuuahjUWwN&p=https%3A//cpmlink.net&dtd=139

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a55efe06ccb280d0d51cb2b350e379a40719767f5e85ad83199b5b25e05bdbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 19:43:43 GMT
x-content-type-options: nosniff
age: 279271
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21096
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 23:10:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 24 Mar 2023 19:43:43 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/ Frame EBC3 19 KB
8 KB 34ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 703
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 01:06:31 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame EBC3 2 KB
1 KB 32ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 01:11:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EBC3 119 KB
36 KB 48ms
47ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Mar 2022 01:18:14 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame EBC3 15 KB
6 KB 32ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 00:56:55 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame EBC3 29 KB
12 KB 32ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43985c8a7cfe580f5db631b6d44481f110c3707cd867a9a15d2921e50e6ddefc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 17:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11994
x-xss-protection: 0
server: cafe
etag: 918700774366637679
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 17:42:19 GMT

GET
H3 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame EE68 9 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.cpmlink.net&adk=3789060284&adf=906611538&pi=t.ma~as.www.cpmlink.net&w=300&lmt=1648430294&url=https%3A%2F%2Fcpmlink.net%2FibdpAQ&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648430294331&bpp=9&bdt=1209&idt=113&shv=r20220323&mjsv=m202203210101&ptt=5&saldr=sa&abxe=1&correlator=5177021731116&frm=20&pv=2&ga_vid=145724780.1648430294&ga_sid=1648430294&ga_hid=327551295&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=357&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31061690%2C31063246&oid=2&pvsid=273647848453026&pem=155&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=8tB56kbLrz&p=https%3A//cpmlink.net&dtd=127

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 11:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 02:46:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 24 Jun 2022 11:21:33 GMT

GET
H3 200 d153763d065fc486a30a5318c8635961.js Show response
www.gstatic.com/mysidia/ Frame EE68 8 KB
4 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d153763d065fc486a30a5318c8635961.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae3a15a3e9733515bb33d29c4820b33c0bcaf30a522fd034ea68d104939901d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 11:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3697
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 03:00:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 24 Jun 2022 11:21:33 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EE68 8 KB
892 B 33ms
18ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 00:46:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 28 Mar 2022 01:18:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Mar 2022 01:18:14 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame EE68 2 KB
984 B 22ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:54:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1424
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 00:54:30 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/ Frame EE68 19 KB
8 KB 28ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 703
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 01:06:31 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame EE68 2 KB
1 KB 31ms
27ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 01:11:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE68 119 KB
36 KB 25ms
24ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Mar 2022 01:18:14 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame EE68 15 KB
6 KB 28ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 00:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 00:56:55 GMT

GET
H3 200 c5c2d0ec538305d3144caccb9e9ba20c.js Show response
www.gstatic.com/mysidia/ Frame EE68 28 KB
12 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5c2d0ec538305d3144caccb9e9ba20c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56b292bab6c777111694aa0bffda487c3108b1e83091ea8471e316272f9d1aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 11:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11812
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 03:00:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 24 Jun 2022 11:21:33 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/ Frame C971 51 KB
24 KB 10ms
9ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&k=6LdhFikTAAAAAIJLhTUiRYGN3ePz22rWeWF6wGbC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 20:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 04:03:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Mar 2023 20:06:46 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/ Frame C971 361 KB
142 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&k=6LdhFikTAAAAAIJLhTUiRYGN3ePz22rWeWF6wGbC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0315120b66d5141c4d2e381fb5b33602ac16ae8a11d3f9b53073c04ed1e2082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 15:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145570
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 04:03:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Mar 2023 15:34:13 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FCEE 143 B
163 B 21ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.cpmlink.net&adk=3789060284&adf=906611538&pi=t.ma~as.www.cpmlink.net&w=300&lmt=1648430294&url=https%3A%2F%2Fcpmlink.net%2FibdpAQ&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648430294331&bpp=9&bdt=1209&idt=113&shv=r20220323&mjsv=m202203210101&ptt=5&saldr=sa&abxe=1&correlator=5177021731116&frm=20&pv=2&ga_vid=145724780.1648430294&ga_sid=1648430294&ga_hid=327551295&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=357&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31061690%2C31063246&oid=2&pvsid=273647848453026&pem=155&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=8tB56kbLrz&p=https%3A//cpmlink.net&dtd=127

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Mon, 28 Mar 2022 01:05:31 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 763
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6706 143 B
163 B 10ms
8ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.cpmlink.net_footer_728x90&adk=2044655284&adf=1739877337&pi=t.ma~as.www.cpmlink.net_foo_&w=728&lmt=1648430294&url=https%3A%2F%2Fcpmlink.net%2FibdpAQ&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648430294344&bpp=2&bdt=1221&idt=136&shv=r20220323&mjsv=m202203210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.cpmlink.net&correlator=5177021731116&frm=20&pv=1&ga_vid=145724780.1648430294&ga_sid=1648430294&ga_hid=327551295&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31061690%2C31063246&oid=2&pvsid=273647848453026&pem=155&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NuuahjUWwN&p=https%3A//cpmlink.net&dtd=139

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Mon, 28 Mar 2022 01:05:31 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 763
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame EE68 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d072b49392e00fc29ea6b984b27d9677c4222a93768777cf28c1366dee0802a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame EE68 28 KB
28 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 22:47:37 GMT
x-content-type-options: nosniff
age: 441037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Mar 2023 22:47:37 GMT

GET
DATA 200
OK truncated
/ Frame EBC3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 890811e9ee3d56cf846c56afff699460bca016a587f1f35add524260a19c0227

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FCEE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

23ms
23ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Mar 2022 01:18:14 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Mar 2022 01:18:14 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Mar 2022 01:18:14 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6706
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

25ms
25ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Mar 2022 01:18:14 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Mar 2022 01:18:14 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Mar 2022 01:18:14 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js Show response
pagead2.googlesyndication.com/bg/ Frame A86C 35 KB
13 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 21:10:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13638
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Mar 2023 21:10:24 GMT

GET
H3 200 njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js Show response
pagead2.googlesyndication.com/bg/ Frame EBCE 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 21:10:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13638
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Mar 2023 21:10:24 GMT

GET
H2 200 style.css
lp.cleverwebserver.com/betano/de/sports/grp1/ Frame B799 10 KB
1 KB 36ms
35ms Stylesheet
text/css 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/style.css?v=3
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=558043&group=55001&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUFVWk5NQlNCQUFERQ%3D%3D&ref=aHR0cHM6Ly9jcG1saW5rLm5ldC9pYmRwQVE%3D&r=216923692
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e16cf57d5864a0923be893617f104cda5486ea3b4eb1f8a1d402a9debd74eb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=558043&group=55001&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUFVWk5NQlNCQUFERQ%3D%3D&ref=aHR0cHM6Ly9jcG1saW5rLm5ldC9pYmRwQVE%3D&r=216923692
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:15 GMT
content-encoding: br
cf-cache-status: HIT
age: 1742
cf-polished: origSize=10303
last-modified: Wed, 23 Mar 2022 17:25:31 GMT
x-amz-request-id: 1Y5ZD758P053NKGK
x-amz-id-2: xcF5jiMhyo0tuiTrYtA4tjDiPsaBtp2aaVJTRSaIxpdmWlqyF2kHPpPanp7b16BfX+09UJwqDmM=
cf-bgj: minify
server: cloudflare
etag: W/"073bb6043f3339ac3a807ec409b6e0af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1800
cf-ray: 6f2c87dffb98cc3e-ZRH
expires: Mon, 28 Mar 2022 01:48:15 GMT

