adgone.org Open in urlscan Pro
54.158.90.171 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-4...
Submission: On March 20 via manual (March 20th 2024, 2:20:49 pm UTC) from IN — Scanned from DE

Summary HTTP 73 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 13 domains to perform 73 HTTP transactions. The main IP is 54.158.90.171, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is adgone.org. The Cisco Umbrella rank of the primary domain is 68990.
TLS certificate: Issued by Amazon RSA 2048 M01 on July 3rd 2023. Valid for: a year.

This is the only time adgone.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	54.158.90.171 54.158.90.171	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
12	2606:4700::68... 2606:4700::6812:1eea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
6	34.98.107.242 34.98.107.242	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
1 2	34.147.177.40 34.147.177.40	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42:400... 2a04:4e42:400::291	54113 (FASTLY) (FASTLY)
73	17

19 54.158.90.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-90-171.compute-1.amazonaws.com

adgone.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6812:1eea (United States)

ASN13335 (CLOUDFLARENET, US)

app.termly.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.107.242 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 242.107.98.34.bc.googleusercontent.com

js.recurly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.recurly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

adblock.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.129.21 (United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.147.177.40 (London, United Kingdom) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 40.177.147.34.bc.googleusercontent.com

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lhr.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::291 (United States)

ASN54113 (FASTLY, US)

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	adgone.org adgone.org — Cisco Umbrella Rank: 68990	292 KB
12	termly.io app.termly.io — Cisco Umbrella Rank: 25603	319 KB
9	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 3546 ekr.zdassets.com — Cisco Umbrella Rank: 4262	216 KB
8	paypal.com 1 redirects c.paypal.com — Cisco Umbrella Rank: 7897 b.stats.paypal.com — Cisco Umbrella Rank: 5896 lhr.stats.paypal.com — Cisco Umbrella Rank: 21904 c6.paypal.com — Cisco Umbrella Rank: 10439	49 KB
6	recurly.com js.recurly.com — Cisco Umbrella Rank: 20929 api.recurly.com — Cisco Umbrella Rank: 55987	304 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1728	21 KB
3	zendesk.com adblock.zendesk.com — Cisco Umbrella Rank: 609713	1 KB
3	gstatic.com fonts.gstatic.com	39 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	246 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4123	83 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143	455 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 437	24 KB
73	13

	Domain	Requested by
19	adgone.org	adgone.org
12	app.termly.io	adgone.org app.termly.io
8	static.zdassets.com	adgone.org static.zdassets.com
5	c.paypal.com	js.recurly.com c.paypal.com
3	adblock.zendesk.com	static.zdassets.com
3	api.recurly.com	js.recurly.com
3	www.google-analytics.com	www.googletagmanager.com adgone.org
3	fonts.gstatic.com	fonts.googleapis.com
3	js.recurly.com	adgone.org api.recurly.com
3	www.googletagmanager.com	adgone.org www.googletagmanager.com
3	fonts.googleapis.com	adgone.org js.recurly.com
2	stackpath.bootstrapcdn.com	adgone.org stackpath.bootstrapcdn.com
1	c6.paypal.com
1	lhr.stats.paypal.com
1	b.stats.paypal.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	ekr.zdassets.com	static.zdassets.com
1	cdn.jsdelivr.net	adgone.org
73	19

This site contains links to these domains. Also see Links.

Domain
help.adgone.org
app.termly.io

Subject Issuer	Validity	Valid
adgone.org Amazon RSA 2048 M01	`2023-07-03` - `2024-07-31`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
app.termly.io Sectigo RSA Domain Validation Secure Server CA	`2023-05-03` - `2024-06-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.recurly.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-03` - `2024-06-02`	a year	crt.sh
zdassets.com E1	`2024-03-03` - `2024-06-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
adblock.zendesk.com Cloudflare Inc ECC CA-3	`2023-06-22` - `2024-06-21`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-02-08` - `2025-02-08`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
Frame ID: 5FFF01C27F432F15F4B0D8BD0BE8FD49
Requests: 51 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a5bccfa.js
Frame ID: 95C9AC13FCAB602D9AEB3814CF911999
Requests: 9 HTTP requests in this frame

Frame: https://api.recurly.com/js/v1/field.html
Frame ID: 5172CBEB980F8A7899735351D31B1411
Requests: 3 HTTP requests in this frame

Frame: https://c.paypal.com/da/r/fb.js
Frame ID: 745D6FC2D13601DE98744BE4AFB83272
Requests: 2 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 1D207396A3409D5461C73B1274C5DA6C
Requests: 4 HTTP requests in this frame

Frame: https://lhr.stats.paypal.com/v2/counter2.cgi?p=6fcb07a4bb72438aa0e1454b5ab52720&s=QPRWDZL65Q7RW_checkout
Frame ID: 25D53372E2E99B6F3D4CC0EAA2A433AB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Downloads and Pricing | AdGone Ad Blocker

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Recurly (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.recurly\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Termly (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

app\.termly\.io/embed\.min\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

73
Requests

99 %
HTTPS

59 %
IPv6

13
Domains

19
Subdomains

17
IPs

4
Countries

1597 kB
Transfer

4525 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://help.adgone.org/hc/en-us/requests/new
Title: support page

Search URL Search Domain Scan URL

URL: https://app.termly.io/notify/b416d92b-8035-4ad5-a7c6-f4464ec80008
Title: Do Not Sell or Share My Personal Information

Search URL Search Domain Scan URL

URL: https://help.adgone.org/hc/en-us?utm_source=Help%20Center&utm_medium=lp0-tst0-psmi-pl-460719--ec-vc1&utm_campaign=&utm_term=&utm_content=&utm_id=68ac9833-237f-4f1d-8107-e7e66e402778
Title: FAQ

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://b.stats.paypal.com/v2/counter.cgi?p=6fcb07a4bb72438aa0e1454b5ab52720&s=QPRWDZL65Q7RW_checkout HTTP 302
https://lhr.stats.paypal.com/v2/counter2.cgi?p=6fcb07a4bb72438aa0e1454b5ab52720&s=QPRWDZL65Q7RW_checkout

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request upgrade Show response
adgone.org/adblocker/ 87 KB
23 KB 511ms
240ms Document
text/html 54.158.90.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.90.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-90-171.compute-1.amazonaws.com
Software: /
Resource Hash: eea2fb776182a188bd3218476b8252cdbbc61485d3296935ec9c1256c151b380

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
cache-control: private
content-encoding: gzip
content-length: 22868
content-type: text/html; charset=utf-8
date: Wed, 20 Mar 2024 14:20:44 GMT
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
adgone.org/Content/Landing/srcAssets/adGone/css/bootstrap/ 157 KB
24 KB 122ms
120ms Stylesheet
text/css 54.158.90.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adgone.org/Content/Landing/srcAssets/adGone/css/bootstrap/bootstrap.min.css
Requested by: Host: adgone.org
URL: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.90.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-90-171.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 3c407529fa4f93133a8e1c085cff173348f42e6d92530a6a158c0ba1d247063e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:44 GMT
content-encoding: gzip
last-modified: Fri, 17 Mar 2023 16:21:04 GMT
server: Microsoft-IIS/8.5
etag: "0d86b78ec58d91:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 23868

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 77ms
29ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: adgone.org
URL: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 600469
cdn-cachedat: 10/31/2023 18:48:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 52e8017e429cb017041f945d35cfee9a
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8676583c4cf835e7-FRA
cdn-requestpullsuccess: True

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
600 B 87ms
36ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@200;300;400&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d25c71aac8a12cdda6145af5a5cff1b3164378ebc212e3602e56c8638c7ce7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Mar 2024 14:20:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 14:20:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Mar 2024 14:20:44 GMT

