urlscan.io logo urlscan.io
SecurityTrails logo

nets4.com Open in urlscan Pro
2a06:98c1:3121::7  Public Scan

Go To Rescan Add Verdict Report
URL: https://nets4.com/domain/jesus.co
Submission: On March 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 57 IPs in 10 countries across 50 domains to perform 429 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is nets4.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 29th 2021. Valid for: a year.
This is the only time nets4.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
32 2a06:98c1:312... 13335 (CLOUDFLAR...)
11 2606:4700::68... 13335 (CLOUDFLAR...)
3 18.66.248.50 16509 (AMAZON-02)
17 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2620:1ec:27::... 8075 (MICROSOFT...)
5 52.224.31.34 8075 (MICROSOFT...)
32 34.227.128.233 14618 (AMAZON-AES)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a04:4e42:400... 54113 (FASTLY)
5 2a04:4e42:600... 54113 (FASTLY)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 204.79.197.200 8068 (MICROSOFT...)
5 2a00:1450:400... 15169 (GOOGLE)
28 142.250.185.194 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
70 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
47 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
14 34 142.250.184.194 15169 (GOOGLE)
4 10 2.21.141.232 16625 (AKAMAI-AS)
4 7 185.33.220.216 29990 (ASN-APPNEX)
1 ()
12 138.201.63.116 24940 (HETZNER-AS)
3 2a00:1450:400... 15169 (GOOGLE)
2 142.250.184.226 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 4 144.76.238.55 24940 (HETZNER-AS)
3 138.201.84.252 24940 (HETZNER-AS)
9 9 145.239.193.130 16276 (OVH)
5 88.198.250.30 24940 (HETZNER-AS)
2 4 142.250.185.102 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 54.76.176.197 16509 (AMAZON-02)
1 2a0b:4d07:101::1 44239 (PROINITY ...)
6 46.236.13.147 12703 (PULSANT-AS)
2 2 94.23.99.218 16276 (OVH)
1 2600:1901:0:7... 15169 (GOOGLE)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
4 4 37.157.6.246 198622 (ADFORM)
1 1 2600:9000:225... 16509 (AMAZON-02)
2 108.157.214.118 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 35.244.159.8 15169 (GOOGLE)
2 104.92.106.130 16625 (AKAMAI-AS)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 88.99.165.19 24940 (HETZNER-AS)
1 6 104.92.94.3 16625 (AKAMAI-AS)
1 1 95.100.153.115 20940 (AKAMAI-ASN1)
1 151.101.2.110 54113 (FASTLY)
2 4 2001:678:cb4:... 56396 (AMOBEE)
1 1 169.50.137.184 36351 (SOFTLAYER)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
1 1 35.190.0.66 15169 (GOOGLE)
3 3 213.19.147.45 3356 (LEVEL3)
3 4 185.94.180.126 35220 (SPOTX-AMS)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
3 138.201.63.150 24940 (HETZNER-AS)
1 2620:116:800d... 16509 (AMAZON-02)
2 2 18.194.22.119 16509 (AMAZON-02)
1 1 185.29.132.241 30419 (MEDIAMATH...)
2 2 18.197.240.17 16509 (AMAZON-02)
2 2 213.155.156.181 1299 (TWELVE99 ...)
2 52.30.107.253 16509 (AMAZON-02)
429 57
32    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
nets4.com
img.nets4.com
s0.nets4.com
11    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    18.66.248.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-50.dus51.r.cloudfront.net
cdn.purpleads.io
17    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
cloudflareinsights.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2620:1ec:27::cafe:1425 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
5    52.224.31.34 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
h.clarity.ms
32    34.227.128.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-128-233.compute-1.amazonaws.com
api.purpleads.io
2    2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)
static.addtoany.com
3    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
a.tile.openstreetmap.org
5    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
b.tile.openstreetmap.org
c.tile.openstreetmap.org
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
5    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
28    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
securepubads.g.doubleclick.net
4    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
70    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
pagead2.googlesyndication.com
13    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
5e4a4d08a576fabd6d7653ea67d1e7cf.safeframe.googlesyndication.com
c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
540b893fe6af5ae4cbc70fa62bb6f302.safeframe.googlesyndication.com
23a21fe3ea42696fcc14fdc866388b53.safeframe.googlesyndication.com
25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
14    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
47    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
34    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
10    2.21.141.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
7    185.33.220.216 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    (None, )

ASN- ()
uuid
12    138.201.63.116 (Reilingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de
hal9000.redintelligence.net
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
googleads4.g.doubleclick.net
3    2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    144.76.238.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de
hal900021.redintelligence.net
3    138.201.84.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de
hal900024.redintelligence.net
9    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
5    88.198.250.30 (Hamburg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
4    142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net
5994599.fls.doubleclick.net
8019191.fls.doubleclick.net
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
www.ad-server.eu
ad-server.eu
1    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
6    46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
2    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
12    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    2a05:d018:d29:3601:b73:5e1d:a8b6:5551 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    2600:9000:225f:e800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    108.157.214.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-214-118.arn56.r.cloudfront.net
analytics.webgains.io
1    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    104.92.106.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-106-130.deploy.static.akamaitechnologies.com
sync.teads.tv
2    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
3    88.99.165.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de
hal900028.redintelligence.net
6    104.92.94.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-94-3.deploy.static.akamaitechnologies.com
www.awin1.com
1    95.100.153.115 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-153-115.deploy.static.akamaitechnologies.com
ui2.awin.com
1    151.101.2.110 (United States)

ASN54113 (FASTLY, US)
a1.awin1.com
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    2a05:d018:24:b002:fd0c:6a07:bd55:e3a8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
3    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
4    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
3    138.201.63.150 (Reilingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.150.63.201.138.clients.your-server.de
hal90008.redintelligence.net
1    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    18.194.22.119 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-22-119.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    18.197.240.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-240-17.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    213.155.156.181 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-181.teliacarrier-cust.com
d5p.de17a.com
2    52.30.107.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
119 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
5e4a4d08a576fabd6d7653ea67d1e7cf.safeframe.googlesyndication.com
c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
540b893fe6af5ae4cbc70fa62bb6f302.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
23a21fe3ea42696fcc14fdc866388b53.safeframe.googlesyndication.com
25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
644 KB
77 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 71352
8019191.fls.doubleclick.net — Cisco Umbrella Rank: 206017
1 MB
35 purpleads.io
cdn.purpleads.io — Cisco Umbrella Rank: 176762
api.purpleads.io — Cisco Umbrella Rank: 157725
50 KB
32 nets4.com
nets4.com
img.nets4.com
s0.nets4.com
208 KB
28 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 57
31 KB
25 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 28803
hal900021.redintelligence.net — Cisco Umbrella Rank: 208145
hal900024.redintelligence.net — Cisco Umbrella Rank: 198455
hal900028.redintelligence.net — Cisco Umbrella Rank: 180551
hal90008.redintelligence.net — Cisco Umbrella Rank: 200189
188 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 2174
ad4m.at — Cisco Umbrella Rank: 1742
assets.ad4m.at — Cisco Umbrella Rank: 32740
594 KB
11 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 39406
medialead.de — Cisco Umbrella Rank: 38865
5 KB
11 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
271 KB
10 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
9 KB
9 google.de
adservice.google.de — Cisco Umbrella Rank: 8832
2 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
522 KB
8 openstreetmap.org
a.tile.openstreetmap.org — Cisco Umbrella Rank: 13366
b.tile.openstreetmap.org — Cisco Umbrella Rank: 13554
c.tile.openstreetmap.org — Cisco Umbrella Rank: 13588
45 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 916
h.clarity.ms — Cisco Umbrella Rank: 1867
c.clarity.ms — Cisco Umbrella Rank: 547
25 KB
7 awin1.com
www.awin1.com — Cisco Umbrella Rank: 13937
a1.awin1.com — Cisco Umbrella Rank: 48672
29 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 205
7 KB
6 webgains.com
track.webgains.com — Cisco Umbrella Rank: 35662
95 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
214 KB
5 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 39676
1 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
ajax.googleapis.com — Cisco Umbrella Rank: 251
92 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 480
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 690
r.turn.com — Cisco Umbrella Rank: 2672
2 KB
4 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 18655
api.webgains.io — Cisco Umbrella Rank: 47350
102 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 524
2 KB
4 ad-server.eu
www.ad-server.eu — Cisco Umbrella Rank: 228115
ad-server.eu — Cisco Umbrella Rank: 64653
10 KB
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
21 KB
3 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1207
cloudflareinsights.com — Cisco Umbrella Rank: 1193
5 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4364
720 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 257
2 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 730
2 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 491
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1032
830 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 870
344 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 323
419 B
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
ads.yahoo.com — Cisco Umbrella Rank: 816
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2666
207 B
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 91678
static-de.ad4mat.net — Cisco Umbrella Rank: 128562
4 KB
2 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 3666
34 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 384
861 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 929
464 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 829
582 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 18240
523 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 707
710 B
1 awin.com
ui2.awin.com — Cisco Umbrella Rank: 52766
103 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 698
438 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
32 KB
1 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 202756
931 B
1
function sub() { [native code] }.
17 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 193
554 B
429 50
Domain Requested by
59 pagead2.googlesyndication.com securepubads.g.doubleclick.net
nets4.com
c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
uuid
c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
www.googletagservices.com
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
47 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
googleads.g.doubleclick.net
nets4.com
uuid
c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
34 cm.g.doubleclick.net 14 redirects googleads.g.doubleclick.net
25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
32 api.purpleads.io cdn.purpleads.io
28 securepubads.g.doubleclick.net cdn.purpleads.io
securepubads.g.doubleclick.net
nets4.com
18 img.nets4.com nets4.com
17 www.google.com nets4.com
www.gstatic.com
www.google.com
tpc.googlesyndication.com
c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
uuid
c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
12 hal9000.redintelligence.net c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
uuid
hal900024.redintelligence.net
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
hal900028.redintelligence.net
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
hal90008.redintelligence.net
11 adservice.google.com securepubads.g.doubleclick.net
5994599.fls.doubleclick.net
8019191.fls.doubleclick.net
11 cdnjs.cloudflare.com nets4.com
cdnjs.cloudflare.com
11 nets4.com nets4.com
10 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
9 pv.medialead.de 9 redirects
9 googleads.g.doubleclick.net c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
nets4.com
uuid
c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
9 adservice.google.de securepubads.g.doubleclick.net
7 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
6 www.awin1.com 1 redirects as.ad4m.at
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
6 assets.ad4m.at as.ad4m.at
6 track.webgains.com nets4.com
uuid
as.ad4m.at
6 www.googletagservices.com c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
uuid
c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
5 pb.media01.eu hal900021.redintelligence.net
hal900024.redintelligence.net
as.ad4m.at
hal900028.redintelligence.net
hal90008.redintelligence.net
5 www.gstatic.com www.google.com
5 h.clarity.ms www.clarity.ms
h.clarity.ms
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 c1.adform.net 4 redirects
4 ad4m.at as.ad4m.at
ad4m.at
4 as.ad4m.at 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
4 hal900021.redintelligence.net 1 redirects c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
hal900021.redintelligence.net
4 fonts.googleapis.com cdn.purpleads.io
hal900024.redintelligence.net
hal900028.redintelligence.net
hal90008.redintelligence.net
3 hal90008.redintelligence.net hal9000.redintelligence.net
hal90008.redintelligence.net
3 hal900028.redintelligence.net hal9000.redintelligence.net
hal900028.redintelligence.net
3 ad-server.eu uuid
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
3 hal900024.redintelligence.net hal9000.redintelligence.net
hal900024.redintelligence.net
3 s0.2mdn.net c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
3 c.tile.openstreetmap.org
3 a.tile.openstreetmap.org
3 s0.nets4.com nets4.com
3 cdn.purpleads.io nets4.com
2 api.webgains.io analytics.webgains.io
2 d5p.de17a.com 2 redirects
2 x.bidswitch.net 2 redirects
2 pm.w55c.net 2 redirects
2 sync.1rx.io 2 redirects
2 sync.tidaltv.com 2 redirects
2 r.turn.com 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
2 ad.turn.com 2 redirects
2 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 analytics.webgains.io track.webgains.com
2 dclk-match.dotomi.com 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
2 medialead.de 2 redirects
2 8019191.fls.doubleclick.net 1 redirects nets4.com
2 5994599.fls.doubleclick.net 1 redirects nets4.com
2 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 googleads4.g.doubleclick.net nets4.com
2 c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 cloudflareinsights.com static.cloudflareinsights.com
2 c.clarity.ms 1 redirects
2 b.tile.openstreetmap.org
2 static.addtoany.com nets4.com
2 www.google-analytics.com nets4.com
www.google-analytics.com
1 sync.mathtag.com 1 redirects
1 cms.quantserve.com 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
1 ads.yahoo.com googleads.g.doubleclick.net
1 sync.targeting.unrulymedia.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 um.simpli.fi 1 redirects
1 a1.awin1.com hal900028.redintelligence.net
1 ui2.awin.com 1 redirects
1 static-de.ad4mat.net as.ad4m.at
1 s.ad.smaato.net 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 www.googletagmanager.com adv.office-partner.de
1 prod-rtb.ad4mat.net nets4.com
1 adv.office-partner.de hal900024.redintelligence.net
1 www.ad-server.eu hal900021.redintelligence.net
1 ajax.googleapis.com hal900021.redintelligence.net
1 23a21fe3ea42696fcc14fdc866388b53.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 uuid securepubads.g.doubleclick.net
1 540b893fe6af5ae4cbc70fa62bb6f302.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 5e4a4d08a576fabd6d7653ea67d1e7cf.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 c.bing.com 1 redirects
1 www.clarity.ms nets4.com
1 static.cloudflareinsights.com nets4.com
429 88