GET
H2 200 anzeige.svg
lp.cleverwebserver.com/betano/de/sports/grp1/imgs/ Frame B799 1 KB
918 B 35ms
35ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/imgs/anzeige.svg?v=3
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=558043&group=55001&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUFVWk5NQlNCQUFERQ%3D%3D&ref=aHR0cHM6Ly9jcG1saW5rLm5ldC9pYmRwQVE%3D&r=216923692
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98af5e2d044165db4fe04e7a288c125ad78d50bd9e212ca6e520e5a55140e869

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=558043&group=55001&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUFVWk5NQlNCQUFERQ%3D%3D&ref=aHR0cHM6Ly9jcG1saW5rLm5ldC9pYmRwQVE%3D&r=216923692
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 25 Mar 2022 14:46:43 GMT
server: cloudflare
age: 1742
etag: W/"3e9d1a10a1056de77db1bab72b55ef1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6f2c87dffb99cc3e-ZRH
x-amz-request-id: 0GC0T395DCSXBZ83
x-amz-id-2: 8SXvXp4YHUsTk6wvaTGBwj8DW2JgMn3PoC6HXuztd8t9f4tLDec2mKRoF/vfgIH5TwXXGjt8toQ=
expires: Mon, 28 Mar 2022 01:48:15 GMT

GET
H2 200 copy.svg
lp.cleverwebserver.com/betano/de/sports/grp1/imgs/ Frame B799 59 KB
28 KB 34ms
34ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/imgs/copy.svg?v=3
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=558043&group=55001&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUFVWk5NQlNCQUFERQ%3D%3D&ref=aHR0cHM6Ly9jcG1saW5rLm5ldC9pYmRwQVE%3D&r=216923692
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 633b156edd6a32c425a6208ab23dd393267ba2ee301308afe7c64aca4d4dc223

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=558043&group=55001&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUFVWk5NQlNCQUFERQ%3D%3D&ref=aHR0cHM6Ly9jcG1saW5rLm5ldC9pYmRwQVE%3D&r=216923692
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Mar 2022 10:14:42 GMT
server: cloudflare
age: 1742
etag: W/"7f803ad83ee753fad0274978d34e95d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6f2c87dffb9acc3e-ZRH
x-amz-request-id: B7VT5N4ENHV8EKJ7
x-amz-id-2: FU367KzzU03VHjba0Y4y6Fg99eQkdHaa0O+oVOrGii6cEoqLMvnYIi/iRyFg4DGk8+hAc0Dh/Cc=
expires: Mon, 28 Mar 2022 01:48:15 GMT

GET
H2 200 copy-push.svg
lp.cleverwebserver.com/betano/de/sports/grp1/imgs/ Frame B799 59 KB
28 KB 35ms
34ms Image
image/svg+xml 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/imgs/copy-push.svg?v=3
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=558043&group=55001&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUFVWk5NQlNCQUFERQ%3D%3D&ref=aHR0cHM6Ly9jcG1saW5rLm5ldC9pYmRwQVE%3D&r=216923692
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d63715c3e74f56f56f02445733f7d1e1ba3332d37d4e2cb0cfac2b14ef85dc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=558043&group=55001&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUFVWk5NQlNCQUFERQ%3D%3D&ref=aHR0cHM6Ly9jcG1saW5rLm5ldC9pYmRwQVE%3D&r=216923692
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 23 Mar 2022 10:51:45 GMT
server: cloudflare
age: 1742
etag: W/"ce447a43d49084fb0a8eb2d04e2cec1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1800
cf-ray: 6f2c87dffb9bcc3e-ZRH
x-amz-request-id: R0ZQ9WTRMEPCE6Z0
x-amz-id-2: ExEEy/v9RGr1ynBZ3ql6N1tA0orHzYTrVekXm7LYolwGOhZNWRlKCpxdXuF2+hNEj5HcS3K4Xgw=
expires: Mon, 28 Mar 2022 01:48:15 GMT

GET
H2 200 rocket-loader.min.js Show response
lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame B799 12 KB
4 KB 32ms
32ms Script
application/javascript 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=558043&group=55001&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUFVWk5NQlNCQUFERQ%3D%3D&ref=aHR0cHM6Ly9jcG1saW5rLm5ldC9pYmRwQVE%3D&r=216923692

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=558043&group=55001&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUFVWk5NQlNCQUFERQ%3D%3D&ref=aHR0cHM6Ly9jcG1saW5rLm5ldC9pYmRwQVE%3D&r=216923692
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Mar 2022 11:29:35 GMT
server: cloudflare
etag: W/"623c561f-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6f2c87dffb9ccc3e-ZRH
vary: Accept-Encoding
expires: Wed, 30 Mar 2022 01:18:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B799 8 KB
728 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/style.css?v=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca6306b9a7596779af02f9b097a9bd36837022f84f1e95c5b2f790c8e1c02fa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 00:03:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 28 Mar 2022 01:18:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Mar 2022 01:18:15 GMT

GET
H2 200 clever-core-other.js Show response
lp.cleverwebserver.com/ Frame B799 1 KB
805 B 25ms
25ms Script
application/javascript 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/clever-core-other.js
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5755144f0dce959dc794da1dfdc2acaebcf06d9b48532cb75dc972c33600f26d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/grp1/?id=558043&group=55001&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTFiXzkwNGNfJmFmZmlkPTQzMSZzaXRlaWQ9MTE1MSZhZGlkPTkwNCZjPVlTQUFVWk5NQlNCQUFERQ%3D%3D&ref=aHR0cHM6Ly9jcG1saW5rLm5ldC9pYmRwQVE%3D&r=216923692
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:15 GMT
content-encoding: br
cf-cache-status: HIT
age: 1741
cf-polished: origSize=1782
last-modified: Fri, 25 Mar 2022 14:47:44 GMT
x-amz-request-id: S43PDKHH2MN0QTB5
x-amz-id-2: eDzz6g1vCIfrUdnvaa86iQOygZR8Vg76t4rl4rnzMCVidLF6xZVPk60NQvJJjTQ3lW7oLoB7HA0=
cf-bgj: minify
server: cloudflare
etag: W/"471cfd4668aa76384941e518bd3e63f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 6f2c87e04bb7cc3e-ZRH
expires: Mon, 28 Mar 2022 01:48:15 GMT

GET
H2 200 bg-pushdown.jpg
lp.cleverwebserver.com/betano/de/sports/grp1/imgs/ Frame B799 239 KB
239 KB 208ms
207ms Image
image/jpeg 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/imgs/bg-pushdown.jpg?v=3
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/grp1/style.css?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85b6f001821921aef112727f061dfb6d9844418c53997d9fb500bcc2bf96bf4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/grp1/style.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:15 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 25 Mar 2022 14:46:43 GMT
server: cloudflare
x-amz-request-id: MRCVF49FJABV6MPF
etag: "8df38c6720c708f82ea587c0a1dd83bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 6f2c87e05bc2cc3e-ZRH
content-length: 244492
x-amz-id-2: QfcqAKUejr9Qx0EM9cMFnOnXZUkTPwpuo2mhNYpx8OzJPGr5amUb4Di+hg6jXgbSrG2RYpBYbmo=
expires: Mon, 28 Mar 2022 01:48:15 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ Frame B799 44 KB
44 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp.cleverwebserver.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 22:45:30 GMT
x-content-type-options: nosniff
age: 441165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Mar 2023 22:45:30 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
53 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4cb053703a422eada007ba9fb708e56e93baecd907ca9b2251f18964e5dc076