GET
H2 200 style.css
adgone.org/Content/Landing/srcAssets/adGone/css/ 7 KB
2 KB 125ms
124ms Stylesheet
text/css 54.158.90.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adgone.org/Content/Landing/srcAssets/adGone/css/style.css
Requested by: Host: adgone.org
URL: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.90.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-90-171.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 /
Resource Hash: c72af641f1876f8373460f3e1e6ae2b78918861d55c8109605a09e03254d0230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:44 GMT
content-encoding: gzip
last-modified: Thu, 03 Aug 2023 15:57:10 GMT
server: Microsoft-IIS/8.5
etag: "0f1c2923c6d91:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1800

GET
H2 200 embed.min.js Show response
app.termly.io/ 998 KB
298 KB 102ms
47ms Script
application/javascript 2606:4700::6812:1eea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/embed.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1eea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b538cd5a85ef29b0ab66af43ad91c082e6448fc2c0d1e32cde3165d7f2a18e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:44 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 6919
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 19 Mar 2024 19:37:19 GMT
server: cloudflare
etag: W/"65f9e96f-f9806"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 8676583c5909929b-FRA
expires: Wed, 20 Mar 2024 18:20:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
72 KB 94ms
45ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-179377323-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

299a24718670d6e239145612f956745b220ccccd07fd7db838b53a56165b3b30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72903
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Mar 2024 14:20:45 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 78ms
28ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@500;700;900&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1040685ef31b7e5d0b52ffa5413e3e8bcbcfdc1b10a1d20773c0680ee96ab8e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Mar 2024 14:20:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 14:16:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Mar 2024 14:20:44 GMT

GET
H2 200 recurly.css
js.recurly.com/v4/ 544 B
783 B 75ms
21ms Stylesheet
text/css 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.recurly.com/v4/recurly.css
Requested by: Host: adgone.org
URL: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: db16b375b9cc94e99d181e402140a50550d0764384e2aea73d50a1ea3e16122d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 13:53:01 GMT
via: 1.1 google
last-modified: Wed, 28 Feb 2024 20:24:11 GMT
server: nginx
age: 1663
etag: "65df966b-220"
access-control-allow-methods: GET
content-type: text/css
cache-control: public,max-age=3600
access-control-allow-credentials: false
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 544

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 92ms
36ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=edbf3e8a-3d29-497a-a698-38739089fb5a

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:44 GMT
x-amz-version-id: sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: CYEYQJYMT4QZ3T8W
age: 1
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: w9Ykh+WtFixOrLFiNzGhpYHZOwk6DKoyxfhtDfVQkoErmToTSi1OHWtlNSPdHtDc+O/3ZoaZyAk=
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
server: cloudflare
etag: W/"c0053b411b753138af468db1bd3b19f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FDgNihIUJBHI7e78AmoykMZWQ51V0mgaR5B5CqR7Vkj26ogFssE%2BScfF7ZPL2CfO6mVuV5OyApvOjxX0gYOPnEI7m25Bj9UgZVCAnlhyumfazUwZFuONjD%2BNtliyVaoBu4jxvfA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=3600, s-maxage=60
access-control-max-age: 0
cf-ray: 8676583c590437d7-FRA
access-control-allow-headers: *

GET
H2 200 jquery Show response
adgone.org/bundles/ 94 KB
43 KB 241ms
241ms Script
text/javascript 54.158.90.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adgone.org/bundles/jquery?v=fk_F6Qt3r-gbLvti3NKJtDRocNtFlm7WpDj8daOpRzs1
Requested by: Host: adgone.org
URL: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.90.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-90-171.compute-1.amazonaws.com
Software: /
Resource Hash: 5aa42812961402a87076bc7a833aac5cd2c6dba847ed399bf836e025b7749b6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:44 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2024 14:20:52 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public
access-control-allow-headers: Content-Type
content-length: 43266
expires: Thu, 20 Mar 2025 14:20:52 GMT

GET
H2 200 new_AG_Logo_v3.png
adgone.org/Content/Landing/srcAssets/adGone/img/ 10 KB
11 KB 125ms
124ms Image
image/png 54.158.90.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adgone.org/Content/Landing/srcAssets/adGone/img/new_AG_Logo_v3.png
Requested by: Host: adgone.org
URL: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.90.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-90-171.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 /
Resource Hash: ced564397911d0b1b82f20978caa0e6b1ad325b1284230dc8a8e2790090cd976

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:44 GMT
last-modified: Fri, 17 Mar 2023 16:21:04 GMT
server: Microsoft-IIS/8.5
accept-ranges: bytes
etag: "9e48ed78ec58d91:0"
content-length: 10700
content-type: image/png

GET
H2 200 blocking-ex.png
adgone.org/Content/Landing/srcAssets/adGone/img/ 15 KB
15 KB 240ms
239ms Image
image/png 54.158.90.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adgone.org/Content/Landing/srcAssets/adGone/img/blocking-ex.png
Requested by: Host: adgone.org
URL: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.90.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-90-171.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 813a0a73420ed06e2bf8e383f4d47af4e7362eb7eebee2841d4c5a639946b448

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:44 GMT
last-modified: Fri, 17 Mar 2023 16:21:04 GMT
server: Microsoft-IIS/8.5
accept-ranges: bytes
etag: "84acd078ec58d91:0"
content-length: 14956
content-type: image/png

GET
H2 200 laptop_yt.png
adgone.org/Content/Landing/srcAssets/adGone/img/ 16 KB
16 KB 121ms
120ms Image
image/png 54.158.90.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adgone.org/Content/Landing/srcAssets/adGone/img/laptop_yt.png
Requested by: Host: adgone.org
URL: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.90.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-90-171.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 55e586115b7fa7660949100439439c7fa00160822f3108b3b00b16afc4a624a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:44 GMT
last-modified: Fri, 17 Mar 2023 16:21:04 GMT
server: Microsoft-IIS/8.5
accept-ranges: bytes
etag: "ee5ce178ec58d91:0"
content-length: 16118
content-type: image/png

GET
H2 200 secure_browsing.png
adgone.org/Content/Landing/srcAssets/adGone/img/ 69 KB
69 KB 120ms
120ms Image
image/png 54.158.90.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adgone.org/Content/Landing/srcAssets/adGone/img/secure_browsing.png
Requested by: Host: adgone.org
URL: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.90.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-90-171.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 /
Resource Hash: bfd124d8eff1106f8dbf482194684f5b08e5ad1838804702ce1b99d94cd11dec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
last-modified: Fri, 17 Mar 2023 16:21:04 GMT
server: Microsoft-IIS/8.5
accept-ranges: bytes
etag: "18d2f678ec58d91:0"
content-length: 70532
content-type: image/png

GET
H2 200 AcceptedCards.jpg
adgone.org/Content/Landing/srcAssets/adGone/img/ 27 KB
27 KB 121ms
121ms Image
image/jpeg 54.158.90.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adgone.org/Content/Landing/srcAssets/adGone/img/AcceptedCards.jpg
Requested by: Host: adgone.org
URL: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.90.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-90-171.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 48f7035ca039b981b12db7a14b26f32ee0025b676fddfd94dea0da0115944a14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
last-modified: Fri, 17 Mar 2023 16:21:04 GMT
server: Microsoft-IIS/8.5
accept-ranges: bytes
etag: "bdc0c478ec58d91:0"
content-length: 27558
content-type: image/jpeg

GET
H2 200 ssl.png
adgone.org/Content/Landing/srcAssets/adGone/img/ 24 KB
24 KB 214ms
213ms Image
image/png 54.158.90.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adgone.org/Content/Landing/srcAssets/adGone/img/ssl.png
Requested by: Host: adgone.org
URL: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.90.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-90-171.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 8623a3eb77cb1bdd1b5ecd6dff77a95e441ad9154ec288cf47a37f6f7d31091b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
last-modified: Fri, 17 Mar 2023 16:21:04 GMT
server: Microsoft-IIS/8.5
accept-ranges: bytes
etag: "a934f978ec58d91:0"
content-length: 24181
content-type: image/png