This site contains links to these domains. Also see Links.

Domain
blog.nets4.com
link.nets4.com
jesus.co
leafletjs.com
www.openstreetmap.org
www.addtoany.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-04-29 -
2022-04-28		 a year crt.sh
*.purpleads.io
Amazon		 2021-12-01 -
2022-12-29		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
*.tile.openstreetmap.org
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-11-26 -
2022-12-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
redintelligence.net
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-27 -
2022-05-27		 a year crt.sh
adv.office-partner.de
R3		 2022-03-07 -
2022-06-05		 3 months crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-02-19 -
2022-05-20		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.webgains.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
ui.aps.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-02-07 -
2022-03-30		 2 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh

This page contains 72 frames:

Primary Page: https://nets4.com/domain/jesus.co
Frame ID: 399F3A4FE8B9779D34296E97942D4DB0
Requests: 85 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.22.html
Frame ID: 01E8AED839EAB6C4C4B3331DFE09E8C3
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&size=normal&cb=ve3qzsoefmf9
Frame ID: 02A199CB300C0FA3ADB75BE9BBCEB1AA
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 5A6B9BEF5522163A48605C73AD3EDB4E
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: CACD07826972D2E5D5DFD55CCC82AF33
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 468F713350F0FC5D109C28CAB57B101B
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: D6879AD48710DD2A08AED796ACFA93DC
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Frame ID: 1229CA5B25D14440914D217527BF136D
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 5FB77BCEE4F8A734FAE14F3285E4F7B4
Requests: 7 HTTP requests in this frame

Frame: https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: D633A4EE2A19AC1C15C6EFB6C7DA52D7
Requests: 1 HTTP requests in this frame

Frame: https://5e4a4d08a576fabd6d7653ea67d1e7cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 5EFA90A609A22045E526B01DB1EF561C
Requests: 1 HTTP requests in this frame

Frame: https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 7C5849D93B8FF013E3E36B55E2213A77
Requests: 1 HTTP requests in this frame

Frame: https://540b893fe6af5ae4cbc70fa62bb6f302.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: D7F57AD4763CDD34FEE39C6D13FC4301
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B0FB91F3739365A9836AF996AB8566E7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0631AB519AB0D07DDC3F8F99E06F6C20
Requests: 2 HTTP requests in this frame

Frame: https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: E3CFDC857F55F8005809978DEE0068D7
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 61D8D86111C2DA32915D7A3975EAD5F2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 50E7540F2D87478FED2E3ADCCD7775F8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 95A11147FA3C37BC06C8941BDA095F06
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C11D63F1C7DC495B236E14CCC73AD3E6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EF51B3D182355E31D4D7648F090D4FA5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1805182141073BA25C0E66631169A339
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5A14FD28F4227671471C2D88D9C41ADC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2A2FE54CD536359EC9DE33E2D36841F8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNVA6D19NIfd0UzusPG2c7gRgQSKBdI4YhthJ-hLc0st4RZF2i1ySJXxOc2FxtjI5LXu_ehlWlSuPFuLpxu86YVCyAsFzLp0mSM86f6DIHc8c2526iQ3Mpjo9AyL4YKk88I9yLsEfv7V9oCb88XP59mnh7_I0_CqHBTW1MCtfGKNUvONyf0
Frame ID: 63D5E9C9ADA7066049B36A3B0049FC82
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 63EB2453190A60BAC753312F0578772E
Requests: 7 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato&display=swap
Frame ID: 80F0B3D54738CDEBF067CBD79B46CAA7
Requests: 10 HTTP requests in this frame

Frame: https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 6060BBCB264B09608BF8B1F783C60A26
Requests: 14 HTTP requests in this frame

Frame: urn://uuid:52425aa3-28ea-213a-5876-213a28ea5242
Frame ID: 1389B9605E1B4C9EE19CC1C6951442C3
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: B2EDCB80C9D2A6F973C014B1480B2926
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8DFC1A1768BA9471245E914881FCADFD
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWGfZwIHbw5Q-TGVDPXax0V_jvYpeJlzld1NYHeYJRCPxYvKAKLy7RL4nq1i4S7bwhAXA1NMYX1Rc1jzPtfuRmFobDOcjaJZH8sLH061Wej2Dp5rREfBmzYHCeKv3u8_cs2xOcW1cw1rT4liH4Hm5Bb-8MnDluE7EFZ0qDU5r1yJyJk-2s
Frame ID: 5859B2E4BB02BE9A7CA8BD8D0633F4BD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN7YvY8DEImkzJ0DGLGd28QBMAE&v=APEucNV18lTAzB4AK_LqiA2efx5V1akSxjR7egBGmZ4SEobKP5ff9fd4QP-Za2K1dfwvgyKM0OMq3ujJC-OBMvY7Oi7a-a5pOL63KvW0M7JGuh9wQGDVUNAf_EY_I7JSpvphf8Hw9e7VY3oxycr-kL3Xlro52fD5qGe920nMqSn4MW0EZZqIg70
Frame ID: D4618C8AC60DDCB5440125951A3F0EA5
Requests: 5 HTTP requests in this frame

Frame: https://23a21fe3ea42696fcc14fdc866388b53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: DB7D8FC99B1DBD6D5C90F75424C93989
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 54FAAAE48EFB6499B9B348459385962F
Requests: 3 HTTP requests in this frame

Frame: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 9F39BB8490D9A8ECFEF1CCD47B6D26B2
Requests: 1 HTTP requests in this frame

Frame: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 35CA7380F35CFF934BC183630B617DA9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C6468FB855A3F352BD23C0A4820F9FD6
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 599D0234291CA59D922528A502D02A0B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2DFDBD89105F8F0E866A02BB95C38B23
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=28434000045773100757585011897021&actionid=981741&produktid=&dt_url=
Frame ID: D3BAF2035A55004456D73F2929EF483D
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CL6Io4_xwvYCFdAaGwodeIUCzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7253340165675.943
Frame ID: 3188D04D871D58966B125D4DBB8BB5AE
Requests: 2 HTTP requests in this frame

Frame: https://hal900021.redintelligence.net/request_content.php?s=28434000045773100757585011897021&a=3497a78c
Frame ID: 035CE806EE7BD2BC1285894F3A1E7D67
Requests: 5 HTTP requests in this frame

Frame: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 3F7E3C38A83D36C894F0A3257DDC5F01
Requests: 9 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=49610700065596000710612011897024&actionid=981741&produktid=&dt_url=
Frame ID: 77D05BCF9B2DB84170EAFB0561F6F4B5
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: F146A7D709A43DCA0C85BEE00FFD69CA
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CIDBp4_xwvYCFdeEhQodBuMNEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3006064670839.799
Frame ID: BA66F791C9EC50139D83F83C96F4DF8D
Requests: 2 HTTP requests in this frame

Frame: https://hal900024.redintelligence.net/request_content.php?s=49610700065596000710612011897024&a=442b5c9b
Frame ID: C1A53585520E5DC3561D91F281597059
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 731ABB3AAECF058D76E1D7C5CA6678A1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FCE3A270927D977276A3DA694FA2A6EF
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h3evfgqda3erpwq2kg8pcv11npetdqpr79cfkev0ckeg9gx3sc9e84p6g4cgrb45nw4v2wmrkbzr9wwgsn0d04vvb6xfbcz9wp16yxssbbd2xf2na7hczbmk834vqyeyg1c9dxzeph0twv9tgw1wm8rvs8bvpe2r5ejb2egpv1j2vvm5bam7k1qy45d4qdye4ahs7tey8mpp8wsaty92jaxcab2ts9gsqbkgk3smra3gmcdbnk7dfxr3dz3z190gmpbc3x18ghgkhzzgs4zd81nccrya09b7x71mnzg1m7ty6rqe0jtd07xscqxbzxrxr814crpdv3dgrqs4ebkjn12ex3z10fbvewhqa2j3e61n5r24ap4aff6e9f67tn4mwvzvfepxncme3z8pw5famrberrjr73k8ctmfmf7nqe5xhcffpfw8qec39yzk1jjbn0g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%26client%3Dca-pub-5413329544040947%26adurl%3D
Frame ID: AF83E55D278732094AA80883904D8442
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 02B321453C23FDC9E626815BF67BC291
Requests: 9 HTTP requests in this frame

Frame: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 58F3935006051ABBC4E96281D86AC6B3
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVNNHPW9elobr4_tAm76V7jOGi8PYQbnfQQnt8Ckm0BOvREIIxbYh96DkNV7fwjqBXLP2U4eiR-JtzblphFW1J8g3IsTPA4tJDfqS5D2POATwjWAavwWL60TU3QvsiO12F_CDl5Kpa1hfj8Bf-CWojO6AwxW-kEISSsvlJPscncgNeliJg
Frame ID: D6433F51AD48877F125A23F9155FA82E
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: A1836FF2D03FBAC00F59CE4B9B4DFF38
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 6E4400C990E29E92CD0BE55CC9E0E971
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D274491B46D3B362DA66F3684CB07081
Requests: 3 HTTP requests in this frame

Frame: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 1D60A9DF15F4195C6B6D4FF9953D09DF
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Frame ID: 865ACEF791B011BE14A331798C699DE0
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0ECAC2E5EA4C1C2ADACBA6E909B312ED
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9A690DBE25EF6A69E38B4AF9EF1071D4
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=97124400064943500710612011897028&actionid=981741&produktid=&dt_url=
Frame ID: 8D180EF8E107F3C4B0EB0B5413FC1F70
Requests: 1 HTTP requests in this frame