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54044
x-xss-protection: 0
server: cafe
etag: 8672492402704170095
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 01:18:15 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 37ms
22ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220323&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b789a18c9696016914432634226bbedfdb4827dcbdede56dde11b1960aa42bb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Mar 2022 01:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10689
x-xss-protection: 0

GET
H2

200

Betano-DE.aspx Show response
www.betano.de/promos/de/ Frame FDDA
Redirect Chain

https://gml-grp.com/C.ashx?btag=a_1151b_904c_&affid=431&siteid=1151&adid=904&c=YSAAUZNMBSBAADE
https://gml-grp.com/C.ashx?btag=a_1151b_904c_&affid=431&siteid=1151&adid=904&c=YSAAUZNMBSBAADE&AutoR=1
https://www.betano.de/promos/de/Betano-DE.aspx?btag=a_1151b_904c_YSAAUZNMBSBAADE&utm_medium=431&utm_source=1&siteid=1151
https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151

3 KB
2 KB

142ms
142ms

Document
text/html

2606:4700::6812:420
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/clever-core-other.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:420 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1321b76c5325f70b5bfebec861d984c7e2c0a978064bb64ab696e2f432f0239e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/

Response headers

date: Mon, 28 Mar 2022 01:18:15 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-farm: ce3
age: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6f2c87e2ab0bcc42-ZRH
content-encoding: gzip

Redirect headers

date: Mon, 28 Mar 2022 01:18:15 GMT
content-type: text/html; charset=utf-8
location: /promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151
x-farm: ce3
x-cacheable-status: 302
age: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6f2c87e1fad0cc42-ZRH

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 182ms
164ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Mar 2022 01:18:15 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220323/r20190131/ Frame B8C5 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220323/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sun, 27 Mar 2022 14:24:06 GMT
expires: Sun, 10 Apr 2022 14:24:06 GMT
cache-control: public, max-age=1209600
age: 39249
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cpmlink.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Mar 2022 01:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 33ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cpmlink.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Mar 2022 01:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8B62 0
16 B 16ms
15ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&adk=1812271804&adf=3025194257&lmt=1648430295&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcpmlink.net%2FibdpAQ&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648430295159&bpp=1&bdt=2036&idt=1&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5843d1b921f90bd6-22ce7ccf66cd0003%3AT%3D1648430294%3ART%3D1648430294%3AS%3DALNI_MaIihVp1pf9xAs2wQOB-M5Sv6NpPw&prev_slotnames=www.cpmlink.net%2Cwww.cpmlink.net_footer_728x90&nras=1&correlator=5177021731116&frm=20&pv=1&ga_vid=145724780.1648430294&ga_sid=1648430294&ga_hid=327551295&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31061690%2C31063246&oid=2&psts=AGkb-H8tm-ZUsHhSGSaZBo2RwVcaNKWB-6nuZpZNZxO4TuNGQ-kr9aZB_eAWI0Im70UDZBDPWdC5LQjsGAUe%2CAGkb-H-Ysz-NsSV92_BSStWL1TvH_oXLCmh2pjoQuvTRyUVPAAxEHZ2qv2nSahA-sIjzJX4orqZKiudOPAi5LAM&pvsid=273647848453026&pem=155&tmod=1628534417&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=17

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Mar 2022 01:18:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DC7E 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Mar 2022 21:19:18 GMT
expires: Mon, 27 Mar 2023 21:19:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 14337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D0D1 783 B
535 B 17ms
17ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c492ae11247e26526fa786bb6d6a1c6197dc332562d7f2ed0ff889df5870e7ec

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8Ix0feCVKGn9d1zu871lmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 28 Mar 2022 01:18:15 GMT
date: Mon, 28 Mar 2022 01:18:15 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-8Ix0feCVKGn9d1zu871lmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js Show response
pagead2.googlesyndication.com/bg/ Frame DC7E 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 21:10:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13638
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Mar 2023 21:10:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D0D1 0
0 44ms
44ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220323&jk=273647848453026&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DC7E 0
9 B 19ms
18ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HFxfaQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 css
fonts.googleapis.com/ Frame FDDA 8 KB
714 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700,900&subset=cyrillic,greek

Requested by

Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

348911bf910507c101d13d5c936cd42532b3c87a95bf4b21e3e5525750405cc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 00:57:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 28 Mar 2022 01:18:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Mar 2022 01:18:15 GMT

GET
H2 200 source-3.css
cov.gmlinteractive.com/static-files/CMS-ability/gamblingmaltalimited/promos/css/ Frame FDDA 4 KB
2 KB 144ms
19ms Stylesheet
text/css 2606:4700::6813:b210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cov.gmlinteractive.com/static-files/CMS-ability/gamblingmaltalimited/promos/css/source-3.css
Requested by: Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b210 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 93bb95317e12ca9cf61aa61f81da51b63b3e917c0b1de904ac43d2f068fabde6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 21 Jan 2018 08:07:54 GMT
server: cloudflare
age: 4273
x-powered-by: ASP.NET
etag: W/"06964f08e92d31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-farm: 15
cf-ray: 6f2c87e45cc401db-ZRH

GET
H2 200 logo-de.svg
cdn.gmlinteractive.com/static-files/promos/ Frame FDDA 18 KB
5 KB 126ms
20ms Image
image/svg+xml 2606:4700::6813:b110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gmlinteractive.com/static-files/promos/logo-de.svg
Requested by: Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1353d3cfd641b4848f94b3bd3c3f936536718e2f53c91095d5f3cb9793e3354e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 Mar 2021 12:32:44 GMT
server: cloudflare
age: 4272
x-powered-by: ASP.NET
etag: W/"03e13a4bb11d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-farm: 15
cf-ray: 6f2c87e45c4801fc-ZRH

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame FDDA 291 KB
86 KB 39ms
16ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Requested by

Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d90ca7e0e80c969ddcf2775018239d0512c879907dbe02a92b6493db8fc8923

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87286
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 28 Mar 2022 01:18:15 GMT

GET
H2 200 Bet-DE_oth_LP_SupernovacyRedesign_1920x1920_a.jpg
cdn.gmlinteractive.com/static-files/promos/ Frame FDDA 348 KB
349 KB 21ms
20ms Image
image/jpeg 2606:4700::6813:b110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gmlinteractive.com/static-files/promos/Bet-DE_oth_LP_SupernovacyRedesign_1920x1920_a.jpg
Requested by: Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6ab9b1de77d5277beab55670ecc9c5bc06d20996eb5772534f9a974726115895

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:15 GMT
cf-cache-status: HIT
age: 4263
x-powered-by: ASP.NET
content-length: 356653
last-modified: Wed, 03 Mar 2021 12:36:36 GMT
server: cloudflare
etag: "02288d92910d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-farm: 15
cf-polished: origSize=384992, status=webp_bigger
accept-ranges: bytes
cf-ray: 6f2c87e48c5a01fc-ZRH
cf-bgj: imgq:100,h2pri

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame FDDA 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,900&subset=cyrillic,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.betano.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 12:42:18 GMT
x-content-type-options: nosniff
age: 131757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15724
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 26 Mar 2023 12:42:18 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame FDDA 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,900&subset=cyrillic,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.betano.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 454706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 18:59:49 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame FDDA 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,900&subset=cyrillic,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.betano.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 450620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 20:07:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame FDDA 15 KB
15 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,900&subset=cyrillic,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.betano.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:22:37 GMT
x-content-type-options: nosniff
age: 395738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 11:22:37 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame FDDA 173 KB
64 KB 30ms
15ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W0C280Z7PP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