GET
H2 200 googlechrome.png
adgone.org/Content/Landing/srcAssets/adGone/img/ 12 KB
12 KB 214ms
214ms Image
image/png 54.158.90.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adgone.org/Content/Landing/srcAssets/adGone/img/googlechrome.png
Requested by: Host: adgone.org
URL: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.90.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-90-171.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 /
Resource Hash: bbc088865d9f25c4c31fa7eef71c388032e2b479860a9a99df8bf9ff4737fb73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
last-modified: Fri, 17 Mar 2023 16:21:04 GMT
server: Microsoft-IIS/8.5
accept-ranges: bytes
etag: "a2fade78ec58d91:0"
content-length: 12404
content-type: image/png

GET
H2 200 sendImpression Show response
adgone.org/get/js/ 3 KB
1 KB 216ms
214ms Script
text/javascript 54.158.90.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adgone.org/get/js/sendImpression?vname=AdGone_Home&userid=68ac9833-237f-4f1d-8107-e7e66e402778&source=lp0-tst0-psmi-pl-460719-vc1-ec&ap=adblocker_
Requested by: Host: adgone.org
URL: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.90.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-90-171.compute-1.amazonaws.com
Software: /
Resource Hash: 8aa7d3f52ce8994eeaeb17b999569ff401d2a578bb44fcda5b2ad621a7ea0d09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-headers: Content-Type
content-length: 1204

GET
H2 200 main.js Show response
adgone.org/Content/Landing/srcAssets/adGone/js/ 1 KB
872 B 214ms
213ms Script
application/javascript 54.158.90.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adgone.org/Content/Landing/srcAssets/adGone/js/main.js
Requested by: Host: adgone.org
URL: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.90.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-90-171.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 225c2fa5e6b2a9c6860ae6ed89ba86de662d59a964f3dcb6ecf33ecba85bedc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
content-encoding: gzip
last-modified: Fri, 17 Mar 2023 16:21:04 GMT
server: Microsoft-IIS/8.5
etag: "23f9fd78ec58d91:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 670

GET
H2 200 scrolldepth.min.js Show response
adgone.org/Content/ 3 KB
1 KB 214ms
213ms Script
application/javascript 54.158.90.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adgone.org/Content/scrolldepth.min.js
Requested by: Host: adgone.org
URL: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.90.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-90-171.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 213cdc1d0dcc894bcc6b688d278594bc29b946487259e7eb2fa40a2b7c0b4c06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
content-encoding: gzip
last-modified: Fri, 17 Mar 2023 16:21:05 GMT
server: Microsoft-IIS/8.5
etag: "806e479ec58d91:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1201

GET
H2 200 cta_tracking.js Show response
adgone.org/Content/ 5 KB
1001 B 215ms
214ms Script
application/javascript 54.158.90.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adgone.org/Content/cta_tracking.js
Requested by: Host: adgone.org
URL: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.90.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-90-171.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 /
Resource Hash: d5456cd6b9aae098095536ebc97c196b1451b5075c959c9e0dbbf31fe900ca4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
content-encoding: gzip
last-modified: Fri, 17 Mar 2023 16:21:05 GMT
server: Microsoft-IIS/8.5
etag: "806e479ec58d91:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 800

GET
H2 200 recurly.js Show response
js.recurly.com/v4/ 422 KB
100 KB 23ms
22ms Script
application/javascript 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.recurly.com/v4/recurly.js
Requested by: Host: adgone.org
URL: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b93783262bec548a559178d5274b1b8ec55645ac6b3087b84e118525d3a33ae8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 13:22:33 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 28 Feb 2024 20:24:09 GMT
server: nginx
age: 3492
etag: W/"65df9669-6979d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
cache-control: public,max-age=3600
access-control-allow-credentials: false
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101697

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 76 KB
24 KB 73ms
34ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://adgone.org/
Origin: https://adgone.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 586775
x-jsd-version: 5.1.3
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220091-FRA, cache-lga21951-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2BXCk1v%2BCG3EKOXYFqKe2Okt63bKIgwRFoIjTcWAmW9vszHUnBtGJ5JVfTEZrmknz9yVctCBOjebWpj4TOp%2B6S6broO7QScsAQC6Xutkbm0JU8pqKdyN83VV8PifPJP2Zc0JchrQA8C2%2FW4xeeo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8676583def0d2bd5-FRA

GET
H2 200 edbf3e8a-3d29-497a-a698-38739089fb5a Show response
ekr.zdassets.com/compose/ 1 KB
1 KB 268ms
216ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/edbf3e8a-3d29-497a-a698-38739089fb5a

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=edbf3e8a-3d29-497a-a698-38739089fb5a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49ad4753b1f89427ed44575b685302291d09d6a0f8be2731606efb4326d9d012

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 866c6c516a6d13aa-SEA, 866c6c516a6d13aa-SEA
x-runtime: 0.010332
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"49ad4753b1f89427ed44575b68530229"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nlb2F0FmnOB5PK0OZ2pdA8ITdKSKCmGVlFgriXHu9Nol2HMNDVr84ZYFmj50H%2Bwbtqr9ByyPstXZ1CoeAgKzPVMtKGSkHIa08jsjIsr2VJk%2BTjtY4W%2BhUaxb3ID%2F0wihYfU%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 8676583dfafd9a00-FRA

GET
H2 200 typ-bg.jpg
adgone.org/Content/Landing/srcAssets/adGone/img/ 13 KB
14 KB 213ms
213ms Image
image/jpeg 54.158.90.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adgone.org/Content/Landing/srcAssets/adGone/img/typ-bg.jpg
Requested by: Host: adgone.org
URL: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.90.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-90-171.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 815f75ea9282639509fdd2828b7e4dfb25cf472df2754e69bc8c134e4dd538cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
last-modified: Fri, 17 Mar 2023 16:21:04 GMT
server: Microsoft-IIS/8.5
accept-ranges: bytes
etag: "a934f978ec58d91:0"
content-length: 13800
content-type: image/jpeg

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 64ms
19ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@200;300;400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://adgone.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 14:25:40 GMT
x-content-type-options: nosniff
age: 518105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Mar 2025 14:25:40 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 66ms
21ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://adgone.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 20:16:13 GMT
x-content-type-options: nosniff
age: 151472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 20:16:13 GMT

GET
H2 200 fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 70ms
29ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://adgone.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 752
age: 599464
cdn-cachedat: 10/31/2023 19:08:24
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 2cb07550984ac53c92cc7486e597116c
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8676583dfc32367e-FRA
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
96 KB 44ms
43ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z3REKC4FMD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-179377323-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3dd8c94339bb6046924b747c36b366d78e4928c451e88da6eaf7015bfe630f9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98006
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Mar 2024 14:20:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 207ms
19ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-179377323-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 20 Mar 2024 13:38:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2523
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 20 Mar 2024 15:38:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
78 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-696524296&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-179377323-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c2faa06ed4f271809ff6ecf99545e8815d88cf16796420e7ac65751d34fb6713

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79930
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Mar 2024 14:20:45 GMT

POST
H2 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
455 B 160ms
52ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5&rnd=122861957.1710944445&url=https%3A%2F%2Fadgone.org%2Fadblocker%2Fupgrade&dma_cps=-&dma=1&npa=1&gtm=45be43i0v9101110534za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-696524296&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2024 14:20:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
241 B 107ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z3REKC4FMD&gtm=45je43i0v880748581za200&_p=1710944445052&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&cid=2003133343.1710944445&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=denied&_eu=AAAI&_s=1&sid=1710944445&sct=1&seg=0&dl=https%3A%2F%2Fadgone.org%2Fadblocker%2Fupgrade%3Fuid%3D68ac9833-237f-4f1d-8107-e7e66e402778%26uc%3D20221005%26source%3Dlp0-tst0-psmi-pl-460719--ec%26sid%3D%26activation%3Dfalse%26implementation_id%3Dadgone_1.2.3%26trialDay%3D527%26pageType%3Dbanner&dt=Downloads%20and%20Pricing%20%7C%20AdGone%20Ad%20Blocker&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1045
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z3REKC4FMD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Mar 2024 14:20:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://adgone.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 subscription.js Show response
adgone.org/scripts/ 20 KB
5 KB 121ms
121ms Script
application/javascript 54.158.90.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adgone.org/scripts/subscription.js
Requested by: Host: adgone.org
URL: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.90.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-90-171.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 /
Resource Hash: b1ea887a68483a2eca3896c9e584b1f7dd7c90658323bdcc14fa3fefda69324c