Frame: https://hal900028.redintelligence.net/request_content.php?s=97124400064943500710612011897028&a=ea19281c
Frame ID: F59D727AC8ECC253FA2494AA3E8A7281
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2C502C3795409DDE8714BACB74A3A10E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 81CBA6F2724AE9CD6CF3FD31093A5293
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E6CF3086AFBE3E407EA0B3ABF88720EE
Requests: 9 HTTP requests in this frame

Frame: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: F91110D833302F340AFA92A0377BE7EA
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1-OpXTAB&v=APEucNXRxOS81FmBtegPjxJk2mub9I7cbdWXw4Un86Nbc7dbY2EA7Yfced3FIO-Vck_eGx4joHYpI1UKRGBXPWRM3lTEuH9bU2ztI-OJpfOxttldH6UEGRVf0mEV4jh11uCfsKLkxef6mWfj15mMlzoK6GMQvGrIDyqOgi1QLkevST0BSJxbVKY
Frame ID: 7074C70B33D19C2CB49BDB8F84A1BF65
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B5926B6D38375AD9794BD5733511047C
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=71852900055976100757591011897008&actionid=981741&produktid=&dt_url=
Frame ID: 61E69D51A34F3E68B8809EF9F5103254
Requests: 1 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=71852900055976100757591011897008&a=309c087b
Frame ID: 61F13BA1F4F264F40D3104CCBE978987
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1DB53F0615C7128C27038605688661BD
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Jesus domain statistics - Jesus.co

Detected technologies

Overall confidence: 100%
Detected patterns
  • leaflet.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