903605618fe24760dca884c34ce733fa71703d435e61f890740c8387ac98bc32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:15 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65058
x-xss-protection: 0
expires: Mon, 28 Mar 2022 01:18:15 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame FDDA 39 KB
15 KB 43ms
21ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

00359d552170386e0f9dc362a2a48ad8da908f6263810b28eb26348073b70bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14884
x-xss-protection: 0
server: cafe
etag: 4198181851688197673
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 28 Mar 2022 01:18:15 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame FDDA 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4409
date: Mon, 28 Mar 2022 00:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 28 Mar 2022 02:04:46 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame FDDA 17 KB
7 KB 36ms
19ms Script
application/javascript 143.204.202.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-245.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: f2f087eac841d5433c3c3fa9ea481b474ff8370b9d9eec1ace18f0300a76ffd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:15 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 6336
via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-id: zOfCe4BBU9FfoUDYdRVuZGyjyvajTMsx3Pd7Ja_bLJuWiTm2tioSMw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame FDDA 99 KB
27 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: hZRwBw7n13miA7q0D3umHvih5bHQmlUq27VgzdNg20/JeIZlXbD8vC8ws1K84GUZc3Eemfd+JcKuHC/JqPsRsg==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 28 Mar 2022 01:18:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 universalTag Show response
ssl.connextra.com/ Frame 6510 1 KB
2 KB 129ms
86ms Document
text/html 184.30.210.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/universalTag?client=Betano&id=178083&page=homepage
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.210.29 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-210-29.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6796347051cd95fb559d199abf2462a4ade0cbb2d2bc94664bc590ac7b531b86

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/

Response headers

x-served-by: vlp-cxtadsrv03.connextra.net
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
content-length: 1165
expires: Mon, 28 Mar 2022 01:18:15 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 28 Mar 2022 01:18:15 GMT

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame FDDA 81 KB
29 KB 100ms
19ms Script
application/x-javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:15 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 14:10:54 GMT
server: nginx
etag: W/"61f1566e-14282"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 bat.js Show response
bat.bing.com/ Frame FDDA 38 KB
12 KB 60ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 99E6279029F2485DA6BCBF43D38E13D3 Ref B: FRAEDGE1515 Ref C: 2022-03-28T01:18:15Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Mon, 28 Mar 2022 01:18:15 GMT
accept-ranges: bytes
content-length: 11347

GET
H2 200 mgsensor.js Show response
a.mgid.com/ Frame FDDA 15 KB
6 KB 133ms
105ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1648430295852
Requested by: Host: cpmlink.net
URL: https://cpmlink.net/ibdpAQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8098c6938d10947bf06e59e59b684daf1ef70c1e520bd7e6d4d85e28ee94f00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:18:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: b08ebe0b-5d85-4eb5-ada4-e90b53008743
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6f2c87e5495291fc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EBC3 0
0 22ms
22ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3Ye61gxBYqzXHoKWrASgtY-YDtmPho5piKWUk74P79fz_QgQASCn8cd8YJXikIKgB6AB05DqxgPIAQKoAwGqBM4BT9AvamRaM8MxyIVgUN2Ad5j3a5ix40yKKNVDXfwaVVMmg433p91JEwwQockVnBLWgiDvi9wyVc0AKmiKXD66oTAWqdv-0oOug4dLCv3FiV6KSIqDj4VsjbnU-d7L8jQcdV6qsI4Oj39k7o1RX5m3fMxa8QVsp00zAAkEj02edg4gdMvIoeLcOnUsFEOrbgzUx1UzeRX2YTCZBYLKYXs6Ep_rBl7XhNOeTYu-lcAx1EGc4RE6MQ7Y3JcYWFoifawWqiVhRDBtan1SvuLItrfABKLv87fjA6AGAoAHle-VOagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tODI5NjU5MjcwNzM3NjMwMLEJ_v1wi7oH0JWACgOYCwHICwG4DAHYEwPQFQGYFgH4FgGAFwE&sigh=ndE2C0SXZGU&vt=1&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.cpmlink.net_footer_728x90&adk=2044655284&adf=1739877337&pi=t.ma~as.www.cpmlink.net_foo_&w=728&lmt=1648430294&url=https%3A%2F%2Fcpmlink.net%2FibdpAQ&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648430294344&bpp=2&bdt=1221&idt=136&shv=r20220323&mjsv=m202203210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.cpmlink.net&correlator=5177021731116&frm=20&pv=1&ga_vid=145724780.1648430294&ga_sid=1648430294&ga_hid=327551295&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=622&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31061690%2C31063246&oid=2&pvsid=273647848453026&pem=155&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NuuahjUWwN&p=https%3A//cpmlink.net&dtd=139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 28 Mar 2022 01:18:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EBC3 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuOYuNnjFDuJotKGGCh1zykmoyItP_BdPkewHhhLd3q3eE6tsugvLeb_HQCiOXbUY9EgpNByd1BN0I7IQfSn9FOTCdmlFoARRdb2gtYFx52KZby_71MIw&sai=AMfl-YTvk0KNC6I8gzT6KKZbBf3akh7GCnxqVAfvwRvfba_gwfvv5BXBFvr9Wa-EuLz96b0YkgFlbu_B7tLZ&sig=Cg0ArKJSzEOQd0ROjsLxEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2044655284&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&pay=1&rst=1648430294484&rpt=365&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:18:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ Frame FDDA 2 KB
884 B 7ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 948
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 28 Mar 2022 02:02:27 GMT

GET
H3 200 234568464078651 Show response
connect.facebook.net/signals/config/ Frame FDDA 308 KB
87 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/234568464078651?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

419f22ca8b4ac394784ee3087852e76e846787885e186b04e1e8822936a447e0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89531
x-xss-protection: 0
pragma: public
x-fb-debug: FrtcT7l7R0Pstg7wgGt3VS1QW3GlrJWPog3gaaeSFoATXKcy4XzZ7TqDMzszymapPsBFOT+ERCWVSutgWX3dEA==
x-frame-options: DENY
date: Mon, 28 Mar 2022 01:18:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EE68 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCIEgsnUt7ctV6DB2BEWj1FjRdbZP8hn2mdOQDiSSGA5z7RvAjX1-Kk_s3WVFPjMtJFVWoALknaq6b1MLmq90rwgZf5fs4JEDYuulT23FrT-Yy5VLVrw&sai=AMfl-YR7k6_27CvFy67QM1L-AAho1LREjvo10lN-XHEb3j4p3yUE-lp4IhJu4kRX3U2Dx1YrkXSieEGIbTN2&sig=Cg0ArKJSzC2Yc7JAYheHEAE&id=lidar2&mcvt=1011&p=0,0,250,300&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3789060284&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648430294459&rpt=421&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:18:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/ Frame FDDA 2 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?random=1648430295922&cv=9&fst=1648430295922&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D1%26siteid%3D1151&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb9592ef0e3d42bb4af550582bae70c705a256e4cbc9417e5745152c3a9402d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1060
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ Frame FDDA 46 B
313 B 38ms
21ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=59013e41-1b63-4d8e-a887-ea6d3795d988

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

ed8560b4c9e1ebc69ee7932d648f8aa46a0cbae33ab3727d61277db598074d17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:15 GMT
via: 1.1 google
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46