Request headers

Referer: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
Origin: https://adgone.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
content-encoding: gzip
last-modified: Thu, 28 Sep 2023 20:33:12 GMT
server: Microsoft-IIS/8.5
etag: "0b4f6ff4af2d91:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 4627

GET
H2 200 utils.js Show response
adgone.org/scripts/ 612 B
657 B 120ms
120ms Script
application/javascript 54.158.90.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adgone.org/scripts/utils.js
Requested by: Host: adgone.org
URL: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.90.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-90-171.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 0f3e7f1b553acb4bae2a0b37fb971ec45567d885e36194e0d4e4da6d56229cb1

Request headers

Referer: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
Origin: https://adgone.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 15:06:26 GMT
server: Microsoft-IIS/8.5
etag: "e5f22ee41d4d91:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 456

GET
H3 200 d14cc199-ea10-40de-bca1-1cb482ada63f Show response
app.termly.io/api/v1/snippets/websites/ 8 KB
2 KB 257ms
204ms XHR
application/json 2606:4700::6812:1eea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/d14cc199-ea10-40de-bca1-1cb482ada63f

Requested by

Host: app.termly.io
URL: https://app.termly.io/embed.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1eea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04fc6b0e15f146804363a8dcce1ace83b26c412c9c7652edc470c51aaef3ab7b

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://adgone.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-rack-cors: hit
date: Wed, 20 Mar 2024 14:20:45 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 9c094afb-fa34-4c71-a3da-2f8fca7ec1a3
x-runtime: 0.012576
server: cloudflare
etag: W/"04fc6b0e15f146804363a8dcce1ace83"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=14400
vary: Origin, Accept-Encoding
cf-ray: 8676583fc844368a-FRA
expires: Wed, 20 Mar 2024 18:20:45 GMT

GET
H3 200 ip Show response
app.termly.io/api/v1/snippets/websites/d14cc199-ea10-40de-bca1-1cb482ada63f/ 147 B
679 B 262ms
210ms XHR
application/json 2606:4700::6812:1eea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/d14cc199-ea10-40de-bca1-1cb482ada63f/ip?random-uuid=ee67404e-1282-3b03-4097-9453c3edef96

Requested by

Host: app.termly.io
URL: https://app.termly.io/embed.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1eea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd93f99b75df2f59fc25e3056f977f2deaa9bf8ea3ff10db0f03593c2fa11163

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://adgone.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-rack-cors: hit
date: Wed, 20 Mar 2024 14:20:45 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: ed16feb6-2336-48f4-b791-374c7999af59
x-runtime: 0.003619
server: cloudflare
etag: W/"dd93f99b75df2f59fc25e3056f977f2d"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=14400
vary: Origin, Accept-Encoding
cf-ray: 8676583fc842368a-FRA
expires: Wed, 20 Mar 2024 18:20:45 GMT

GET
H2 200 web-widget-main-a5bccfa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 95C9 436 KB
139 KB 48ms
48ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a5bccfa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=edbf3e8a-3d29-497a-a698-38739089fb5a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de43612db6bcfd8eab627648039b3ccbbb87139c713ba3e1cac36910326b7809

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
x-amz-version-id: 4.rZqSB9Bnekak_ynV4ewUazXc1fWmXm
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4C47T8PXVE9R9DRX
age: 104038
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 7mzcBVRt+E6klwZ9YXkghG2orCx8ZcvwViDraDn9pB3Wr/y5rmz80Akfc3Z5m3jpBmodZ5wUpxKzwSHi8nQH4Q==
last-modified: Thu, 07 Mar 2024 14:21:03 GMT
server: cloudflare
etag: W/"44c50613f509b1611590bc307ac44026"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=txYr5Dnw9igqLxNKVNM43fvXaOHKj2mekq9g1iYW%2FuOf0SmHNE98vJKWflUw%2BBVSv87UxC8g%2F1mnhrEdS%2BuX6N7RX0WURZkhWmVFliZNLxjjmJJL7vJcZHv%2FGuhw1DJFh31CNEE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 8676583f8d6237d7-FRA
access-control-allow-headers: *
expires: Fri, 07 Mar 2025 14:21:02 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 19ms
19ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1121798577&t=pageview&_s=1&dl=https%3A%2F%2Fadgone.org%2Fadblocker%2Fupgrade%3Fuid%3D68ac9833-237f-4f1d-8107-e7e66e402778%26uc%3D20221005%26source%3Dlp0-tst0-psmi-pl-460719--ec%26sid%3D%26activation%3Dfalse%26implementation_id%3Dadgone_1.2.3%26trialDay%3D527%26pageType%3Dbanner&ul=en-us&de=UTF-8&dt=Downloads%20and%20Pricing%20%7C%20AdGone%20Ad%20Blocker&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAgAAQABAAAAAAAAIk~&cid=2003133343.1710944445&tid=UA-179377323-1&_gid=1665758924.1710944445&gtm=457e43i0za200&gcs=G100&gcd=13p3p3p2p5&dma_cps=-&dma=1&jsscut=1&npa=1&z=942049358

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Mar 2024 22:36:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56638
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 20ms
20ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1121798577&t=event&ni=1&_s=2&dl=https%3A%2F%2Fadgone.org%2Fadblocker%2Fupgrade%3Fuid%3D68ac9833-237f-4f1d-8107-e7e66e402778%26uc%3D20221005%26source%3Dlp0-tst0-psmi-pl-460719--ec%26sid%3D%26activation%3Dfalse%26implementation_id%3Dadgone_1.2.3%26trialDay%3D527%26pageType%3Dbanner&ul=en-us&de=UTF-8&dt=Downloads%20and%20Pricing%20%7C%20AdGone%20Ad%20Blocker&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=LP&ea=Version&el=AdGone_Home&_u=YAgAAQABAAAAAAAAIk~&cid=2003133343.1710944445&tid=UA-179377323-1&_gid=1665758924.1710944445&gtm=457e43i0za200&gcs=G100&gcd=13p3p3p2p5&dma_cps=-&dma=1&jsscut=1&npa=1&z=1630796448

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Mar 2024 22:36:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56638
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en-us-json-a5bccfa.js Show response
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 95C9 18 KB
4 KB 39ms
39ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-a5bccfa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a5bccfa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c52c73407a0d652b51d31bdcb5dff0050e9f916b58bca340d677fddb22b76572

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
x-amz-version-id: xU.UJKzvZAqxA35vi.bk7FLTZqJ2s5L2
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4C4E58BEC93H7WZ9
age: 104037
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: z/F8ZTLS80HA6Hq25QDvDtjufL/sG+cd4iflItaLmSIyxxpzLYs162c5WlYUi56oZTKULLKqyjw=
last-modified: Thu, 07 Mar 2024 14:21:04 GMT
server: cloudflare
etag: W/"3ac3100c0ffed8d435c31e09d2196883"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0EgA55jhRBpr4P5XibFhE550%2BCUCdUJK1IR4tnLSCDqIrgfejdkSXKddjipqb7orTjMWDTZptZ%2BHCWGSjmGPoIM%2Bpgqnq0l0wPVr0x%2F2V6vvrgS9LMp9JBAnsakKW7JMioUKWFo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 867658403e3837d7-FRA
access-control-allow-headers: *
expires: Fri, 07 Mar 2025 14:21:03 GMT