429
Requests

90 %
HTTPS

46 %
IPv6

50
Domains

88
Subdomains

57
IPs

10
Countries

4752 kB
Transfer

10594 kB
Size

51
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=2EC232119FAD420CA963FFF57871D896&RedC=c.clarity.ms&MXFR=36FD174B6F6A620C24C2062D6B6A6CBA HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=2EC232119FAD420CA963FFF57871D896&MUID=003CA7597F3E6ED90046B63F7E556F47
Request Chain 166
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
Request Chain 167
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yi3IDk7X9JUGhnCcR6qUaAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
Request Chain 168
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEENPInjLi8l5Frr3ASPO5Nw&google_cver=1
Request Chain 169
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxMDg0MTYxMDgyOTg5MjczNA%3D%3D
Request Chain 210
  • https://hal900021.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=ce5b4e7790&subid=&uid=be8d50cce1e4fb9d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB1faDcgtYve2NMGPrASP0In4BN2t6KhgqNy3x7kK8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9DidfI3GWyJxBWGrxOzGNOib5cOH1PXchBV1nb8VWpT5DwsztfLHWKzJn23hzA9L4RVYtJ2MHrznZ5LOFH7geyMVafgcCbpmroLNiYFCDcFi_lqPTXAmj8Y-VaChIWMu_BMyAobdDoLg3ZfoVNaW13K8P_iDbzb--bdOqr4Gks-3eM7IR0_E804eIXhgNmokWhoF7W_5Ckdf4Vdkyf6olP1obY4Nv9arehbebNrVv5No6oLbTeSgfrF1RYkE4erFURDvlNZFAPe9Mk-7lcd9j3VgxLG-7BaDdeZn60VycAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORonBr4gFBev2cp5qFsveoOMRCWp5LSJhi2PPlUhP_2zxA7ElKdSps%26sig%3DAOD64_0q8aB6LlcJa9IQoISwV9LOdwqqdw%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-AFfEQ7Bp-qymjlTJXBTL4ysvSmM0mm2mTWktyuKemMEm7HEt0Bdiima91ss84g5qXJgS5WEM9U1qPpS4KNYZPYrb5azDCgOCvcZI5E-yGW5koSh1gjG4Qjn8oW5DTndX03aqU1Xf_9zYqkZugo64a9gL_QVQ%26cry%3D1%26dbm_d%3DAKAmf-AfrZ-2Gzzg4WW8xoOvUzApGL-zPkPvPHqDYqtmG0ZdlilSqJmuJivnv-x7GDUNAO8C-vit6nFEd498Gn9jPb5Ylz2az06zz9ZcV6-3D16_1G4HY8Q47DcT3HTJbTIPjiediPVkNtxKIWmfLIUgTOryH5yk-kwzYXo-TkBzPGn5VaAnCFBXcxDUugs4KJ4yVMIEo59NLIDkVHyiCwY9LDFt4tJnNCcaNGGD7XxPwYYxsGGSkVTQDlddbaCI_nA6CKYMXjgDO3DTACb3VsjLfZ7amaSryO5HT8s88WLqqEE5c4U6K0OECCS1RNTM1ipDTkPXKz2GbdMiFK80-W-E_RMzbG7a3mgDlYYMtJHsolCYjsgBetYG8sUpIaTXVSMkJvICCiiUNhLShXXhrZRW81QRTg5RNSrMJ_IrBI_EDUrtPZ8hkD-Qf_WC82w54XY-34KH3Dxkh1yaTIH4Rmllzu9fW0qrYQ%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=9505920041827&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900021.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=ce5b4e7790&subid=&uid=be8d50cce1e4fb9d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB1faDcgtYve2NMGPrASP0In4BN2t6KhgqNy3x7kK8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9DidfI3GWyJxBWGrxOzGNOib5cOH1PXchBV1nb8VWpT5DwsztfLHWKzJn23hzA9L4RVYtJ2MHrznZ5LOFH7geyMVafgcCbpmroLNiYFCDcFi_lqPTXAmj8Y-VaChIWMu_BMyAobdDoLg3ZfoVNaW13K8P_iDbzb--bdOqr4Gks-3eM7IR0_E804eIXhgNmokWhoF7W_5Ckdf4Vdkyf6olP1obY4Nv9arehbebNrVv5No6oLbTeSgfrF1RYkE4erFURDvlNZFAPe9Mk-7lcd9j3VgxLG-7BaDdeZn60VycAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORonBr4gFBev2cp5qFsveoOMRCWp5LSJhi2PPlUhP_2zxA7ElKdSps%26sig%3DAOD64_0q8aB6LlcJa9IQoISwV9LOdwqqdw%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-AFfEQ7Bp-qymjlTJXBTL4ysvSmM0mm2mTWktyuKemMEm7HEt0Bdiima91ss84g5qXJgS5WEM9U1qPpS4KNYZPYrb5azDCgOCvcZI5E-yGW5koSh1gjG4Qjn8oW5DTndX03aqU1Xf_9zYqkZugo64a9gL_QVQ%26cry%3D1%26dbm_d%3DAKAmf-AfrZ-2Gzzg4WW8xoOvUzApGL-zPkPvPHqDYqtmG0ZdlilSqJmuJivnv-x7GDUNAO8C-vit6nFEd498Gn9jPb5Ylz2az06zz9ZcV6-3D16_1G4HY8Q47DcT3HTJbTIPjiediPVkNtxKIWmfLIUgTOryH5yk-kwzYXo-TkBzPGn5VaAnCFBXcxDUugs4KJ4yVMIEo59NLIDkVHyiCwY9LDFt4tJnNCcaNGGD7XxPwYYxsGGSkVTQDlddbaCI_nA6CKYMXjgDO3DTACb3VsjLfZ7amaSryO5HT8s88WLqqEE5c4U6K0OECCS1RNTM1ipDTkPXKz2GbdMiFK80-W-E_RMzbG7a3mgDlYYMtJHsolCYjsgBetYG8sUpIaTXVSMkJvICCiiUNhLShXXhrZRW81QRTg5RNSrMJ_IrBI_EDUrtPZ8hkD-Qf_WC82w54XY-34KH3Dxkh1yaTIH4Rmllzu9fW0qrYQ%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=9505920041827&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 212
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
Request Chain 213
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yi3IDk7X9JUGhnCcR6qUaAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
Request Chain 214
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEENPInjLi8l5Frr3ASPO5Nw&google_cver=1
Request Chain 215
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxMDg0MTYxMDgyOTg5MjczNA%3D%3D
Request Chain 216
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
Request Chain 217
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yi3IDk7X9JUGhnCcR6qUaAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
Request Chain 218
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEENPInjLi8l5Frr3ASPO5Nw&google_cver=1
Request Chain 219
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxMDg0MTYxMDgyOTg5MjczNA%3D%3D
Request Chain 243
  • https://pv.medialead.de/trck/epv/e99aace94e6e58739f38600d8697fb68?subid=28434000045773100757585011897021&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=28434000045773100757585011897021&actionid=981741&produktid=&dt_url=
Request Chain 244
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7253340165675.943 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CL6Io4_xwvYCFdAaGwodeIUCzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7253340165675.943
Request Chain 253
  • https://pv.medialead.de/trck/eview/e99aace94e6e58739f38600d8697fb68?subid=28434000045773100757585011897021 HTTP 302
  • https://www.ad-server.eu/wm/pb/girostart/standard/pb_girostart_728x90.gif
Request Chain 257
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=49610700065596000710612011897024&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=49610700065596000710612011897024&actionid=981741&produktid=&dt_url=
Request Chain 261
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3006064670839.799 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CIDBp4_xwvYCFdeEhQodBuMNEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3006064670839.799
Request Chain 263
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=49610700065596000710612011897024 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=49610700065596000710612011897024 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 300
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBsOVFFJwgwK6eSL4Pc7p1A&google_cver=1&google_push=AYg5qPKSi5GBzdNljXDHdL9TkMQJKFfKpXqeR2Tv4nM9tKGxZWQBp6evl17Uk41e7c9qEuDO04d7X8rQp5siDrNzSvf88vfxwCK4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKSi5GBzdNljXDHdL9TkMQJKFfKpXqeR2Tv4nM9tKGxZWQBp6evl17Uk41e7c9qEuDO04d7X8rQp5siDrNzSvf88vfxwCK4&google_hm=ODkxOTM3OTg5ODM0Mjc4NjcyNQ%3D%3D
Request Chain 302
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJmi2jU6klHhn74MCggbP7U&google_cver=1&google_push=AYg5qPJYU7Hq8fDL401WuXsE-8MzxbaeqczsWAP5VYUfsFsIyHysVcA6gIXoRyXC9bb1gCaERewDlsY9ML0WhGREhyvq3GOgfzbM HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJmi2jU6klHhn74MCggbP7U&google_cver=1&google_push=AYg5qPJYU7Hq8fDL401WuXsE-8MzxbaeqczsWAP5VYUfsFsIyHysVcA6gIXoRyXC9bb1gCaERewDlsY9ML0WhGREhyvq3GOgfzbM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0NjI3NTU3OTk0MjE2OTI3Ng&google_push=AYg5qPJYU7Hq8fDL401WuXsE-8MzxbaeqczsWAP5VYUfsFsIyHysVcA6gIXoRyXC9bb1gCaERewDlsY9ML0WhGREhyvq3GOgfzbM
Request Chain 303
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECaVOaymelfgeYrYconjxb0&google_cver=1&google_push=AYg5qPLQFev4h3kO2j01wGyshaNXpEi6FVdWRLB621WPAReuR_Qnd2xkJJDi_nYrKHf0wlwa2FMAcBJ7Nkevc4wDlxeXh7aqjiU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLQFev4h3kO2j01wGyshaNXpEi6FVdWRLB621WPAReuR_Qnd2xkJJDi_nYrKHf0wlwa2FMAcBJ7Nkevc4wDlxeXh7aqjiU
Request Chain 304
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEJY1tLtEy-9ksqRc5cMn87A&google_cver=1&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
Request Chain 320
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHee0S3eXCOUVExUnUTiT0w&google_cver=1
Request Chain 322
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESENxXkIwzqlFKOT9ZyG0HuYw&google_cver=1
Request Chain 347
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuid6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3asuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuid6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3asuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=981741&produktid=&dt_url=
Request Chain 353
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=97124400064943500710612011897028&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=97124400064943500710612011897028&actionid=981741&produktid=&dt_url=
Request Chain 355
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=97124400064943500710612011897028 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=97124400064943500710612011897028 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 366
  • https://www.awin1.com/cshow.php?s=2588355&v=18692&q=383790&r=296283&pref1=97124400064943500710612011897028&pv=0 HTTP 302
  • https://ui2.awin.com/ads/awin/18692/imgawinbanner_120x60_122019-1578486349125.jpg HTTP 301
  • https://a1.awin1.com/ads/awin/18692/imgawinbanner_120x60_122019-1578486349125.jpg
Request Chain 368
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKLrp42vaJA19U_ur1itTeI&google_cver=1&google_push=AYg5qPI0Q70rhQH60aASjrNAUtcwXI7eRh2RbC5sAIi1lE8RIjlZzqxx1RCCssg8MhzFjGlhB4Z86yV-cLDnZa6jwFmsgwcfF39E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMwOTU5NTQ1MjUzNDY4NTQxNw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKLrp42vaJA19U_ur1itTeI&google_cver=1
Request Chain 370
  • https://um.simpli.fi/gp_match?google_gid=CAESEC4UCH2S3L3HTvue98ltUjQ&google_cver=1&google_push=AYg5qPJPwq_pg80jvgu_Rkf2liGiQPkX8M6fMfKDUeio-j-VY61JRQLr2Z2rTWKbtO-TSCI4RRgt4YkRdvV3da7sGqzr-pcDXIzl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5C964958223F48A89FFC7F9C8931A585&google_push=AYg5qPJPwq_pg80jvgu_Rkf2liGiQPkX8M6fMfKDUeio-j-VY61JRQLr2Z2rTWKbtO-TSCI4RRgt4YkRdvV3da7sGqzr-pcDXIzl
Request Chain 371
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESECQxMWCyA5RaR4Bs2FVgoKI&google_cver=1&google_push=AYg5qPLI3xkEzT1-e1ZrjSvb7vLe7ZzG4_RkiOT9XVRZanQQ5ccohWzzT4F58fwq8bAQOUS_zx7uUGPPBn6_F7jBc-IBfVZv_a39 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESECQxMWCyA5RaR4Bs2FVgoKI&google_cver=1&google_push=AYg5qPLI3xkEzT1-e1ZrjSvb7vLe7ZzG4_RkiOT9XVRZanQQ5ccohWzzT4F58fwq8bAQOUS_zx7uUGPPBn6_F7jBc-IBfVZv_a39&s_h=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=FOYGkJR8TMmtK8elTk_IuA&gdpr=1&gdpr_consent=
Request Chain 372
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESELMirBMp3YVTJUaF1jkTGKs&google_cver=1&google_push=AYg5qPJotD_WqLDz-_F0HeCPXQsRTcV9sHtfLgMW_3ZT4KQuvNJhutOWUYq0mRAfgJHFbqkEkFAqoP2oO3VDXUXqK3nzb_2TNOkp HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=2ShuyzY3TBa_U9EZ7-W6Fw2&google_push=AYg5qPJotD_WqLDz-_F0HeCPXQsRTcV9sHtfLgMW_3ZT4KQuvNJhutOWUYq0mRAfgJHFbqkEkFAqoP2oO3VDXUXqK3nzb_2TNOkp
Request Chain 373
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJmi2jU6klHhn74MCggbP7U&google_cver=1&google_push=AYg5qPJjlwVuCnk0aKujopImRH66lyos0IailP8mDaR7ONXoaik92VMhqU3BksHET1iqnp9-Z6UsLPLOAjBwUCF-bUnAiKAnsHo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0NjI3NTU3OTk0MjE2OTI3Ng&google_push=AYg5qPJjlwVuCnk0aKujopImRH66lyos0IailP8mDaR7ONXoaik92VMhqU3BksHET1iqnp9-Z6UsLPLOAjBwUCF-bUnAiKAnsHo
Request Chain 374
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEOlP3bH_HzsDrvS6tJXri0k&google_cver=1&google_push=AYg5qPK5dXiYfFKy_FSSjCbkj3I62Q_5JkRJ3yCu7sLc57J4TeY4xHgto8bbWFKMAK5LYmaHtM4o9klGpLl_vf43GQjYCAvhqfXZ HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPK5dXiYfFKy_FSSjCbkj3I62Q_5JkRJ3yCu7sLc57J4TeY4xHgto8bbWFKMAK5LYmaHtM4o9klGpLl_vf43GQjYCAvhqfXZ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1647167504003 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4ba235ce-d577-4322-bac4-4afb85905177-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPK5dXiYfFKy_FSSjCbkj3I62Q_5JkRJ3yCu7sLc57J4TeY4xHgto8bbWFKMAK5LYmaHtM4o9klGpLl_vf43GQjYCAvhqfXZ%26google_hm%3DA0uiNc7Vd0MiusRK-4WQUXc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPK5dXiYfFKy_FSSjCbkj3I62Q_5JkRJ3yCu7sLc57J4TeY4xHgto8bbWFKMAK5LYmaHtM4o9klGpLl_vf43GQjYCAvhqfXZ&google_hm=A0uiNc7Vd0MiusRK-4WQUXc
Request Chain 398
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEENTucHRFYD2JZPs-uximaM&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEENTucHRFYD2JZPs-uximaM&google_cver=1&__user_check__=1&sync_id=c76841fd-a2b8-11ec-8af8-102ad03c0206
Request Chain 399
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=c7683c4a-a2b8-11ec-b99f-192cb16e0206 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Yzc2ODNiZjQtYTJiOC0xMWVjLWI5OWYtMTkyY2IxNmUwMjA2
Request Chain 408
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=71852900055976100757591011897008&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=71852900055976100757591011897008&actionid=981741&produktid=&dt_url=
Request Chain 410
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=71852900055976100757591011897008 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 421
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKLrp42vaJA19U_ur1itTeI&google_cver=1&google_push=AYg5qPI3CO7W1jvXQ526WJd6VxphkA0s3L_SRqRKk5MepK50tSHjye8-QSLqInDLmvl7PXBWBOWazLcMpT8GohWHXnkZK63qX_iT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMwOTU5NTQ1MjUzNDY4NTQxNw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKLrp42vaJA19U_ur1itTeI&google_cver=1
Request Chain 423
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOlGcv6HITpd5cgjsMz61jI&google_cver=1&google_push=AYg5qPKZ6f263nJvZELu5I-zEX8NDLawDHo55yGowiGmYaOdg0zqBjSORDz_xZtxMfJrN7xI5dq27pAY1wkhkHLvxof1MU9NeRs HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOlGcv6HITpd5cgjsMz61jI&google_cver=1&google_push=AYg5qPKZ6f263nJvZELu5I-zEX8NDLawDHo55yGowiGmYaOdg0zqBjSORDz_xZtxMfJrN7xI5dq27pAY1wkhkHLvxof1MU9NeRs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aXBmOTRLNmkxTnRsdk81&google_gid=CAESEOlGcv6HITpd5cgjsMz61jI&google_cver=1&google_push=AYg5qPKZ6f263nJvZELu5I-zEX8NDLawDHo55yGowiGmYaOdg0zqBjSORDz_xZtxMfJrN7xI5dq27pAY1wkhkHLvxof1MU9NeRs
Request Chain 424
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENeDDmUtR39uXSEABuvfdIA&google_cver=1&google_push=AYg5qPLrsqhKHMuY0pfxTnuvviobpXKp0CnfPLzcopmCMdOBa4aRI49UPx_iXbV0ZvBKESAdIZzI1AVwLUh-hsuBh8caMpV3-Sw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLrsqhKHMuY0pfxTnuvviobpXKp0CnfPLzcopmCMdOBa4aRI49UPx_iXbV0ZvBKESAdIZzI1AVwLUh-hsuBh8caMpV3-Sw
Request Chain 425
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMXyRJPkbYKyiOjxnqlaTkM&google_cver=1&google_push=AYg5qPIPDqh4pN9cgWZbqeJt3IEgI8UdSl9yzyiDpH7pzzXQH2zk8yC7GhOYPUosMYM26p33jn0gRHZS6ZRD9Swsmn20QVdsJvFN HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMXyRJPkbYKyiOjxnqlaTkM&google_cver=1&google_push=AYg5qPIPDqh4pN9cgWZbqeJt3IEgI8UdSl9yzyiDpH7pzzXQH2zk8yC7GhOYPUosMYM26p33jn0gRHZS6ZRD9Swsmn20QVdsJvFN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIPDqh4pN9cgWZbqeJt3IEgI8UdSl9yzyiDpH7pzzXQH2zk8yC7GhOYPUosMYM26p33jn0gRHZS6ZRD9Swsmn20QVdsJvFN&google_hm=uXus4HtaS9qTkiF2Qobomw==
Request Chain 426
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHXg9SRCT5o-T--5_23zPp8&google_cver=1&google_push=AYg5qPIR1TSbcIMI1lwxg8UeKs2XJfVo7NHJJ5L5Z3jg9KrFZGlbPIx1YbYY2rL0KH-NINoWcAkizt-3uNN9m0580voTC286KVI9 HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHXg9SRCT5o-T--5_23zPp8&google_cver=1&google_push=AYg5qPIR1TSbcIMI1lwxg8UeKs2XJfVo7NHJJ5L5Z3jg9KrFZGlbPIx1YbYY2rL0KH-NINoWcAkizt-3uNN9m0580voTC286KVI9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIR1TSbcIMI1lwxg8UeKs2XJfVo7NHJJ5L5Z3jg9KrFZGlbPIx1YbYY2rL0KH-NINoWcAkizt-3uNN9m0580voTC286KVI9
Request Chain 427
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJmi2jU6klHhn74MCggbP7U&google_cver=1&google_push=AYg5qPI4WbT2_X5_ffqQe80OPMuSNABAukBj3Ef82upmVv58fgdf5VAR0gGbe1ZQSn4-1fJsHYd5ZykjMk8gANk-gJjdFi49xbwx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0NjI3NTU3OTk0MjE2OTI3Ng&google_push=AYg5qPI4WbT2_X5_ffqQe80OPMuSNABAukBj3Ef82upmVv58fgdf5VAR0gGbe1ZQSn4-1fJsHYd5ZykjMk8gANk-gJjdFi49xbwx

429 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request jesus.co
nets4.com/domain/ 		48 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
690a225808e1830ad763cf573a3a0fef011a000267d34b5776f922e79531a7e9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-type
text/html; charset=UTF-8
cf-ray
6eb419e37d629096-FRA
cache-control
public, max-age=86400, proxy-revalidate
last-modified
Sun, 13 Mar 2022 10:31:39 GMT
vary
Accept-Encoding
cf-cache-status
MISS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2o63CWLlwlEoBo6Uwrk%2BD0jyuLHaf48A1u7b0aM8k8d%2FRbqz4JHz8hKsSukECHpF%2Fwv%2BM8iOwzIzsMBRMe62fkiFOamaByyDe06b5GzHnVqMbWeNrPr6VcEzow%2BuqzQmLw442Hf5GtA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
awkqrI1qzYcE0gTfW6uXyLl_1bA.js
nets4.com/cdn-cgi/apps/head/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/apps/head/awkqrI1qzYcE0gTfW6uXyLl_1bA.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f70751d4b3f5d5c9f208ea16e8cbcac3c6abf1bda80357da3fcd21dde4333449