GET
H2 204 137000673.js Show response
bat.bing.com/p/action/ Frame FDDA 0
118 B 213ms
213ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/137000673.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DE36DB061261404D8FFD3B8CE94207FC Ref B: FRAEDGE1515 Ref C: 2022-03-28T01:18:15Z
date: Mon, 28 Mar 2022 01:18:15 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame FDDA 0
176 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137000673&Ver=2&mid=abf5f131-e7ef-4671-9b26-3ba1f7846291&sid=f1c47580ae3411ec85e50ddcaf8cdd9c&vid=f1c463d0ae3411ecbf029b8ac0a656c9&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Flp.cleverwebserver.com%2F&r=&lt=655&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=762795

Requested by

Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7CC1008BEBFF4FEDA4B7EB27758A7863 Ref B: FRAEDGE1515 Ref C: 2022-03-28T01:18:15Z
date: Mon, 28 Mar 2022 01:18:15 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 5344 0
241 B 37ms
23ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=59013e41-1b63-4d8e-a887-ea6d3795d988

Requested by

Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/

Response headers

server: nginx/1.19.6
date: Mon, 28 Mar 2022 01:18:15 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ Frame FDDA 44 B
409 B 25ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=234568464078651&ev=PageView&dl=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D1%26siteid%3D1151&rl=https%3A%2F%2Flp.cleverwebserver.com%2F&if=true&ts=1648430295950&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmgoogletagmanager&ec=0&o=30&it=1648430295892&coo=false&rqm=GET

Requested by

Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 28 Mar 2022 01:18:15 GMT

GET
H2 200 p
tr.snapchat.com/ Frame FDDA 68 B
303 B 26ms
26ms Image
image/png 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?trackId=3d4c33bb-4e7e-4047-bab7-acf9614d3a12&pid=59013e41-1b63-4d8e-a887-ea6d3795d988&ev=PAGE_VIEW&pl=https%3A%2F%2Flp.cleverwebserver.com%2F&ts=1648430295962&rf=https%3A%2F%2Flp.cleverwebserver.com%2F&v=1.6.0&if=true&bt=__LIVE__&intg=gtm&m_sl=816&m_rd=858&m_pi=655&m_ic=1&u_c1=f584d99b-0e4b-460e-973e-8fa181ac193f

Requested by

Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:15 GMT
via: 1.1 google
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H3 200 /
www.google.com/pagead/1p-user-list/763238947/ Frame FDDA 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/763238947/?random=1648430295922&cv=9&fst=1648429200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=2&url=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D1%26siteid%3D1151&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&async=1&fmt=3&is_vtc=1&random=2342469606&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:18:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/763238947/ Frame FDDA 42 B
548 B 45ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/763238947/?random=1648430295922&cv=9&fst=1648429200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=2&url=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D1%26siteid%3D1151&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&async=1&fmt=3&is_vtc=1&random=2342469606&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:18:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220323&jk=273647848453026&bg=!Pj2lPXnNAAbzJazn0yU7ACkAdvg8WjBQXqDpCr0maZJmacCpoHcqll9vj5293PULydejMPyrC3WIbwIAAABeUgAAAANoAQcKADncZSCEgW2yOHnJJLVuaWaYTaQ6QnURz83CP3X2kqs5qDX0EgIdPIwTCD1UXZvKoXCVxFI6x3X5rr6ZAtNDeR8cnx-zWaRS0XlW20e3jc68tJFUDGh0J1JMOr_ZyvQHrk9ZQndsHjtwnubb_RvEPZ9YhDZJHz3kso4dNcTCpGeOGNp3WMPB88hx-eGF260zv5SMd1ecWT7tOzu07ljvsbN-5rVODduuK0zKImsxY-qaVeTE6b3_nrxymNL9KWcBsg_PHHZWB4Ij5k1uNS7eTgPidUl2YWPFl-qglRbhm3VOwJHoD0w_1wWqGmD-KWKupY7KQS0EG19uy8vRJG_aMexi-7Kqzq4sqW2p80eIdyX8builTjUhSeAfEYD6ZwSP3i5nxmY1uXhVaoOegOuuvfdk8otCFetaNmXZtXcG2PcsxX1COrGWgM0PFo-YwgmUbH48hVbBAEFgXiMaHKrwDSYzfIgraCWX-x_kepiM3Kn5lA68G220R8KaCjHJico2fA6uFpss3YLC9KVWuF6ikoL5gVNky_YUFr-_UwLM-c7fjLnCJv8zInqFb0Bty1XURpXKB1sO_qJKl-T6F7Vo4b5doBwKp8dpNiTFgAqbozvyz4bILbZnWsQLE8HGovm3g-AQ9-aM0GlbmJnrWYleljHq5NajB_pRWmqwhg88lB_YrSFjl9phgP8w0wS7BD9BGF3fdxzU7bLndfMWOLJ67ZxpyQDTYsstkE9rRZEEHEB-jGhPMJHUSLKbRSvz4B2fFmfBf3jcqUr8cuVrr8NXoRE-AVxcTzlAB6zWOtBy6oghBuw6rr6s45Lc8YZ857koDS7JYG-hRrB9-jfBO72lFuBBePftCKzgR5KlCfIVudcXirpSW6_ao9cuDHQm-gJVEQ5V9jpxfBiA4RoFjjTCvYs7Kn4p8kOwu4lx3NR229znNMJZd2IG14cPdGI7wsUjUzXH2Zy3C-sVPjtSDMp46HRA89FEzbpLGTHlpGg37ozodwS4yHq0ZiZzPox8bw6eT6Td55xqse-U-aQ8ZOcGdiA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:18:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/ Frame FDDA
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=2284179&ADFPageName=betano.de%7CSportsbook%7Cundefined%7Cundefined&ADFdivider=%7C&ord=322120847850&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2284179&ADFPageName=betano.de%7CSportsbook%7Cundefined%7Cundefined&ADFdivider=%7C&ord=322120847850&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=htt...

140 B
610 B

18ms
18ms

Script
text/javascript

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2284179&ADFPageName=betano.de%7CSportsbook%7Cundefined%7Cundefined&ADFdivider=%7C&ord=322120847850&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&ADFtpmode=2&loc=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D1%26siteid%3D1151

Requested by

Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4be53201fe140ade1bddd493298e32d27e9e9cbe2d55242d34e3c1a2c62cdc7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:18:16 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 204
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:18:16 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2284179&ADFPageName=betano.de%7CSportsbook%7Cundefined%7Cundefined&ADFdivider=%7C&ord=322120847850&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&ADFtpmode=2&loc=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D1%26siteid%3D1151
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 6510
Redirect Chain

https://secure.adnxs.com/seg?add=24290212&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D24290212%26t%3D2

43 B
1 KB

12ms
12ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D24290212%26t%3D2

Requested by

Host: ssl.connextra.com
URL: https://ssl.connextra.com/universalTag?client=Betano&id=178083&page=homepage

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssl.connextra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 01:18:16 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6f48c8c8-c969-491f-9fae-e3281101c560
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 01:18:16 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e9f426dc-0c94-4d67-a7cb-6cd02b13721f
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D24290212%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK getuidnb
secure.adnxs.com/ Frame 6510 43 B
687 B 23ms
7ms Image
image/gif 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID

Requested by

Host: ssl.connextra.com
URL: https://ssl.connextra.com/universalTag?client=Betano&id=178083&page=homepage