GET
H2 200 web-widget-84852-a5bccfa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 95C9 139 KB
47 KB 41ms
41ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-84852-a5bccfa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a5bccfa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e994cb0b343d3edeb1b58566cc21a641fc7d06bf0f285d5988cca28b0089f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
x-amz-version-id: veYbcIGkqYtP1iMqRwAf.V2ZbkNLzcZg
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4C4D8ED08P4G1NWF
age: 104038
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: BnWPc/u8fi/XsHls05iLas2D5j+MAS45uGU6Xkgm1xpD+kYubnun2nwWLPG+1nmBMvVk42IRY/g=
last-modified: Thu, 07 Mar 2024 14:21:01 GMT
server: cloudflare
etag: W/"d19f02a4d0c4a8500e3d2de6c4f5e6d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=earQ%2FOCwC97sXbSiI1vh82%2BVa0DIxxwJ4g56AaXjLaAeoq0fX%2Bct1JA7lFUpLGKHjrcGMXSO6rx0c7gx%2F3q27e4Nair8CvFEojcjBAkLvTuuifQH39L6v8aM7gwlH%2BiOfXyftao%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 867658403e3a37d7-FRA
access-control-allow-headers: *
expires: Fri, 07 Mar 2025 14:21:00 GMT

GET
H2 200 web-widget-1327-a5bccfa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 95C9 18 KB
6 KB 36ms
35ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-1327-a5bccfa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a5bccfa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8525380ed6e0ca2e8e4b80c9650de2d7c96fbaf342aee8c63fe1bca13a55df53

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
x-amz-version-id: rTXD.80HkRIC6hvw9IsRXl951LUj5fJ2
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4C45Z1EVXCYE3CN5
age: 104038
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Un+ULqzT4bJ4rxMYjM6cDHGcrpUJhTCF2gQrunScAp9FfBO/tpRAAbdpHc2pTxgiOByaY/dNZvR5Kwp6nKvslw==
last-modified: Thu, 07 Mar 2024 14:20:55 GMT
server: cloudflare
etag: W/"bd26f2d30e94f25a4a0b875c335aca6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iV3Hr6ZtGN1%2FyTtZwRvWfoJrRpGYKa2VO%2FYWKKkzrW7YYF1DQipdA91%2BKNX3%2BcCsA4Ps6XC46A6IJuvtRscNkiQj%2FeEUJqBDZKqvcsOeuty1n47Ct8f1b4ZdTFYf%2B%2F5SEbzorDA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 867658403e3c37d7-FRA
access-control-allow-headers: *
expires: Fri, 07 Mar 2025 14:20:54 GMT

GET
H2 200 web-widget-92795-a5bccfa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 95C9 14 KB
4 KB 37ms
37ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-92795-a5bccfa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a5bccfa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28ebd6c5198d4781e605f1c547ef8fd3af65972fc6e97aadf97da364b4a92064

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
x-amz-version-id: Iwp9HreJBQqvZOXyJGAXGMfxFZFvCIEV
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4C4060NMTD2190GD
age: 101397
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 2hfXqIanIz6t/dyvlNkmvr9kaCogDGYihetUsTPbkG4G4XRPaj59Ik4FPZRgTpBYxbZkoC5QtVlSarO1oTGo4Q==
last-modified: Thu, 07 Mar 2024 14:21:02 GMT
server: cloudflare
etag: W/"0ddb1019371eba2e87775cd507d5bf90"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B3bzDB%2B0zPdOi8b8w05MpHFqN8BL32atz6askFrJ5yroGXVJ3aSRnpXqi9VbxlTSzcVBBLfawGqmq8D6QGlktl3ACg7eDVTo2rUZF7LLWFlRdzws25blZ9REyrijylR0Px8c86c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 867658403e3e37d7-FRA
access-control-allow-headers: *
expires: Fri, 07 Mar 2025 14:21:01 GMT

GET
H2 200 web-widget-15178-a5bccfa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 95C9 12 KB
5 KB 34ms
34ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-15178-a5bccfa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a5bccfa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edc6615cbf86cc4784338f530963b5da942552f1fea45bb3b1db81f6b9eaea17

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
x-amz-version-id: fNxiDRYswoT9NV6HH.4Ddske2h7ECHym
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4C49ASYBY63ZGHVE
age: 104038
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: QToodVMdkCgNrQK8wSipMPK5bKORLJbixAcR/tILLSGNOThRy15MPwa0oguYPde5TIsrHoL9oxg=
last-modified: Thu, 07 Mar 2024 14:20:55 GMT
server: cloudflare
etag: W/"db77198393a490e11834f06f319204f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u2Wa%2B0A9pGg4mbYynQKMDiHG3gbhFsTy0SlTtjkzytCll0o6cZdyI9zzOxP0gyhZx%2FkA1u8Vs25yABufRypOQExV%2B99N%2F956tQMeiUVM%2B8xCkioCE%2BhfyJDJ4GYWUAvI3Kz%2Fiqg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 867658403e3f37d7-FRA
access-control-allow-headers: *
expires: Fri, 07 Mar 2025 14:20:54 GMT

GET
H2 200 web-widget-59535-a5bccfa.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 95C9 15 KB
6 KB 43ms
43ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-59535-a5bccfa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a5bccfa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c63532942750a29059902d0a490f1b270ce1125c059e1afdd93193be44f56d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
x-amz-version-id: r1saJi2ugifESncYW572Ey.judSGBY3V
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4C47YRG8DKV54X71
age: 104038
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: lsFVx5IV8+iPleJTeYcAM59MWL/iZmoxLrOLPvnNK0mSj/ADHcglHsCxfFuEBmB3Bnw7U8gsJoA=
last-modified: Thu, 07 Mar 2024 14:20:59 GMT
server: cloudflare
etag: W/"781401f7f5de09fdd2c7e3f9fa812fd7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UPJJheSPM65WteSiQ2EHPwz2Ce%2BNDE4K86RuMiXJJP4lm6jm9rGYna0PSNHeeJYS0q6pfSxh6kn4dKhck1Woa2CRgDYVIxFDHUgFw4vMID%2FU6o4AZ18IYmgIrUiBduebNDUulWs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 867658404e4437d7-FRA
access-control-allow-headers: *
expires: Fri, 07 Mar 2025 14:20:58 GMT

GET
H2 200 config_newCM_v1_AI.js Show response
adgone.org/Content/Landing/srcAssets/adGone/js/ 9 KB
4 KB 123ms
123ms Script
application/javascript 54.158.90.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adgone.org/Content/Landing/srcAssets/adGone/js/config_newCM_v1_AI.js?ver=2
Requested by: Host: adgone.org
URL: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.90.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-90-171.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 689165a2043a428bcde8c0d05b44608106597a10fa5a19cedc2cb9bdf980928f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
content-encoding: gzip
last-modified: Fri, 17 Mar 2023 16:21:04 GMT
server: Microsoft-IIS/8.5
etag: "23f9fd78ec58d91:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3514

GET
H2 200 field.html Show response
api.recurly.com/js/v1/ Frame 5172 1 KB
1 KB 46ms
21ms Document
text/html 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.recurly.com/js/v1/field.html
Requested by: Host: js.recurly.com
URL: https://js.recurly.com/v4/recurly.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 79d79df258bd4b35faa747126d580d0018b5c06b9b4f3f46869f8339698fdf8c

Request headers

Referer: https://adgone.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2912
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=3600,s-maxage=3600
content-length: 1268
content-type: text/html
date: Wed, 20 Mar 2024 13:32:13 GMT
etag: "65fa02c3-4f4"
last-modified: Tue, 19 Mar 2024 21:25:23 GMT
server: nginx
via: 1.1 google

GET
H2 200 info Show response
api.recurly.com/js/v1/risk/ 204 B
632 B 193ms
130ms XHR
application/json 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.recurly.com/js/v1/risk/info?version=4.28.0&key=ewr1-Dd2mbq1eVr20p4uiLKIhPG&deviceId=RPId4BhiJ0FQczAO&sessionId=di0ijShyxwNx7bxi&instanceId=5TFriqQrVwaHVS5w
Requested by: Host: js.recurly.com
URL: https://js.recurly.com/v4/recurly.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d66fd5bca998bfc2364344e28b22a4c9062bb58a5f41731bccaeec8f26979499