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/jesus.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2238271
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
TBE6C4PT6ZEY65EB
x-amz-id-2
hqmFJhu4VH8dCEln6C+wWXkNh2EoKkrRwJZHX09Pjf7ISr+2/I4OwLauznRIaOAhxAwkQDPUhmg=
last-modified
Fri, 10 Dec 2021 11:06:12 GMT
server
cloudflare
etag
W/"e951628ea64bbeadb19c6d855ca98c7a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAwlunjwD4vf2RVwQ%2FFCoE82x2vtShhm9IgVGOoFFQDKkj07uZKbvQkV5j3Pzl7Bbx7DaVF2LcDXuZGJ3jQCtDeb5EmovyhuQZk3sN3%2BG4rusfb7iibq2YND11%2BbAkTZRJKyKcsj3wo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
7KspX51u1Msx7FcOmJWweyW7FbGqzJNg
cf-ray
6eb419e88c099096-FRA
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/css/ 		157 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/css/bootstrap.min.css
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1124801
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17620
timing-allow-origin
*
last-modified
Tue, 20 Jul 2021 01:00:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60f6203f-44d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dFFcmalqcCl%2FYaVgA8oJGmbVSyoAYIAi38pmbUib3KVOTMPWM77wB6G0C39aFoBQt8NEgm6pcK%2BkR4Lrz%2FZiBC7uUyz2GfpRciDSmtHWym5RipKD7moUcjZrqfSwoNHgiJQFEHkRwHQRGIwWMpqhovv"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6eb419e8ba766907-FRA
expires
Fri, 03 Mar 2023 10:31:39 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1341073
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10462
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-28de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZMClQuL78cP0PphC9l4TeNcVEt6ngys98BUl8steBBIA%2BMCGBdyDsk4xIbWskLKurkwZvWT8ilKBYqtEOUqHbwXt6%2B0ETu0nsWBlwgS9kQwBhBkcfGXXXLkcttwe%2FiLtbo9gcj6oMJSrkG6fCHRoQTI"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6eb419e8ba786907-FRA
expires
Fri, 03 Mar 2023 10:31:39 GMT
style.css
nets4.com/assets/css/ 		345 B
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nets4.com/assets/css/style.css
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0f382f3320ade05dd14f969ff7dd9d894c6a6571165ab6d7fcdade2f4836dfc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/jesus.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3050
cf-polished
origSize=451
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 01 Nov 2021 12:55:19 GMT
server
cloudflare
etag
W/"617fe3b7-1c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKcUJ9pLtrOnA25KaA11ZPBciEOGfJDv8cSrB4%2BdTccsZn795rQFEsoqzPAkdigdoQ82cQKfS6BURLcHDE64hH86b4s9V2yJC0ax4cvM5JY1bbR7YEX3r%2BImgLA1PpupNbHdx%2F%2Bl5Wg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
6eb419e99980910d-FRA
cf-bgj
minify
invisible.js
nets4.com/cdn-cgi/challenge-platform/h/g/scripts/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1647165600
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83cacad35cab9d5df069442d67efabf7c2a71dc4d78d2f6b8044bf332b50fff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/jesus.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XaU9%2FVbGhQoaWl6Q6GFUgp67Q0mtOvOKG76PPUaeWDVXp1DuHRMMhlj%2F9leeu1L8svtD0MGjupmjpn%2Bq8uHp3aIjU9wKW5BFAAZtzVP511spF39JY8SldRi9zBUQEbu7amXtg%2FNZ0OM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6eb419e99983910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Th69y9F.png
img.nets4.com/img/i.imgur.com/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/img/i.imgur.com/Th69y9F.png?w=120&h=20&f=auto
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
704f6f54ae77cd5ea0a0bf47ebb70727a9bd76a311d7e54788ad3dc79b366739
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1102334
cf-ray
6eb419e9fd8c9096-FRA
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3395
x-served-by
cache-sea4480-SEA
server
cloudflare
etag
W/"6df89d86deba278d112332afb4bb100b1a6165842a7fdb7f78a5a70c7c7218aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQYG50SWgVviwm17NlJvH%2FX6DD77Oq%2FkYilx4X6yxOxl6CsCvK8HfzrVLYCZgdchwDUEj%2FSLq7q%2BqdkGu4%2B4%2FEec9zPtb0wJOlk8xy7hiYk89jDmSzRSILCspkPV5fQM%2BxcINM8kDI7qyNmv"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://img.nets4.com/image/Th69y9F.png>; rel="canonical"
access-control-expose-headers
*
58T3Wrl.png
img.nets4.com/img/i.imgur.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/img/i.imgur.com/58T3Wrl.png?w=20h=20&f=auto
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2255ec4c3254a41b448889224b2cc5c32f8d6f8a6165d3c58aa6523f86c0957c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4073001
cf-ray
6eb419e9fd8f9096-FRA
x-cache
MISS, MISS
x-cache-hits
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1117
x-served-by
cache-sea4474-SEA, cache-fra19151-FRA
server
cloudflare
x-timer
S1643094498.253186,VS0,VE702
etag
W/"86d32e1b83f7c87590ac6aad5f278dca67bb9675a7a7869ed47749c6cf91763d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VH9GNaz02jXxP9FB7OmQ7WGdl6y8RHoO%2F4II6OgrAg%2BJ6vpDjLsvr7zEK5k8CFDFo8gmO87gLU68HZCrA3dapzN9mHrrwAZwHM%2FUVql0HVYHj9CNFai3lRXc8hhTie1CQ7uyKGpgn9lpO1jG"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://img.nets4.com/image/58T3Wrl.png>; rel="canonical"
access-control-expose-headers
*
leaflet.min.css
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.min.css
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
722c5b95144aaf980dafacd36b1df0a3a0cff78962e8eee8f56e40c423f00b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://nets4.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1111339
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2153
timing-allow-origin
*
last-modified
Thu, 03 Sep 2020 12:27:33 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f50e135-298f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FI5G8x6kEgXiaeNimfeCs6KW%2BoG8EI9KbHlO8kQBLoxTSEGGDvpqggRsBtV9cQ7scydBgcfoszQpAiHJWXwhC8CAgrLoEC1OxlcNSxokNVu5W%2B%2FUiY1Acn4P%2BaOZTfDvxpjzSvm0%2BjDwYbchsFF%2BaDRZ"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6eb419e9e8a19136-FRA
expires
Fri, 03 Mar 2023 10:31:39 GMT
Zc4iwuj.png
img.nets4.com/img/i.imgur.com/ 		814 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/img/i.imgur.com/Zc4iwuj.png?w=15h=15&f=auto
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd1892cb87a74dac682a6207344909a96f23d342670b32063a4f4bae614805dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4073001
cf-ray
6eb419e9fd8d9096-FRA
x-cache
MISS, MISS
x-cache-hits
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
814
x-served-by
cache-sea4422-SEA, cache-fra19136-FRA
server
cloudflare
x-timer
S1643094498.271303,VS0,VE214
etag
W/"ef5e715e8edc5303224592e859bd4f82e513e48ef6932a25dfb6f389dbaed4a9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYDjQuDk%2BZN4NBzQbTl6E%2Fhnx%2BPbd%2FImxDEIGvDCDpD0Zzhy342oM6hYStQXdAfKP59cOgojGyPegD%2B1lTdeBXj5Urz2XkIGU4vTMPC23QoqxZsqGoueVc8YBq6Enx9OisGdCFurg8DYe1pu"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://img.nets4.com/image/Zc4iwuj.png>; rel="canonical"
access-control-expose-headers
*
email-decode.min.js
nets4.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/jesus.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 11 Mar 2022 12:22:44 GMT
server
cloudflare
etag
W/"622b3f14-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDx3g8m1ScmjK%2BzXXOwagsf0GDumblm7LOZ0lgQ3d8VqI4CdZ%2FmxRQdSpmA%2Fz5%2BkPTKBtoAWAKF%2FsIS3gOrkm%2FGlXsFlJb9M%2BLYmfk3xTbR77oqQlfEXNEOl7yUEm8I%2FPAUjppG5ZNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6eb419e9e9f2910d-FRA
vary
Accept-Encoding
expires
Tue, 15 Mar 2022 10:31:39 GMT
rocket-loader.min.js
nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/jesus.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 11 Mar 2022 12:22:44 GMT
server
cloudflare
etag
W/"622b3f14-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2FR6AqYgFvHtJ2mEhy9p6oVus%2B8UWseTnCqmtHV3T%2FK0rms3Jw1BI4LSMRsgRyEjjQnonTELZSZ1ci5y4jDG8oudEyorQG7H5e5BHLgVs%2FixZ1gap5%2FJue9PGBQcVO0k8FDkR4js5Tw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6eb419e9e9f9910d-FRA
vary
Accept-Encoding
expires
Tue, 15 Mar 2022 10:31:39 GMT
W25b9ht.png
img.nets4.com/img/i.imgur.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/img/i.imgur.com/W25b9ht.png?w=40&h=40&f=auto
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17a97981604a1fe56f8804e77655010e70cbfbbac2c66e03a303e876dfd72640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4073000
cf-ray
6eb419ea0da89096-FRA
x-cache
HIT, MISS
x-cache-hits
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1574
x-served-by
cache-sea4420-SEA, cache-fra19181-FRA
server
cloudflare
x-timer
S1643094500.716062,VS0,VE220
etag
W/"ee80457266cef4b485c3668cbdd5f67e7ed204e94a46f041afd17fa27c93c945"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Drayk4xINOIlFrYGKXOt9nCw4PXaCLT2%2Fvc70MiaogPOQRVk%2FHOBhDmgCYJ0Na2FwAI%2BFRZeGpCpiTnRhA0ATwh9GIyM5B1HO%2BneNFoVfU2G87KDk%2FzOi9d4UhjeI9OdUmzz5V8J7WEmIAQa"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://img.nets4.com/image/W25b9ht.png>; rel="canonical"
access-control-expose-headers
*
jesus.co
nets4.com/domain/ 		15 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nets4.com/domain/jesus.co
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://nets4.com/domain/jesus.co
ts-request-embed-key
0d910918-0a93-4ea5-8a66-ed7e0a3a6210:06a9ac0e59d9cc591976b5028c47798bab23a5f5e68f8e57dc9e4d402052aeb8
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypqLq2UpmsmFiWQgPNoZl039cEfFe6%2Bk5p4A4CYLbUcKZwRnsPWDLKFI%2Fm638E5dshIaMocnCTYJ9GKoaHWWBBWHDdaCGDKEW6WQmYIb%2B6PTdpPEA5LbE5SAejHBlsV1WYxi1o2YSXk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cache-control
no-store
cf-ray
6eb419ea1a43910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15
leaflet.js
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/ 		139 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c837347a297c1a35852aa375392cc74950a2b868214e8b1909c4637b8b63ee24
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://nets4.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4070219
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35659
timing-allow-origin
*
last-modified
Thu, 03 Sep 2020 12:27:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f50e115-22a75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRZkwu3hNqf0SGVUqYJso45CDt84bCaFbdDxB3lG4RDjuz9tt2jbOMvmUbzxqax9sR5fILcWUdyB4sWc5txLOTV6uX9LQ91xNLx%2FnaumX9GEPIo%2BuJ8cCB%2FTFqoYtrr91z9JanXiUNL5fA%2B6awXZ0je3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6eb419ea19169136-FRA
expires
Fri, 03 Mar 2023 10:31:39 GMT
agent.js
cdn.purpleads.io/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-50.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38bf08369b9d72ce4d22d5b555e9e5ee2e7a5fab8980ba2787f47d89d55e2c99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 14:24:13 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 08:37:50 GMT
server
AmazonS3
age
72447
etag
"0c008aa8cd8d5ae47e2eb77cc10e9a3c"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
10377
x-amz-cf-id
CzusthDqG13tZbz01NJeXPbi2dddwTqaq_Y2ILnb75nO5DJnHxzNGg==
sharebutton.js
nets4.com/assets/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nets4.com/assets/js/sharebutton.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21af66f64bb18b1159ee363a933d5630e27419c83915d4d5ef42d8154f3921da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/jesus.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3040
cf-polished
origSize=120806
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 03 Jul 2021 07:08:27 GMT
server
cloudflare
etag
W/"60e00ceb-1d7e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FPXdbsywZKf3Xmk4xwSO%2BbHyUNeifNYnvHgZBocgoW3Wr6gXppYSsSS0URv6Wqit9brytHTlCJXTZcVQEcd6nddAK8DKPIjfOMvrd%2FhyGLXCH2tIdQWtO5ahR1LTLBh2BuVG6fVg9T4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
6eb419ea1a4e910d-FRA
cf-bgj
minify
load.js
cdn.purpleads.io/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-50.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
56386db6fedf5475ff6ac57939cfaac58722f519fdce666cee7494b993c84e81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 17:10:55 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 10:12:20 GMT
server
AmazonS3
age
62448
etag
"46df8e234dd4307137411d6b4887edad"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
6702
x-amz-cf-id
oUoLLKjLtggVGric7MclExj8WLckWgAzRK69mehu70FWYide9hhnNw==
api.js
www.google.com/recaptcha/ 		850 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bafa1db2a6708b6401e11e0b2ac4c5bb6eddf4c25e5a83b7eb391fe42ab34a2f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Sun, 13 Mar 2022 10:31:39 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/js/ 		62 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/js/bootstrap.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
314434
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13102
timing-allow-origin
*
last-modified
Tue, 20 Jul 2021 01:00:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60f6203f-332e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWQ60dnAa1L4w9PEN9oaGhkPr2qDC21y6Ws83%2F4VdJnV5LRei%2BSIL8lgyGvHaFFZgk9Ibz25m0UXunnZr08HNvyS8r9ve0vnbIs58br8sNJ%2BF75LY9aSVRmYFjMjiVKcGDjouaxo5NXgrbTEVK%2B%2BoHAB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6eb419ea39469293-FRA
expires
Fri, 03 Mar 2023 10:31:39 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.0/umd/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.0/umd/popper.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691d4bd7b9b31f9ab1b1837e7d956e0e3041ef63c1ee0edee8ca6208a4234efd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2298984
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6107
timing-allow-origin
*
last-modified
Thu, 02 Sep 2021 17:01:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61310375-17db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utTIX%2F%2Feh9tPrC9mln%2FqkmOIsvGJccWhejjObepGmjeLPs3HsgKqFgtqP2OrJbrd9exPmn5leJuVcLLt1N%2FwOIkekTnuRnFyUWjyaCoX4BiOEWUfBeO4sn9UEmJiBcnAHTq328namBC3Wl9weO92pzVM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6eb419ea39489293-FRA
expires
Fri, 03 Mar 2023 10:31:39 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
307450
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27938
timing-allow-origin
*
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQ41bALdJidSBgKd0qCBVdsaGdGZBYV%2FigJ9TFSv%2BJJsfp6h49SDtGS94Oz2nuH5gziXQRlYOqKbZzIGLJEuF6taQ%2BYcEwYQ2Uk3wjB7jxMR7nBZdqQK1Mw5gKoGEKW2yasmawsPwrnhq76wmyel2mR3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6eb419ea394b9293-FRA
expires
Fri, 03 Mar 2023 10:31:39 GMT
beacon.min.js
static.cloudflareinsights.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/apps/head/awkqrI1qzYcE0gTfW6uXyLl_1bA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6eb419ea5aba9b9b-FRA
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1607
date
Sun, 13 Mar 2022 10:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 13 Mar 2022 12:04:52 GMT
s.js
nets4.com/cdn-cgi/zaraz/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0cmFja3MlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIySmVzdXMlMjBkb21haW4lMjBzdGF0aXN0aWNzJTIwLSUyMEplc3VzLmNvJTIyJTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZuZXRzNC5jb20lMkZkb21haW4lMkZqZXN1cy5jbyUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBMCU3RA==
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22d7e00449ca81f34b0926fe4573ec056a674d959ad42d7fa0ad680e90f27992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/jesus.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
https://nets4.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aB1fe1qMP8udcmFWYwspvYqZ3LUIsi%2Bpwsv1w87bjkAhknF8n8%2FTnjkIQmCL61DPQXQEaKVeFfIVWFonFkanHZ%2FM70BL%2BscGyLv1A7CdRW29COo0fScilKbGh6%2BL3nO1NrD8gBioHa4%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
600
access-control-allow-credentials
true
cf-ray
6eb419ea1a51910d-FRA
access-control-allow-headers
Content-Type, Set-Cookie, Cache-Control
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1102560
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76736
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-12bc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uG4z5%2FjAbBplwAqKauM9ykOJhrBYJ99CM54mFBX2lVsL7Jh3lQiLJ7LYG2TxsiIwrfmc%2Bys6VccDLMYGxRPTF4ccqcbcM70dlzzNF3VDv6Fnvhg4Q8OQ9Mp8vVr6AfXt3PNqqzGINpiDcAnKKo5W1xU7"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6eb419ea29279136-FRA
expires
Fri, 03 Mar 2023 10:31:39 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1105179
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78268