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssl.connextra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Mar 2022 01:18:16 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 75b192aa-c997-49bc-9577-d6649c79a331
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 6510 1 KB
2 KB 85ms
32ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1504662&mt_adid=241596&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/universalTag?client=Betano&id=178083&page=homepage
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4281 354de82 master zrh-pixel-x27 config:1.0.0 /
Resource Hash: 48a222f99deb6af816ace62e0fce5d5a25163d134b2694bdd1ac3514f98980d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssl.connextra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 01:18:16 GMT
Server: MT3 4281 354de82 master zrh-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1411
Expires: Mon, 28 Mar 2022 01:18:15 GMT

GET
H2

200

98516241-0cd8-4b00-a984-81c04da50f01
zz.connextra.com/sync/data/uid/6c883bd680/ Frame 6510
Redirect Chain

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
https://zz.connextra.com/sync/data/uid/6c883bd680/98516241-0cd8-4b00-a984-81c04da50f01

43 B
513 B

70ms
40ms

Image
image/gif

184.30.210.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zz.connextra.com/sync/data/uid/6c883bd680/98516241-0cd8-4b00-a984-81c04da50f01
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/universalTag?client=Betano&id=178083&page=homepage
Protocol: H2
Server: 184.30.210.29 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-210-29.deploy.static.akamaitechnologies.com
Software: istio-envoy /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssl.connextra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:18:16 GMT
content-encoding: gzip
server: istio-envoy
vary: accept-encoding
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
cache-control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 2
content-type: image/gif
content-length: 64
expires: Mon, 28 Mar 2022 01:18:16 GMT

Redirect headers

Date: Mon, 28 Mar 2022 01:18:16 GMT
Server: MT3 4267 dd20a5c master cdg-pixel-x26 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://zz.connextra.com/sync/data/uid/6c883bd680/98516241-0cd8-4b00-a984-81c04da50f01
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 28 Mar 2022 01:18:15 GMT

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/ Frame 6510
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-426&value=
https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-426&value=&_bee_ppp=1

43 B
793 B

29ms
28ms

Image
image/gif

52.51.211.190
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-426&value=&_bee_ppp=1

Requested by

Host: ssl.connextra.com
URL: https://ssl.connextra.com/universalTag?client=Betano&id=178083&page=homepage

Protocol

HTTP/1.1

Server

52.51.211.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-211-190.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssl.connextra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 28 Mar 2022 01:18:16 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-426&value=&_bee_ppp=1
Date: Mon, 28 Mar 2022 01:18:16 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

AAGqT07EghoAADKAOAl1Qw
zz.connextra.com/sync/data/uid/508a5e2dd5/ Frame 6510
Redirect Chain

https://match.prod.bidr.io/cookie-sync/geniussports
https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAGqT07EghoAADKAOAl1Qw

43 B
505 B

43ms
43ms

Image
image/gif

184.30.210.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAGqT07EghoAADKAOAl1Qw
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/universalTag?client=Betano&id=178083&page=homepage
Protocol: H2
Server: 184.30.210.29 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-210-29.deploy.static.akamaitechnologies.com
Software: istio-envoy /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssl.connextra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:18:16 GMT
content-encoding: gzip
server: istio-envoy
vary: accept-encoding
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
cache-control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 1
content-type: image/gif
content-length: 64
expires: Mon, 28 Mar 2022 01:18:16 GMT

Redirect headers

location: https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAGqT07EghoAADKAOAl1Qw
Date: Mon, 28 Mar 2022 01:18:16 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H3 200 1x1.gif
a.mgid.com/ Frame FDDA 43 B
397 B 129ms
117ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=590349&type=c&tg=&r=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D1%26siteid%3D1151&utmc=0&utmt=0&nv=0&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0&d=1648430296007
Requested by: Host: www.betano.de
URL: https://www.betano.de/promos/de/Betano-DE.aspx?utm_medium=431&utm_source=1&siteid=1151
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 01:18:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6f2c87e6296d694b-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame A294 631 B
994 B 62ms
29ms Document
text/html 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=d57e6241-0cd7-4700-aa25-e91b509920b6&no_iframe=1&mt_adid=241596&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1504662&mt_adid=241596&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4281 354de82 master zrh-pixel-x27 config:1.0.0 /
Resource Hash: 304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ssl.connextra.com/

Response headers

Content-Type: text/html
Content-Length: 631
Access-Control-Allow-Origin: *
Server: MT3 4281 354de82 master zrh-pixel-x27 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Mon, 28 Mar 2022 01:18:15 GMT
Date: Mon, 28 Mar 2022 01:18:16 GMT
Connection: keep-alive

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 6510 43 B
525 B 33ms
33ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/universalTag?client=Betano&id=178083&page=homepage
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4281 354de82 master zrh-pixel-x26 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssl.connextra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 01:18:16 GMT
Server: MT3 4281 354de82 master zrh-pixel-x26 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 01:18:15 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame A294 43 B
558 B 32ms
32ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=d57e6241-0cd7-4700-aa25-e91b509920b6&no_iframe=1&mt_adid=241596&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4267 dd20a5c master cdg-pixel-x24 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=d57e6241-0cd7-4700-aa25-e91b509920b6&no_iframe=1&mt_adid=241596&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 01:18:16 GMT
X-Akamai-Origin-Object-Size: 43
Server: MT3 4267 dd20a5c master cdg-pixel-x24 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 28 Mar 2022 01:18:15 GMT

GET
H2 204 i.php
www.onclickperformance.com/script/ 0
61 B 131ms
130ms Image
text/plain 35.190.55.95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onclickperformance.com/script/i.php?stamat=m%257C%252C%252CAjO-IjYToGU3BU9GH0dEdHP3xP.236%252CjLDse4FguJ703rU5F5sRS6mWCsD3kPsFqUhB6JvhGKs2cGRpFOetGHTuKnkL6fUVrLbSil3i1nsmOQKFG1l4rHoKmm9HfeIm06aWCj6s0wsC6s0mjQubpwuiPS6hhBBSgqBE32P9T7yl4I5V7UJfyPV_75ERwr-NZwPOnt8fdn8mxtsivQfnO6CLZnOtY1YVgBN2WoSZQ23ucNTt-dh0P-p9pKSoV0FnouzD6DRELvXD4T36kXV35nm1eal9MNTnXkYjnmJHg6b7nlqfG0HXKpAfDKS-MZvgAqLKkvVii7g-VJUMJYHLudQxoqAHBOK9YgJHbUQrW0FeahcGa4550Jf4ejyko5fqn65p8H0-xzKUCEmbPT0FCLls24NR-t8elWBTM5BOZ1BhQ6Gm7wi8KdUI5mk3QDp1LG4W6i87We7bjEaQqUL5o1XVQgbGz7fTwfF-obEFHyLYrwUDi6GAUkZgRiOixmMOlhhU81cNMEE%252C&cbpage=https%3A%2F%2Fcpmlink.net%2FibdpAQ&cbref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.55.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.55.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cpmlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 28 Mar 2022 01:18:16 GMT
via: 1.1 google
referrer-policy: no-referrer
server: openresty
alt-svc: clear

GET
H3 200 /
www.facebook.com/tr/ Frame FDDA 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=234568464078651&ev=Microdata&dl=https%3A%2F%2Fwww.betano.de%2Fpromos%2Fde%2FBetano-DE.aspx%3Futm_medium%3D431%26utm_source%3D1%26siteid%3D1151&rl=https%3A%2F%2Flp.cleverwebserver.com%2F&if=true&ts=1648430297454&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmgoogletagmanager&ec=1&o=30&it=1648430295892&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 01:18:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 28 Mar 2022 01:18:17 GMT