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
via: 1.1 google
server: nginx
etag: W/"d66fd5bca998bfc2364344e28b22a4c9"
vary: Accept
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Type, Origin, User-Agent, X-Requested-With, Recurly-Credential-Checkout-Hostname
content-length: 204
x-request-id: 38878e26-593b-49d5-925b-f69ee6ee8e8c

GET
H2 200 adblocker_intro_yearly Show response
api.recurly.com/js/v1/plans/ 2 KB
2 KB 216ms
154ms XHR
application/json 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.recurly.com/js/v1/plans/adblocker_intro_yearly?version=4.28.0&key=ewr1-Dd2mbq1eVr20p4uiLKIhPG&deviceId=RPId4BhiJ0FQczAO&sessionId=di0ijShyxwNx7bxi&instanceId=5TFriqQrVwaHVS5w
Requested by: Host: js.recurly.com
URL: https://js.recurly.com/v4/recurly.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d7762fe99e9c25600d3781ed4c74310080677930105d284d91fb6de13b114bd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
via: 1.1 google
server: nginx
etag: W/"d7762fe99e9c25600d3781ed4c743100"
vary: Accept
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300,public
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Type, Origin, User-Agent, X-Requested-With, Recurly-Credential-Checkout-Hostname
content-length: 2157
x-request-id: 09863381-3993-410b-870e-6eca1fc0f2a5

OPTIONS
H2 204 pv
adblock.zendesk.com/frontendevents/ Frame 0
0 617ms
537ms Preflight 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adblock.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://adgone.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 86765841093a1973-FRA
date: Wed, 20 Mar 2024 14:20:46 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rf2kZfY8Vumh6D6FLhDXTlCwUstBt7IncMXOf9FF56w2zZTeGJwcj7A7a0EFFz5mGB64QMq5K4KILUUSSqropW4YF9Iyi2QqSelgrBq6COGk3J%2B3ZGQlEj5EiUA5IH0%2BLXrNpiM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 86765841093a1973-FRA
x-zendesk-zorg: yes

POST
H2 200 pv
adblock.zendesk.com/frontendevents/ Frame 95C9 0
0 196ms
196ms Fetch 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adblock.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a5bccfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 20 Mar 2024 14:20:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lcp%2BGH0bu5r%2B9ALU7AgvI5qE03cVfTubmsXCnJlBTpCvG22PxMXwoLKAwsYfwHNBsm%2FZ5I8iYZtPHA5tnyGkOBKfNRbZIP61E9otLB6S45gecuskne0T7mJgmzPoZq7e5xSItEo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 867658446dec1973-FRA
content-length: 0
x-request-id: 867658446dec1973-FRA

GET
H2 200 config Show response
adblock.zendesk.com/embeddable/ Frame 95C9 803 B
1 KB 472ms
392ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adblock.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a5bccfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16ce7a2405acd1b3565f3c965646b4ca0dc9680c00d94df046a0589cb7f66d9f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-84b48bb7b6-rxncl
x-cached: MISS
x-request-id: 8676584109371973-FRA
x-runtime: 0.003710
last-modified: Wed, 20 Mar 2024 14:04:10 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A1v7s6yrfeVrl0WceKVRlLIH3NfKu2klc7h%2F3tw%2BY4vE5WeMVu2FgWLQZznVczJWTb3Ba6TqbKcYtb16WkSom34LPpwkECr3ZBTLwGT5o76WFEWxOZSarG0%2BJj88Pc24hpP6wkk%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 8676584109371973-FRA

GET
H3 200 hosted-field.js Show response
js.recurly.com/hosted-field/v1/ Frame 5172 689 KB
200 KB 23ms
23ms Script
application/javascript 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.recurly.com/hosted-field/v1/hosted-field.js
Requested by: Host: api.recurly.com
URL: https://api.recurly.com/js/v1/field.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9fb9bfcf354588d2e954856a9364d7d9ba5fe6f30704a6cf7ce8948301c21102

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.recurly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 13:42:53 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 28 Feb 2024 20:24:14 GMT
server: nginx
age: 2272
etag: W/"65df966e-ac2b4"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
cache-control: public,max-age=3600
access-control-allow-credentials: false
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 204709

OPTIONS
H3 200 statistics
app.termly.io/api/v1/snippets/websites/d14cc199-ea10-40de-bca1-1cb482ada63f/ Frame 0
0 198ms
198ms Preflight 2606:4700::6812:1eea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/d14cc199-ea10-40de-bca1-1cb482ada63f/statistics

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1eea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://adgone.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 867658411a27368a-FRA
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
date: Wed, 20 Mar 2024 14:20:45 GMT
server: cloudflare
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 201 statistics Show response
app.termly.io/api/v1/snippets/websites/d14cc199-ea10-40de-bca1-1cb482ada63f/ 3 B
558 B 204ms
204ms XHR
application/json 2606:4700::6812:1eea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/d14cc199-ea10-40de-bca1-1cb482ada63f/statistics

Requested by

Host: app.termly.io
URL: https://app.termly.io/embed.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1eea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43974ed74066b207c30ffd0fed5146762e6c60745ac977004bc14507c7c42b50

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://adgone.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

x-rack-cors: hit
date: Wed, 20 Mar 2024 14:20:45 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 1d83fb8b-59a1-4462-bbee-64a892c6afd7
x-runtime: 0.016712
server: cloudflare
etag: W/"43974ed74066b207c30ffd0fed514676"
access-control-max-age: 600
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
vary: Origin
cf-ray: 867658425b6f368a-FRA

GET
H3 200 cookies Show response
app.termly.io/api/v1/snippets/websites/d14cc199-ea10-40de-bca1-1cb482ada63f/documents/7122c697-35dc-4635-a776-c0528c17f570/ 10 KB
3 KB 57ms
57ms XHR
application/json 2606:4700::6812:1eea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/d14cc199-ea10-40de-bca1-1cb482ada63f/documents/7122c697-35dc-4635-a776-c0528c17f570/cookies

Requested by

Host: app.termly.io
URL: https://app.termly.io/embed.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1eea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7aec8be6434489fb3b932b0dc2819ee6aa31f5d7727892b2518e852afaf8f83e

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://adgone.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-rack-cors: hit
date: Wed, 20 Mar 2024 14:20:45 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
cf-cache-status: HIT
age: 55936
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 42218c31-9d63-4ead-9ca3-aa2b4217d3ee
x-runtime: 0.010592
server: cloudflare
etag: W/"7aec8be6434489fb3b932b0dc2819ee6"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=14400
vary: Origin, Accept-Encoding
cf-ray: 867658412a35368a-FRA
expires: Wed, 20 Mar 2024 18:20:45 GMT

GET
H2 200 882.min.js Show response
app.termly.io/resource-blocker/ 488 B
427 B 32ms
32ms Script
application/javascript 2606:4700::6812:1eea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/resource-blocker/882.min.js

Requested by

Host: app.termly.io
URL: https://app.termly.io/embed.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1eea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7b912a200d2616fbd634ece681e928b53008cd69794d8575ac130388718c226

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 5997
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 19 Mar 2024 19:37:19 GMT
server: cloudflare
etag: W/"65f9e96f-1e8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 867658412de3929b-FRA
expires: Wed, 20 Mar 2024 18:20:45 GMT

GET
H3 200 en.json Show response
app.termly.io/resource-blocker/i18n/ 12 KB
3 KB 37ms
37ms XHR
application/json 2606:4700::6812:1eea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.termly.io/resource-blocker/i18n/en.json
Requested by: Host: app.termly.io
URL: https://app.termly.io/embed.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e24ee2ed0c228cb3b91e93b5c43e51bf51aa570361f8237d766bb59761459e48

Request headers

Accept: application/json, text/plain, */*
Csrf-Token: a27ac0df-1d73-49b5-abe4-f3124263a2a7
Referer: https://adgone.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
content-encoding: br
cf-cache-status: HIT
age: 1309
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Mar 2024 19:37:19 GMT
server: cloudflare
etag: W/"65f9e96f-2f19"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 867658425b6d368a-FRA
access-control-allow-headers: *
expires: Wed, 20 Mar 2024 18:20:45 GMT