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-131bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DRMgD1GJMmM%2FNTV9Z0S9i6G7QMvUTBc37ac0x3RP2YxWdeoE59kg1ahBW90wCKWDWBOr0qlmI83kToe%2F3EXeAQb39pb8EPt2VOw5nrsd0eCTBDTUgczqBxTGn75pXKGIZlal0kEOCXa4yIcjQOxU56q"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6eb419ea292a9136-FRA
expires
Fri, 03 Mar 2023 10:31:39 GMT
pica.js
nets4.com/cdn-cgi/challenge-platform/h/g/scripts/ 		19 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04923c5e207caf6c7f88f1e723ee1e7e6e46d701d42ce4dfd45dad4ebd0c78e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/jesus.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2F6Cg2sJEOG81C4lvLt6CsjJLwqcgJmML2%2B25TfMQUkblU5KusZoxN55PwqVSsP362UZOBFGtzYeBMshxAL2m21HkJxot3zTWduinjC%2B6IP8WSXt5RZlMSWlazgJIIVk%2FBBhjJjKE4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6eb419ea2a59910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
09e3554b-79a5-4c3c-ae4b-17e78e661589.png
s0.nets4.com/s/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.nets4.com/s/09e3554b-79a5-4c3c-ae4b-17e78e661589.png?w=500
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd767560960de0c7a15970ea3b16451cd57550d82babe95dc4aae0caf38f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
46241
x-served-by
cache-sea4448-SEA
timing-allow-origin
*
server
cloudflare
etag
W/"188846c2d030671368a166235dc44fddfc55635373ea892eb143274e819a2432"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wU9fczx2FInDnYS8ndEfU5zG0%2B9MWsNU0%2BWALWgVq6kKNKuYglfdXV7kUFpmX3t08G4p7lwdg0Qohcz8dK90c1wniT5mlXD9aSafzdUZhgq1Mm9cXTqt6L7YNj2zbG76AOqFl5WGzi%2BLyjk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
6eb419ea7e359096-FRA
link
<https://urlscan.io/screenshots/09e3554b-79a5-4c3c-ae4b-17e78e661589.png>; rel="canonical"
access-control-expose-headers
*
jesus.co
img.nets4.com/favs/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/jesus.co?size=32
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c47693176093dad0dfafc4a0b1ab372a994818e9690a7ed0219c3ef021128d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1135
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 10:31:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlUgyF8cTwIq9ZeEVsXoY4o9HXYXkp96shZcY%2FGgtTxIFTER%2FbE5TbOIt6UTA%2FwBYc%2FBJpaJjloUtQBPyzJwGOCLb5kkWpxnVoFMRKH%2B%2FcQZx882V5g%2BNIqJfgC%2FMw5tWOGW%2FTaIhZtEgzC1"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea6ab5910d-FRA
jesus.co
img.nets4.com/favs/ 		481 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/jesus.co?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e4554aebd04601666c4f5f429267fd7518ba1f7658c0f66450fc79aa12c1908
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
481
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 10:31:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70itB0bpWCox8Km%2B57vqqhEttts%2BKeGL0G%2B79Lhle3wT5OmdtUh6K0ext2fm0qOnWIEJTmqeqdezjX5k%2BVrShIlKRcphqjOCrlmqQQGt%2FhoKi9hqeCyxcNSvVHnwIYosiDZME5APCYx8CgW1"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea6aba910d-FRA
jesus.com
img.nets4.com/favs/ 		70 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/jesus.com?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 10:31:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aYZh8%2BHaVjYE4wrWS%2Fa4u3HxagpZzxJBJpbDVDMI0Aal7G46j8EmN1xm96%2BxcBWzx59ecTy%2B3OKJgEgwJJeXCq2gzMaZNWbE1UtUiQzJ2HawDoSAYAvYayyFqrhMraYD04lUKc6E8obi5pp"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea6abb910d-FRA
jesus.in
img.nets4.com/favs/ 		381 B
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/jesus.in?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
192fba245c012468da2443940a99f9ca13257f2a57f1932d5736c318e8a92d6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
381
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 10:31:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVcTav2uKPbwHTo5MB067%2BqSNPr3ZFQ%2BFEfCpm%2FCcNSrECWycTe3U2YHJSVoh8iuv2PGfPYDY43aXpKzanOmvBvSIR0RMgigABuFs%2BC8aJJh9nfMic9UrIMM7R2r%2Be%2FzsOjZ4Mj5jfljbLos"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea6abc910d-FRA
backlinks-discovery-chart
s0.nets4.com/charts/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.nets4.com/charts/backlinks-discovery-chart?d=jesus.co&w=400&h=200&entries=12&ctype=2
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4b4d5e67f4e69cce189da35aec15fd98da62b25d00e3b37f9a51a0facbee9bf
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://docs.google.com https://*.googleusercontent.com;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://docs.google.com
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' analytics.majesticseo.com analytics.majestic.com info.majestic.com https://www.googletagmanager.com www.google-analytics.com https://www.googleadservices.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://platform.twitter.com/;style-src 'self' 'unsafe-inline';img-src 'self' data: https:;font-src 'none';object-src 'none';media-src 'none';frame-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;child-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;frame-ancestors https://docs.google.com https://*.googleusercontent.com;report-uri /csp/report
content-disposition
filename=BacklinkHistoryChart.png
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31622
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
ALLOW-FROM https://docs.google.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Language, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XIRJ83iD4uc6JcpEa0W%2F7QDHa5yXUpz9F%2FcBlOM8sN42N32GROfYvQ5ooKJsMj44SrLSwUvbtr0ze122OUYMJWV8i5eRHDiz46OAiwjk37lMdaJnJQOGGoIOeF9%2B4mWaCTH%2BTsbAQCz77nA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
content-security-policy
frame-ancestors https://docs.google.com https://*.googleusercontent.com;
accept-ranges
bytes
cf-ray
6eb419ea7e349096-FRA
expires
Sun, 20 Mar 2022 10:31:40 GMT
referring-domains-discovery
s0.nets4.com/charts/ 		31 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.nets4.com/charts/referring-domains-discovery?d=jesus.co&w=400&h=200&entries=12&ctype=2
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4480fa1b105970ac52f944596b9ce6c6ab0adf0790e84511b66f93ed471cf480
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://docs.google.com https://*.googleusercontent.com;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://docs.google.com
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' analytics.majesticseo.com analytics.majestic.com info.majestic.com https://www.googletagmanager.com www.google-analytics.com https://www.googleadservices.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://platform.twitter.com/;style-src 'self' 'unsafe-inline';img-src 'self' data: https:;font-src 'none';object-src 'none';media-src 'none';frame-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;child-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;frame-ancestors https://docs.google.com https://*.googleusercontent.com;report-uri /csp/report
content-disposition
filename=BacklinkHistoryChart.png
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31926
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
ALLOW-FROM https://docs.google.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Language, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RbN4p2FGmN2U%2FeuxO5p9RxlyB3XktB6Dk7vLyTXM0x5C8st55sdxlcjcpQE7rmdK7PDS83K0FLJmkLScx60MOBKyoTbl8cgECsLW44qgvqscy5B3AlYETQmcU2i9P085GktbT7era49LT5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
content-security-policy
frame-ancestors https://docs.google.com https://*.googleusercontent.com;
accept-ranges
bytes
cf-ray
6eb419ea7e309096-FRA
expires
Sun, 20 Mar 2022 10:31:40 GMT
megagames.com
img.nets4.com/favs/ 		535 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/megagames.com?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd05ef9807b98a27b9e65f2b5ba48ed0f3924630b80d1361aac1eaef3976072c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5364
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
535
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 09:02:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BWFwWXev2d3YUsg2oiVgOKlzgNa36anax%2BkPVuzk8%2F7gvxLJ0Xv8SfPZjUj28mx6WtJxvFizoCUPpt7dgI5HZ%2FY%2F2S6kr75VEswtMz%2F3WF15dpRCKDxBYosDHAZJKLRp4PZ0DKq5S2dCuf6f"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea7ac3910d-FRA
heatherriggleman.com
img.nets4.com/favs/ 		818 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/heatherriggleman.com?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1f2d2e5202f3a1baa8751d93b62cb65f8ea0f5b16d64d78a00b4eff91f9091c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9571
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
818
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 07:52:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvra1ji3%2B0ruzfA9Pk258pY1KuhdtJ7jsVPW5OgOTP1PEM%2Bd0ZFK7l4wq0%2Bj6ltphq9E%2B%2FsKkj6FxJlrPWbG%2Bj73r%2Bjh1nZU3NICWVs2O099yGkicC04TisFkIDftFmaA87u3fPzzjlCMOmH"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea7ac4910d-FRA
yacy.net
img.nets4.com/favs/ 		698 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/yacy.net?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ce9c974eddd008645e638d66c7029179ae19c8b271365d4501e82e6e9d54c13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17998
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
698
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 05:31:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rB6gRDns2x%2FatkVGxMB1Uk7EFBZlf1bDF47Qd8DLz%2BtNmX23aergYJWlzBpXh2rrl%2BiRjS3VdSBtWAsb8VJkvje%2FDhtmkD6oDL7sW5vsowz2ZFSVpQ7ecctNi3vuzaSQMKuhwj%2FeFNRRm1tN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea7ac6910d-FRA
founderpass.com
img.nets4.com/favs/ 		425 B
968 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/founderpass.com?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c20db37b0415137d094d2f4b92c2db53064084af00af9638521af4a60e3202b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17999
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
425
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 05:31:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IM8PUbyNDQrV1KsvZ4i8szAfWhWAHHhvKog8A%2BV%2B2LX6Xc4vjPvaUuWJT2jX%2FVkn%2BS2MpAjTXsyI9dAhXqbErkw5%2FmFJ2t4%2FDyWKqW6%2FBE3vcA%2F7YtsfFODPegWqJ6Ee6MiWPWfIzp96YyRk"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea7ac7910d-FRA
powtoon.com
img.nets4.com/favs/ 		722 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/powtoon.com?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4b84531c5dc764af9161a56997edf9b4c67e661d9108c6d346ca6944c10716d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17998
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
722
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 05:31:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSBC1PpP3g0crGkZ9geJZ%2Bq4d8tdn4IQfQREL9gBciV7Qq3lmR361GLBc0JlpQWfHWFBY%2B%2FRsvYU%2FNsMhFM%2BfBzjyDlQuvkAAai040rko8C6BAOSuUZPuM835%2BwHVqc1YCrHf3bFryG3blMu"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea7ac9910d-FRA
batterybarpro.com
img.nets4.com/favs/ 		349 B
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/batterybarpro.com?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42209466a0cee1f96840538c1199f541720c02d34fa7f6cf499019a2b22a477f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
349
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 05:07:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzjM07M2cTVG%2BYoYLQF30bniQLi7l5w417W02gNTrqz9k47QIFZpABJ8sgtS6PYdUpBkkDqm3G3MGandIYXAqkkif%2Bl0lgWDCyt%2FzDxUapAvUhy5CpChwF%2FaMv07Z4mXUVyB%2Botp99NBGp1G"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea7acb910d-FRA
remotists.com
img.nets4.com/favs/ 		70 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/remotists.com?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 05:07:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gjo65QsBERJzxnTJjQ8EXNwoNU4M2RKc2MEd1cMU5jLim7NMUNeGxTvIZudK8O4%2BNaYmtTbrp3B2DHTXqOsir9nsE5ilahNOmHv9tAAtJoEFbAzAVmo3f%2Bv0h%2Bdrx%2FCffzCaS2hsrXif9pAj"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea7acd910d-FRA
wildapricot.com
img.nets4.com/favs/ 		457 B
996 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/wildapricot.com?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f96caee1cf100b342e61f134b36c0673d6a1d5bf9eecbc302f3a32de281b8163
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
457
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 05:07:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHQdQZbh8uaUGeuQ%2Fsx5DjXOYpf1OHLM8uSuSwilcTRUidJj3obmJ1rIC5IsnlZHqpwmh%2F7Y3MmcHIfj9yhC%2F%2BxVL%2BljVlx0g0MytN8smkrbZ1H%2BhkaTmWr7kStEiNyMSxk7HKEH8AsdkaAD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea7ad0910d-FRA
calendly.com
img.nets4.com/favs/ 		492 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/calendly.com?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc96ff8709fb90541d88f19f338e82407556aeb4719befe3a637c53955bfe6cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19971
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
492
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 04:58:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpvKmr2ii4eAivyzu5F7Zfth2OqR2Z97BKBoxgCJrzfDgUiLWa1xhrpZCxSgxAQg1ABekPEdjTkhWKf60zqDvCoBai1klQAGzrnvZ0yGMCiKYf7IbEvnAExsv1vLWCQzmxosVB%2Fgq%2FnxOsMD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea7ad1910d-FRA
maps.me
img.nets4.com/favs/ 		449 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/maps.me?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fb70b777e2e28b115fb3154f38891a6fd251dec72c0173c79c97df3f32a897a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19971
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
449
x-xss-protection
1; mode=block
last-modified
Sun, 13 Mar 2022 04:58:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJcnlh%2Bg2g1HxZpAe85ynNRMaS9TySwEQLJd7OBaNH%2FuCU0bcBmkHyh%2BplrUsVAC9oI05yqUcE88pSN%2F2pNd2ozMCAQ7jxp%2FPOTv5pPDSXjKJkhQZGBLPzKZ7R7Sqs%2FYlfao9HUpUng%2FsMTW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6eb419ea7ad2910d-FRA
550j6zn5gn
www.clarity.ms/tag/ 		682 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/550j6zn5gn
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1425 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
096cfb56ab0d5ca611f0511fb95e8451322f44a0b9c2514eee76869c267d206d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
x-powered-by
ASP.NET
x-azure-ref
0DMgtYgAAAABKV20MkjRSRK7zTmwtlpTHTUlMMzBFREdFMDUwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
content-length
682
expires
-1
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1099023220&t=pageview&_s=1&dl=https%3A%2F%2Fnets4.com%2Fdomain%2Fjesus.co&ul=en-us&de=UTF-8&dt=Jesus%20domain%20statistics%20-%20Jesus.co&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=238315253&gjid=2075921767&cid=1312843398.1647167500&tid=UA-123511935-10&_gid=901498445.1647167500&_r=1&_slc=1&z=263731832
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nets4.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
6eb419e37d629096
nets4.com/cdn-cgi/challenge-platform/h/g/cv/result/ 		2 B
689 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/challenge-platform/h/g/cv/result/6eb419e37d629096
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1647165600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://nets4.com/domain/jesus.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6eb419ec6d83910d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0LluNIUcI2nFNSDR3uLp8G%2FO%2B2Kqa1%2BrPceuFpzlvMbCKBTrFnHTL%2FQlEyvftj2CNP5Iu9Y%2BP27m1g6shXwQKep7jdpf%2BwIadVK7OeaChS7f9N5MUXq7KLtMEB0zjbsgSr7z5NoTaOU%3D"}],"group":"cf-nel","max_age":604800}
clarity.js
h.clarity.ms/s/0.6.32/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/s/0.6.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/550j6zn5gn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:39 GMT
content-encoding
br
etag
"1d8314040aa9e90"
last-modified
Sun, 06 Mar 2022 09:55:04 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
/
api.purpleads.io/x/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/?ts=1647167500682
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
1ea95ab1-22d5-4ff4-8c00-04677b013d4b
/
api.purpleads.io/x/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/?ts=1647167500682
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
24dbcced82a1b52b704d4353e10b04602cba0ad3ae83112b7d3520dc7a5df0c4