Verdicts & Comments Add Verdict or Comment

257 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 01:55:16	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
cpmlink.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: blcu1duharndq0fqphb16j8s31
.cpmlink.net/	1970-01-20 01:53:52	Name: __cf_bm Value: SQyPYkiQEqvTVx2SsYs3ief0VlcLTKWtBeqcvMKnXWU-1648430293-0-AUX4cdE4Mf3QJJyqIZlbG/StjJ65fuonLjzVxiW7q7mpzGwah8XbhaxTREM6q16FZPpvbbarJYEaueOTZoqrrjk=
.cpmlink.net/	1970-01-20 19:25:02	Name: _ga Value: GA1.2.145724780.1648430294
.cpmlink.net/	1970-01-20 01:55:16	Name: _gid Value: GA1.2.78728548.1648430294
.cpmlink.net/	1970-01-20 01:53:50	Name: _gat Value: 1
cpmlink.net/	1970-01-20 10:39:26	Name: HstCfa3254176 Value: 1648430294487
cpmlink.net/	1970-01-20 10:39:26	Name: HstCla3254176 Value: 1648430294487
cpmlink.net/	1970-01-20 10:39:26	Name: HstCmu3254176 Value: 1648430294487
cpmlink.net/	1970-01-20 10:39:26	Name: HstPn3254176 Value: 1
cpmlink.net/	1970-01-20 10:39:26	Name: HstPt3254176 Value: 1
cpmlink.net/	1970-01-20 10:39:26	Name: HstCnv3254176 Value: 1
cpmlink.net/	1970-01-20 10:39:26	Name: HstCns3254176 Value: 1
.cpmlink.net/	1970-01-20 11:15:26	Name: __gads Value: ID=5843d1b921f90bd6-22ce7ccf66cd0003:T=1648430294:RT=1648430294:S=ALNI_MaIihVp1pf9xAs2wQOB-M5Sv6NpPw
cpmlink.net/	1970-01-20 02:37:02	Name: clever-last-tracker-55001 Value: 1
cpmlink.net/	1970-01-20 01:55:16	Name: clever-counter-55001 Value: 0-1
.doubleclick.net/	1970-01-20 01:53:53	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 11:15:26	Name: IDE Value: AHWqTUmaXXH8qJ4I90QIWntZzIV4FKRvg-DOFIpFPZAUWNOaehkbSXu4jRtORplN
.betano.de/	1970-01-20 02:37:02	Name: btag Value: a_1151b_904c_YSAAUZNMBSBAADE
.bing.com/	1970-01-20 11:15:26	Name: MUID Value: 2920951484A26CF104B2846185C96DD6
.facebook.com/	1970-01-20 04:03:26	Name: fr Value: 0AAfj32XncsbuxADH..BiQQzX...1.0.BiQQzX.
.connextra.com/	1970-01-20 19:25:02	Name: CxtId Value: 4faecdaf-d1ad-44a0-bcbd-50479d16bfad
.connextra.com/	1970-01-20 10:39:26	Name: Betano Value: P%7Chomepage%7C1%7C202203280218
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: m2rf_9uUJNii
.mgid.com/	1970-01-20 01:53:52	Name: __cf_bm Value: f53c2368e8e83240dc3ad669294164ce412c76ef-1648430295-0-AV2oiCFye0PLkKlNROvQpCzFPpZ4OP9lLGyguD7sQo79I88VfRRmG68CT6wkhOJid/w/tBGjXZgjdzJFfI62DIo=
.snapchat.com/	1970-01-20 11:15:26	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBhw0AIAgAsItI2OMcwXgFx9vOUCd6wVV/oMwBaYeBkKzrSvTkLrmmCnLZ4gfuDaGhMgAAAA==
.adnxs.com/	1970-01-20 04:03:26	Name: uuid2 Value: 6754868661696286416
.adnxs.com/	1970-01-20 04:03:26	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GTsJ5ss:!@wnf-Te9(>wL5L!!'-A$Rh!i
.adform.net/	1970-01-20 02:38:28	Name: C Value: 1
.mathtag.com/	1970-01-20 11:19:45	Name: uuid Value: d57e6241-0cd7-4700-aa25-e91b509920b6
.adform.net/	1970-01-20 03:20:14	Name: uid Value: 5510517731968005916
.mathtag.com/	1970-01-20 02:37:02	Name: mt_misc Value: mt_bt:1
.bidr.io/	1970-01-20 11:22:23	Name: bitoIsSecure Value: ok
.bidr.io/	1970-01-20 11:22:23	Name: bito Value: AAGqT07EghoAADKAOAl1Qw