OPTIONS
H3 204 en.json
app.termly.io/resource-blocker/i18n/ Frame 0
0 186ms
186ms Preflight 2606:4700::6812:1eea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.termly.io/resource-blocker/i18n/en.json
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: csrf-token
Access-Control-Request-Method: GET
Origin: https://adgone.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 867658412a3c368a-FRA
date: Wed, 20 Mar 2024 14:20:45 GMT
server: cloudflare

GET
H2 403 css
fonts.googleapis.com/ Frame 5172 0
0 31ms
30ms Stylesheet
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css?family=Poppins%7CArial%7CHelvetica
Requested by: Host: js.recurly.com
URL: https://js.recurly.com/hosted-field/v1/hosted-field.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.recurly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 200 918.min.js Show response
app.termly.io/resource-blocker/ 16 KB
7 KB 40ms
40ms Script
application/javascript 2606:4700::6812:1eea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/resource-blocker/918.min.js

Requested by

Host: app.termly.io
URL: https://app.termly.io/embed.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1eea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7c4169ad929b75498cdf146d1a738ce9933e963fe0fde0e1bb17a5509d18c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 6922
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 19 Mar 2024 19:37:19 GMT
server: cloudflare
etag: W/"65f9e96f-3ef3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 8676584198f29060-FRA
expires: Wed, 20 Mar 2024 18:20:45 GMT

GET
H3 200 883.min.js Show response
app.termly.io/resource-blocker/ 7 KB
3 KB 43ms
43ms Script
application/javascript 2606:4700::6812:1eea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/resource-blocker/883.min.js

Requested by

Host: app.termly.io
URL: https://app.termly.io/embed.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1eea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad4a9dedfb4ece7a8dbe02f95ceab624395fcfc7e5441042bd672afc06fabd95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 6922
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 19 Mar 2024 19:37:19 GMT
server: cloudflare
etag: W/"65f9e96f-1ab1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 8676584198f49060-FRA
expires: Wed, 20 Mar 2024 18:20:45 GMT

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 745D 66 KB
23 KB 93ms
25ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: js.recurly.com
URL: https://js.recurly.com/v4/recurly.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (dac/9C80) /

Resource Hash

65fb230ac186e08d9c2790d41459a04faaffa59c30576127c45efc2f799a7866

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-cache-hits: 350354
date: Wed, 20 Mar 2024 14:20:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
age: 550432
x-cache: HIT
paypal-debug-id: cba5d9165c6ff
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 22671
x-served-by: cache-fra-etou8220064-FRA
last-modified: Wed, 28 Feb 2024 01:41:40 GMT
server: ECAcc (dac/9C80)
traceparent: 00-0000000000000000000cba5d9165c6ff-f1474545c53170a3-01
x-timer: S1710944446.774244,VS0,VE2
etag: W/"65de8f54-10882"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: x-csrf-token
expires: Thu, 21 Mar 2024 14:20:45 GMT

GET
H3 200 955.min.js Show response
app.termly.io/resource-blocker/ 7 KB
2 KB 31ms
31ms Script
application/javascript 2606:4700::6812:1eea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/resource-blocker/955.min.js

Requested by

Host: app.termly.io
URL: https://app.termly.io/embed.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1eea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90bde33731d425526e8510a844148d5012e011502ce996cada1a80d4a3b2d65a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adgone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:45 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 6920
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 19 Mar 2024 19:37:19 GMT
server: cloudflare
etag: W/"65f9e96f-1ae5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 86765841d9469060-FRA
expires: Wed, 20 Mar 2024 18:20:45 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://adgone.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 18:30:08 GMT
x-content-type-options: nosniff
age: 157837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 18:30:08 GMT

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame 1D20 160 B
1 KB 181ms
181ms Document
text/html 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua, sec-ch-ua-mobile, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-platform, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-wow64, sec-ch-ua-bitness, sec-ch-ua-model, sec-ch-ua-full
accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: 3fb1e8936aeb3
date: Wed, 20 Mar 2024 14:20:45 GMT
origin-trial: A0A/uBW0ogQIica1KkPCeSOoHfvTATXdyRg8F/Ka8gjK4pCprEDwF3d3wTxNzSPn1ASb5ncpd46h7RQiSqGYpA8AAACMeyJvcmlnaW4iOiJodHRwczovL2MucGF5cGFsLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY5NTUxMzU5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
paypal-debug-id: 3fb1e8936aeb3
server-timing: "traceparent;desc="00-00000000000000000003fb1e8936aeb3-3ce77f691720d420-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000003fb1e8936aeb3-c86f8146c81fb054-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-fra-etou8220064-FRA
x-timer: S1710944446.811472,VS0,VE162
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
lhr.stats.paypal.com/v2/ Frame 25D5
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=6fcb07a4bb72438aa0e1454b5ab52720&s=QPRWDZL65Q7RW_checkout
https://lhr.stats.paypal.com/v2/counter2.cgi?p=6fcb07a4bb72438aa0e1454b5ab52720&s=QPRWDZL65Q7RW_checkout

42 B
299 B

118ms
36ms

Image
image/jpeg

34.147.177.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lhr.stats.paypal.com/v2/counter2.cgi?p=6fcb07a4bb72438aa0e1454b5ab52720&s=QPRWDZL65Q7RW_checkout
Protocol: HTTP/1.1
Server: 34.147.177.40 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 40.177.147.34.bc.googleusercontent.com
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 20 Mar 2024 14:20:46 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://lhr.stats.paypal.com/v2/counter2.cgi?p=6fcb07a4bb72438aa0e1454b5ab52720&s=QPRWDZL65Q7RW_checkout
Date: Wed, 20 Mar 2024 14:20:45 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame 745D 0
382 B 294ms
219ms Image
text/plain 2a04:4e42:400::291
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=6fcb07a4bb72438aa0e1454b5ab52720&s=QPRWDZL65Q7RW_checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::291 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
x-cache: MISS
paypal-debug-id: 72bc35339015b
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 0
x-served-by: cache-fra-etou8220094-FRA
correlation-id: 72bc35339015b
traceparent: 00-000000000000000000072bc35339015b-9fda1ffe5305bef7-01
x-timer: S1710944446.886760,VS0,VE195
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 1D20 66 KB
23 KB 21ms
20ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (dac/9C80) /

Resource Hash

65fb230ac186e08d9c2790d41459a04faaffa59c30576127c45efc2f799a7866

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-cache-hits: 350355
date: Wed, 20 Mar 2024 14:20:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
age: 550432
x-cache: HIT
paypal-debug-id: cba5d9165c6ff
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 22671
x-served-by: cache-fra-etou8220064-FRA
last-modified: Wed, 28 Feb 2024 01:41:40 GMT
server: ECAcc (dac/9C80)
traceparent: 00-0000000000000000000cba5d9165c6ff-f1474545c53170a3-01
x-timer: S1710944446.995767,VS0,VE1
etag: W/"65de8f54-10882"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: x-csrf-token
expires: Thu, 21 Mar 2024 14:20:45 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame 1D20 125 B
933 B 220ms
220ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