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
0.4.13

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
etag
W/"11a8-f3kVFqQgsfGq66cS1HtWQfLb9hQ"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
51a825cf-c9f4-433e-90e3-6c0f7be5e970
agent.js
cdn.purpleads.io/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-50.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38bf08369b9d72ce4d22d5b555e9e5ee2e7a5fab8980ba2787f47d89d55e2c99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 14:24:13 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 08:37:50 GMT
server
AmazonS3
age
72448
etag
"0c008aa8cd8d5ae47e2eb77cc10e9a3c"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
10377
x-amz-cf-id
bE3YPN78sD3HUTCsR7JkILqINgcpBH9UZ6O8-pwkDwwOmXEQnkHq6g==
sm.22.html
static.addtoany.com/menu/ Frame 01E8 		278 B
650 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/sm.22.html
Requested by
Host: nets4.com
URL: https://nets4.com/assets/js/sharebutton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fef239ebd936e96f316dee1aca599952e7adaaba26fab72b45328871855ac4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
content-type
text/html; charset=utf-8
via
e3s
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
last-modified
Tue, 28 Sep 2021 21:02:23 GMT
etag
W/"116-5cd1487afaaea"
cache-control
max-age=315360000, immutable
vary
Accept-Encoding
cf-cache-status
HIT
age
1416498
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6eb419ef988f698b-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
init
api.purpleads.io/x/ 		68 B
358 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1647167500710
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
587259314084a04755f0dfb2d0f0e9f07bdf03a575352e366e308d2e19cfc70a