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://cpmlink.net/ibdpAQ(Line 137) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://wednesdaynaked.com/9f4b4d55b7f52dcfc13d90affd83d44e/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cpmlink.net/ibdpAQ(Line 137) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://wednesdaynaked.com/9f4b4d55b7f52dcfc13d90affd83d44e/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://wednesdaynaked.com/9f4b4d55b7f52dcfc13d90affd83d44e/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://tags.orquideassp.com/tag/7958 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tags.orquideassp.com/tag/7958 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
adservice.google.com
adservice.google.de
ahscdn.com
bat.bing.com
cdn.gmlinteractive.com
cdnjs.cloudflare.com
connect.facebook.net
cov.gmlinteractive.com
cpmlink.net
fonts.googleapis.com
fonts.gstatic.com
gml-grp.com
googleads.g.doubleclick.net
lp.cleverwebserver.com
match.prod.bidr.io
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
s10.histats.com
s2.adform.net
s4.histats.com
sc-static.net
scripts.cleverwebserver.com
secure.adnxs.com
securepubads.g.doubleclick.net
segment.prod.bidr.io
sender.clevernt.com
ssl.connextra.com
supertruco.com
sync.mathtag.com
tags.orquideassp.com
tpc.googlesyndication.com
tr.snapchat.com
track.adform.net
ui.cleverwebserver.com
wednesdaynaked.com
www.betano.de
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.onclickperformance.com
www.predictivdisplay.com
youradexchange.com
zz.connextra.com
104.19.135.78
142.250.181.226
142.250.185.98
143.204.202.245
148.69.64.76
184.30.210.29
185.29.134.248
192.0.78.146
192.243.59.12
192.99.0.58
2.18.233.201
2600:9000:2057:e000:2:e529:700:93a1
2606:4700::6810:135e
2606:4700::6812:18f6
2606:4700::6812:420
2606:4700::6813:b110
2606:4700::6813:b210
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:808::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a06:98c1:3120::7
35.186.226.184
35.190.41.116
35.190.50.89
35.190.55.95
37.157.3.29
37.157.6.235
37.252.172.250
46.105.201.240
52.211.111.162
52.51.211.190
00359d552170386e0f9dc362a2a48ad8da908f6263810b28eb26348073b70bee
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1321b76c5325f70b5bfebec861d984c7e2c0a978064bb64ab696e2f432f0239e
1353d3cfd641b4848f94b3bd3c3f936536718e2f53c91095d5f3cb9793e3354e
1494fa2daeddbb2d1869cb94d39225bc5d1d3fc4b2a14e3f32a957e48139d0f0
1752cce959f2b747aa5103a49d0abcbe7cf10b75cf121dd5968c41669d3dafdd
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a3ceb3329bf885f2c4fe0bf0c89dd38768e32cbe77edb105dec1d14797d4048
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1ed36cc050fda42823ee78b2d8e6bbbdcf41061752de473edb3fb1e63ca33208
21994bdae3461f5becc2dea2235b90d1f2fcf5b6aab4a0124f01e10a0d190406
21abf00181b2fcc67a010984c3a99ca69283ed0c2af25a1b7bffed987678b9e0
21cb8a534a479c2d092ee724140b7a4a7a17b9a36537d7d77106e4cfefd34ab4
23f4c65222542b6b0413245692e9a08067ec26e4d3fee74409a2bd5fd6e1ff10
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
340ded89dcd9a565acfcbebaf72213b6ea7cbcb5a984fc5593c04034f62397ff
348911bf910507c101d13d5c936cd42532b3c87a95bf4b21e3e5525750405cc2
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
419f22ca8b4ac394784ee3087852e76e846787885e186b04e1e8822936a447e0
42aa86bd96c4636962d26e433b3e7e929596027ce358314f329a8e69f407ecd1
43985c8a7cfe580f5db631b6d44481f110c3707cd867a9a15d2921e50e6ddefc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
48a222f99deb6af816ace62e0fce5d5a25163d134b2694bdd1ac3514f98980d0
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be53201fe140ade1bddd493298e32d27e9e9cbe2d55242d34e3c1a2c62cdc7f
4c0088d08089d4ecfd95333d9db3b56ac6a3b9af2374e083680b39391f7a75ca
4c98631fccebef2e3c9ba5199db85a52d68e67ccc8eef4090549a732593f077e
4d90ca7e0e80c969ddcf2775018239d0512c879907dbe02a92b6493db8fc8923
4e16cf57d5864a0923be893617f104cda5486ea3b4eb1f8a1d402a9debd74eb8
4f57881061b40bba374093d31f1b4ddce8a8ae2216ff4b39937df5a7bc9aa425
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
5377b85929b89e53828ca9b7489ea8a9c4a112bd7384c8eadb38b8dea5df6983
53bff42130f5bff8f3a92e259f20357ad8b46271cb9daa75a9485d401aeaa77f
53eb084df0c47e777e1c2a42ceacaf83d5cd82e20ffb837ea602423a3cc6ad5e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b292bab6c777111694aa0bffda487c3108b1e83091ea8471e316272f9d1aff
5755144f0dce959dc794da1dfdc2acaebcf06d9b48532cb75dc972c33600f26d
5d63715c3e74f56f56f02445733f7d1e1ba3332d37d4e2cb0cfac2b14ef85dc7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
633b156edd6a32c425a6208ab23dd393267ba2ee301308afe7c64aca4d4dc223
6796347051cd95fb559d199abf2462a4ade0cbb2d2bc94664bc590ac7b531b86
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6ab9b1de77d5277beab55670ecc9c5bc06d20996eb5772534f9a974726115895
6b54b9d51b8e7575fc6ac2e2bfd7826e021c3385b15f6e07581d58234219a3ce
6b5a08f5a9fb942b9c3c787aad423f3d2940e38f567646e6d7ceb1d12c87d493
6eda70ce710ba56966b3bf0661cb42277d14f38c8317ca0fb872072129f2effe
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7a94ea175c1bccc3a074849d2fa39fbe5cc1368c1857a0b68241d38fada53d13
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
85b6f001821921aef112727f061dfb6d9844418c53997d9fb500bcc2bf96bf4c
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
88a7ddaff0592f22bce404487de8e4f604bf0008a27f2551954cbf1c0d70f227
890659fab7bd61f32cc5587af93c2ba5c455bb2173c573cb4d007f342d8f1b13
890811e9ee3d56cf846c56afff699460bca016a587f1f35add524260a19c0227
903605618fe24760dca884c34ce733fa71703d435e61f890740c8387ac98bc32
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93bb95317e12ca9cf61aa61f81da51b63b3e917c0b1de904ac43d2f068fabde6
98af5e2d044165db4fe04e7a288c125ad78d50bd9e212ca6e520e5a55140e869
9d072b49392e00fc29ea6b984b27d9677c4222a93768777cf28c1366dee0802a
9d4f6a81b8ab0cc8d116f5abc6f0fdc6c6b3254bd2b42a58425691f425d02d39
9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3
9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a
9fdd307f1450478aac1f153ae0b5b51218dab647fc43b45c887a3a0fd74c5d3e
a0315120b66d5141c4d2e381fb5b33602ac16ae8a11d3f9b53073c04ed1e2082
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a04c3c81c8b05420df27b941867dcc36a76df5ad2e7dc7caacada17c645fe5eb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a55efe06ccb280d0d51cb2b350e379a40719767f5e85ad83199b5b25e05bdbd2
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ae3a15a3e9733515bb33d29c4820b33c0bcaf30a522fd034ea68d104939901d3
aeada280b27d34605088afb50b61da8b93cf9653f8036aa8a0a846a24f0a8aa3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b37f97b340e05e69a40b4cde0aaf886a2a3880b30ebdda8f4112f3f040b06c3b
b3802ba95862b1fad8da321f4079cbc476e5ddc09a7138d1244c61100111af8f
b4fd8f2497f4eae64faeed51279a09d163f6de88341731cdf9a8494d7af5c191
b5d01de11399b5118258d41f61690255097cdac5733915e2d629c3fba1ccf91e
b789a18c9696016914432634226bbedfdb4827dcbdede56dde11b1960aa42bb7
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
bc28fa44d52082885f05af08d731877df2a1b2d55bb57309315f1d650b2f896c
c1f180edff4b0807e2f0f37cbda68245e3768805f032802f24d4b4c8ce7fd752
c492ae11247e26526fa786bb6d6a1c6197dc332562d7f2ed0ff889df5870e7ec
c8ee67cfaf180d033a0d146a2bcccb871186a6b0df132373c0d8574b884da4d0
ca6306b9a7596779af02f9b097a9bd36837022f84f1e95c5b2f790c8e1c02fa0
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf288902cc77198ef17f2904d9033ed564e9af5f603054777f43dd9a1407920f
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
dc9cbf19b48bae0d28f72e59e67d6ec34ab1644087ec2e8e42954180d1586b48
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de7b6b9d278848d174bb5f9d719d5a4711bafc238c8fc5616e1b6617ad95b415
df35392ebe2722ddcafc180639031db9a8ed65c3d5f5e94833fdb74435d1a77a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8098c6938d10947bf06e59e59b684daf1ef70c1e520bd7e6d4d85e28ee94f00
e852a247d062e228c6ed8b9de5bf0665abcd5049107bef3a2c1c9786a40d918b
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ed8560b4c9e1ebc69ee7932d648f8aa46a0cbae33ab3727d61277db598074d17
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09c8f40b8d48c09ade411f727d0d68f2c01e22f3c2c575ba834f013adf77821
f2f087eac841d5433c3c3fa9ea481b474ff8370b9d9eec1ace18f0300a76ffd8
f4cb053703a422eada007ba9fb708e56e93baecd907ca9b2251f18964e5dc076
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fb9592ef0e3d42bb4af550582bae70c705a256e4cbc9417e5745152c3a9402d5
fdd535b6939d9a84113242bb3d0515623544b6576541613d3e6130583f8af149
ff18ae76c54e7c269e0df3b8332ba00667620f0d1a71ae1a7babdde902751b45

cpmlink.net Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

150 Requests

96 %HTTPS

51 %IPv6

36 Domains

50 Subdomains

41 IPs

9 Countries

2801 kBTransfer

6281 kBSize

34 Cookies

4 Outgoing links

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cpmlink.net Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

96 %
HTTPS

51 %
IPv6

36
Domains

50
Subdomains

41
IPs

9
Countries

2801 kB
Transfer

6281 kB
Size

34
Cookies

150 HTTP transactions
5 data transactions