150767e3a6e329b414bf9952bd7238ed370a06fe010b22a15cd3b4db95c7c31e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 20 Mar 2024 14:20:46 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 1f1e64c390e20
server-timing: "traceparent;desc="00-00000000000000000001f1e64c390e20-a0570199312480d9-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length: 125
x-served-by: cache-fra-etou8220064-FRA
correlation-id: 1f1e64c390e20
traceparent: 00-00000000000000000001f1e64c390e20-b1c244bd369eac71-01
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame 1D20 0
352 B 191ms
191ms XHR
text/plain 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 20 Mar 2024 14:20:46 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
paypal-debug-id: 81c5f1eb73395
server-timing: "traceparent;desc="00-000000000000000000081c5f1eb73395-de55b8a0047dacf5-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220064-FRA
correlation-id: 81c5f1eb73395
traceparent: 00-000000000000000000081c5f1eb73395-3ff5dad03e711bf3-01
vary: Accept-Encoding
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
adgone.org/	1970-01-20 19:58:56	Name: csrf_token Value: a27ac0df-1d73-49b5-abe4-f3124263a2a7
.paypal.com/	1970-01-21 04:51:44	Name: sc_f Value: v9L_pRCoW_EXkg-shbSRFDxXB5eJv23bo3nn-i-3jGtKMB4k9KkLwTKCko4XGpIgDv2lFjH6hiDUMusPfELLmHLgHZF7_TFxQDtVx0
.paypal.com/	1970-01-21 04:51:44	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: UX8SFEUmEsYpo2nKf5gc9EiBfOLRkiB3q0TP6XHyeq8U3pit_eOjeRJxv9OwW0gp-hQOvNxAi_P5UYHx
.paypal.com/	1970-01-20 19:15:46	Name: l7_az Value: dcg16.slc

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fonts.googleapis.com/css?family=Poppins%7CArial%7CHelvetica Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://adgone.org/adblocker/upgrade?uid=68ac9833-237f-4f1d-8107-e7e66e402778&uc=20221005&source=lp0-tst0-psmi-pl-460719--ec&sid=&activation=false&implementation_id=adgone_1.2.3&trialDay=527&pageType=banner Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adblock.zendesk.com
adgone.org
api.recurly.com
app.termly.io
b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdn.jsdelivr.net
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
js.recurly.com
lhr.stats.paypal.com
pagead2.googlesyndication.com
region1.google-analytics.com
stackpath.bootstrapcdn.com
static.zdassets.com
www.google-analytics.com
www.googletagmanager.com
104.16.53.111
104.18.70.113
104.18.72.113
151.101.129.21
2001:4860:4802:32::36
2606:4700::6810:5914
2606:4700::6812:1eea
2606:4700::6812:acf
2a00:1450:4001:808::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2002
2a04:4e42:400::291
34.147.177.40
34.98.107.242
54.158.90.171
04fc6b0e15f146804363a8dcce1ace83b26c412c9c7652edc470c51aaef3ab7b
0f3e7f1b553acb4bae2a0b37fb971ec45567d885e36194e0d4e4da6d56229cb1
1040685ef31b7e5d0b52ffa5413e3e8bcbcfdc1b10a1d20773c0680ee96ab8e1
150767e3a6e329b414bf9952bd7238ed370a06fe010b22a15cd3b4db95c7c31e
16ce7a2405acd1b3565f3c965646b4ca0dc9680c00d94df046a0589cb7f66d9f
213cdc1d0dcc894bcc6b688d278594bc29b946487259e7eb2fa40a2b7c0b4c06
225c2fa5e6b2a9c6860ae6ed89ba86de662d59a964f3dcb6ecf33ecba85bedc8
28ebd6c5198d4781e605f1c547ef8fd3af65972fc6e97aadf97da364b4a92064
299a24718670d6e239145612f956745b220ccccd07fd7db838b53a56165b3b30
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e994cb0b343d3edeb1b58566cc21a641fc7d06bf0f285d5988cca28b0089f20
3c407529fa4f93133a8e1c085cff173348f42e6d92530a6a158c0ba1d247063e
3d25c71aac8a12cdda6145af5a5cff1b3164378ebc212e3602e56c8638c7ce7e
3dd8c94339bb6046924b747c36b366d78e4928c451e88da6eaf7015bfe630f9a
43974ed74066b207c30ffd0fed5146762e6c60745ac977004bc14507c7c42b50
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48f7035ca039b981b12db7a14b26f32ee0025b676fddfd94dea0da0115944a14
49ad4753b1f89427ed44575b685302291d09d6a0f8be2731606efb4326d9d012
55e586115b7fa7660949100439439c7fa00160822f3108b3b00b16afc4a624a9
5aa42812961402a87076bc7a833aac5cd2c6dba847ed399bf836e025b7749b6e
65fb230ac186e08d9c2790d41459a04faaffa59c30576127c45efc2f799a7866
689165a2043a428bcde8c0d05b44608106597a10fa5a19cedc2cb9bdf980928f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79d79df258bd4b35faa747126d580d0018b5c06b9b4f3f46869f8339698fdf8c
7aec8be6434489fb3b932b0dc2819ee6aa31f5d7727892b2518e852afaf8f83e
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
813a0a73420ed06e2bf8e383f4d47af4e7362eb7eebee2841d4c5a639946b448
815f75ea9282639509fdd2828b7e4dfb25cf472df2754e69bc8c134e4dd538cc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8525380ed6e0ca2e8e4b80c9650de2d7c96fbaf342aee8c63fe1bca13a55df53
8623a3eb77cb1bdd1b5ecd6dff77a95e441ad9154ec288cf47a37f6f7d31091b
8aa7d3f52ce8994eeaeb17b999569ff401d2a578bb44fcda5b2ad621a7ea0d09
90bde33731d425526e8510a844148d5012e011502ce996cada1a80d4a3b2d65a
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
9fb9bfcf354588d2e954856a9364d7d9ba5fe6f30704a6cf7ce8948301c21102
a7b538cd5a85ef29b0ab66af43ad91c082e6448fc2c0d1e32cde3165d7f2a18e
ad4a9dedfb4ece7a8dbe02f95ceab624395fcfc7e5441042bd672afc06fabd95
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1ea887a68483a2eca3896c9e584b1f7dd7c90658323bdcc14fa3fefda69324c
b93783262bec548a559178d5274b1b8ec55645ac6b3087b84e118525d3a33ae8
bbc088865d9f25c4c31fa7eef71c388032e2b479860a9a99df8bf9ff4737fb73
bfd124d8eff1106f8dbf482194684f5b08e5ad1838804702ce1b99d94cd11dec
c2faa06ed4f271809ff6ecf99545e8815d88cf16796420e7ac65751d34fb6713
c52c73407a0d652b51d31bdcb5dff0050e9f916b58bca340d677fddb22b76572
c63532942750a29059902d0a490f1b270ce1125c059e1afdd93193be44f56d47
c72af641f1876f8373460f3e1e6ae2b78918861d55c8109605a09e03254d0230
c7b912a200d2616fbd634ece681e928b53008cd69794d8575ac130388718c226
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
ced564397911d0b1b82f20978caa0e6b1ad325b1284230dc8a8e2790090cd976
d5456cd6b9aae098095536ebc97c196b1451b5075c959c9e0dbbf31fe900ca4a
d66fd5bca998bfc2364344e28b22a4c9062bb58a5f41731bccaeec8f26979499
d7762fe99e9c25600d3781ed4c74310080677930105d284d91fb6de13b114bd7
db16b375b9cc94e99d181e402140a50550d0764384e2aea73d50a1ea3e16122d
dd93f99b75df2f59fc25e3056f977f2deaa9bf8ea3ff10db0f03593c2fa11163
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de43612db6bcfd8eab627648039b3ccbbb87139c713ba3e1cac36910326b7809
e24ee2ed0c228cb3b91e93b5c43e51bf51aa570361f8237d766bb59761459e48
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c4169ad929b75498cdf146d1a738ce9933e963fe0fde0e1bb17a5509d18c41
edc6615cbf86cc4784338f530963b5da942552f1fea45bb3b1db81f6b9eaea17
eea2fb776182a188bd3218476b8252cdbbc61485d3296935ec9c1256c151b380
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

adgone.org Open in urlscan Pro 54.158.90.171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

73 Requests

99 %HTTPS

59 %IPv6

13 Domains

19 Subdomains

17 IPs

4 Countries

1597 kBTransfer

4525 kBSize

4 Cookies

3 Outgoing links

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

adgone.org Open in urlscan Pro
54.158.90.171 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

99 %
HTTPS

59 %
IPv6

13
Domains

19
Subdomains

17
IPs

4
Countries

1597 kB
Transfer

4525 kB
Size

4
Cookies

73 HTTP transactions
0 data transactions