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
etag
W/"44-Pm5SJt3t2KI5gMvsRd3GV+dxT2U"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
content-length
68
x-request-id
6a9cc782-90df-46d7-a222-6d498ea54367
init
api.purpleads.io/x/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1647167500710
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
17db7ba9-7130-41b3-9da6-1d40162c291e
marker-icon.png
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/marker-icon.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
574c3a5cca85f4114085b6841596d62f00d7c892c7b03f28cbfa301deb1dc437
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1340910
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1470
timing-allow-origin
*
last-modified
Thu, 03 Sep 2020 12:27:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f50e115-5ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=croTQvFM%2FnSX4sj%2FDPqAbwbuW5c3fndXuGOMAGEylZfkeDhflWsLlv%2BC7jTjRz30PCEiBf8t185vd8K7cWtIDtwUOZe2%2BlAShQIQsXZwG33qCXyLCpIAo7FeGQ66lnzlhzKhsRDK9EB3rFKeCRmPPeoW"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6eb419ef98d09293-FRA
expires
Fri, 03 Mar 2023 10:31:40 GMT
2.png
a.tile.openstreetmap.org/3/1/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tile.openstreetmap.org/3/1/2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b322c9030883acdb559f857024b4ef3ab7574712b635b6e3db135749e32e1fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"cb5643e63f3bc4f3e5c38d2017293c13"
age
175656
x-cache
HIT
x-cache-hits
126
content-length
8528
x-served-by
cache-hhn4041-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647167501.780479,VS0,VE0
date
Sun, 13 Mar 2022 10:31:40 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
odin.openstreetmap.org
cache-control
max-age=45476, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Tue, 01 Mar 2022 16:00:16 GMT
2.png
b.tile.openstreetmap.org/3/2/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.tile.openstreetmap.org/3/2/2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3c865f9ba19b80bbab61230ac6f099d6c605af2b21615415338a9bfa471c863a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"c7b1ee252c1accd2fea964a71de354de"
age
201334
x-cache
HIT
x-cache-hits
1377
content-length
11092
x-served-by
cache-hhn4070-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647167501.780898,VS0,VE0
date
Sun, 13 Mar 2022 10:31:40 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
nidhogg.openstreetmap.org
cache-control
max-age=181862, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Fri, 11 Mar 2022 02:36:05 GMT
3.png
b.tile.openstreetmap.org/3/1/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.tile.openstreetmap.org/3/1/3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
516fadf20aefdc9565d38ff12fd35aa4262d20408dace2f5849cd191119496c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"bc52a0f704ebee39a8cb5a58715363ce"
age
16213
x-cache
HIT
x-cache-hits
70
content-length
3910
x-served-by
cache-hhn4070-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647167501.780990,VS0,VE0
date
Sun, 13 Mar 2022 10:31:40 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
odin.openstreetmap.org
cache-control
max-age=178270, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Thu, 10 Mar 2022 21:05:46 GMT
3.png
c.tile.openstreetmap.org/3/2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tile.openstreetmap.org/3/2/3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c6cd28b8f48cd9c890723dbd16c6847083e7c322af81fc3da91b9730ac576658
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"7c25652ac6639939d717ee7de6a8d342"
age
196554
x-cache
HIT
x-cache-hits
2665
content-length
5621
x-served-by
cache-hhn4046-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647167501.780373,VS0,VE0
date
Sun, 13 Mar 2022 10:31:40 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
nidhogg.openstreetmap.org
cache-control
max-age=42212, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Tue, 01 Mar 2022 13:29:14 GMT
2.png
c.tile.openstreetmap.org/3/0/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tile.openstreetmap.org/3/0/2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
dea6d9b977b06e1be6dbf3fc5118a1d8bfca410f14b6c4ad64ec07c057d4783c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"a97b0ae3a1c931b59d9503c0fb773d21"
age
114426
x-cache
HIT
x-cache-hits
17
content-length
4699
x-served-by
cache-hhn4046-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647167501.780441,VS0,VE0
date
Sun, 13 Mar 2022 10:31:40 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
odin.openstreetmap.org
cache-control
max-age=164739, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Wed, 09 Mar 2022 22:22:36 GMT
2.png
c.tile.openstreetmap.org/3/3/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tile.openstreetmap.org/3/3/2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c87dc7d9c212984118785676c741a202f5cac746b7b003298a930ed56316e51f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"9a69d3f3c4dff9f5588aaa850c1c6140"
age
146453
x-cache
HIT
x-cache-hits
2327
content-length
4828
x-served-by
cache-hhn4046-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647167501.780499,VS0,VE0
date
Sun, 13 Mar 2022 10:31:40 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
odin.openstreetmap.org
cache-control
max-age=87076, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Sat, 05 Mar 2022 00:55:16 GMT
3.png
a.tile.openstreetmap.org/3/0/ 		249 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tile.openstreetmap.org/3/0/3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6ad584690f7fa3e788ea1df9a6a567211be5d9d627908e9339e84e99efe70126
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"07a14efdf923d78dad7320032b8d412c"
age
92240
x-cache
HIT
x-cache-hits
12
content-length
249
x-served-by
cache-hhn4041-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647167501.780546,VS0,VE0
date
Sun, 13 Mar 2022 10:31:40 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
nidhogg.openstreetmap.org
cache-control
max-age=168048, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Thu, 10 Mar 2022 02:25:44 GMT
3.png
a.tile.openstreetmap.org/3/3/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tile.openstreetmap.org/3/3/3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
15f97543ff4d546609111ebf1c117bbe16c5fe852fa7e826204b74566e91a8f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"c947e22ac6e5f0475ad3445622a32d51"
age
69144
x-cache
HIT
x-cache-hits
1371
content-length
4834
x-served-by
cache-hhn4041-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647167501.780593,VS0,VE0
date
Sun, 13 Mar 2022 10:31:40 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
odin.openstreetmap.org
cache-control
max-age=15307, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Mon, 28 Feb 2022 00:30:56 GMT
marker-shadow.png
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/ 		618 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/marker-shadow.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
264f5c640339f042dd729062cfc04c17f8ea0f29882b538e3848ed8f10edb4da
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3337151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
622
timing-allow-origin
*
last-modified
Thu, 03 Sep 2020 12:27:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f50e115-26a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fM47O3KwTOdMmQycRxvH7hE8HT9hGi70RwJR%2FoMPoo1LxoshmQuUt7JTcgL%2B7XuL%2B6X6gse7hCt%2FS%2F25B03HNs9xv%2BDwMtET2Nrx2ZufdF8vnG5vbIHhBG4iF5XsbrFjpsYAldIghPJmxIch9UER6kSH"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6eb419efa8f19293-FRA
expires
Fri, 03 Mar 2023 10:31:40 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=2EC232119FAD420CA963FFF57871D896&RedC=c.clarity.ms&MXFR=36FD174B6F6A620C24C2062D6B6A6CBA
  • https://c.clarity.ms/c.gif?CtsSyncId=2EC232119FAD420CA963FFF57871D896&MUID=003CA7597F3E6ED90046B63F7E556F47
42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=2EC232119FAD420CA963FFF57871D896&MUID=003CA7597F3E6ED90046B63F7E556F47
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
last-modified
Mon, 28 Feb 2022 22:29:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"7c5ed6a6f22cd81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7C67A758CA2F4E0DACCB47AAE1582238 Ref B: FRAEDGE1406 Ref C: 2022-03-13T10:31:42Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=2EC232119FAD420CA963FFF57871D896&MUID=003CA7597F3E6ED90046B63F7E556F47
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
icons.29.svg.js
static.addtoany.com/menu/svg/ 		78 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/svg/icons.29.svg.js
Requested by
Host: nets4.com
URL: https://nets4.com/assets/js/sharebutton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
via
e1s
x-content-type-options
nosniff
cf-cache-status
HIT
age
1417489
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 31 Dec 2018 23:29:11 GMT
server
cloudflare
etag
W/"13937-57e59c7b88bd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=315360000, immutable
cf-ray
6eb419efb8a7698b-FRA
cf-bgj
minify
recaptcha__de.js
www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ 		360 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15f9c75454fbc8c7a512938af4ebbe852cd2fe82b8bd32ec98222a231b8a7e12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nets4.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145081
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 05:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 10:17:35 GMT
rum
cloudflareinsights.com/cdn-cgi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
content-type
text/plain
access-control-allow-origin
https://nets4.com
access-control-allow-methods
POST,OPTIONS
access-control-allow-headers
Content-Type
access-control-max-age
86400
vary
Origin
access-control-allow-credentials
true
server
cloudflare
cf-ray
6eb419efef4c5bed-FRA
x-frame-options
DENY
x-content-type-options
nosniff
content-encoding
gzip
rum
cloudflareinsights.com/cdn-cgi/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
application/json

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://nets4.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6eb419efff5d5bed-FRA
vary
Origin
collect
h.clarity.ms/ 		0
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: h.clarity.ms
URL: https://h.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://nets4.com
date
Sun, 13 Mar 2022 10:31:40 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=0&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=26c809a2-a8dd-4b1d-a7b7-5d81902b7646&ts=1647167500923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
830f9c2d-d64a-4905-ae78-072ab3710d23
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=1&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=66918125-e889-4222-8a97-cbd6848d5ebd&ts=1647167500924
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
fde4c2f4-285c-4aac-b3c9-11bf04b2b652
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=2&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=223cbcb8-9229-4726-8809-4049ba965c09&ts=1647167500924
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
ca81c42f-f653-41d4-997a-bb16fa2cd1ce
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=3&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=5cb4c655-173a-4127-966c-54ba12b5a8cd&ts=1647167500924
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
980c2135-4b8b-4d36-84f3-809e7cbe6402
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=4&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=bda687bb-ab21-4253-95a1-ae2d1e1115bd&ts=1647167500924
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:40 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
eb3c19f4-38f1-4c42-918a-499a6557914d
/
api.purpleads.io/x/b/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=0&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=26c809a2-a8dd-4b1d-a7b7-5d81902b7646&ts=1647167500923
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
146bdc3c0d9ffce08f611fd426c9f5a6d9d003c7aac7008064f5a41664f9f46a

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
etag
W/"2407-BEJj0yKJdtg1/zr7oDf94L9ci7E"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
aab4f66a-b422-4c23-a88b-bdaacc34ef3d
/
api.purpleads.io/x/b/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=1&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=66918125-e889-4222-8a97-cbd6848d5ebd&ts=1647167500924
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
94bd10db36c3bc5c0bf38ffc55585c96abcc31f8e9957ed6e0c87c9c5dd42f77

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
etag
W/"2357-qseuVsLGoTbfYVjeKLgPD9TPQ00"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
6b582616-7423-4380-bf65-08c493cf1baf
/
api.purpleads.io/x/b/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=2&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=223cbcb8-9229-4726-8809-4049ba965c09&ts=1647167500924
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
539f15bad34896844475a238302138e3ae85c29209532264254bdc28daaa3edb

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
etag
W/"2407-9dK4jVDsgh9kAyYvk6zvSgaMymM"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
e23e3e79-d46b-4316-91a8-974faccbde87
/
api.purpleads.io/x/b/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=3&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=5cb4c655-173a-4127-966c-54ba12b5a8cd&ts=1647167500924
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
d9a9a19991050ee3bc32c91ed4df32051a445d9175f6fa45228d123ce0b42ecf

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
etag
W/"2407-KMekaAHH0gMdQQhJZKRBxAGAHlc"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
030279b9-8f71-491f-bf4c-7a09eccfb8ef
/
api.purpleads.io/x/b/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=4&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=bda687bb-ab21-4253-95a1-ae2d1e1115bd&ts=1647167500924
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
7d851fa6f8a004b6b8929316ffecb82459ac179ad247192431c7279dd600c39e

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
etag
W/"23f6-uV2IXEL8ulMk1rREVaf9EekAMRQ"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
707e6a34-8946-498b-a0ec-d0a17e49cd71
anchor
www.google.com/recaptcha/api2/ Frame 02A1 		43 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&size=normal&cb=ve3qzsoefmf9
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3d8e0bf009dc4593891079ba62a08eb9e8fc165dd367158823e41facbf0494cd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jmNp7dEw1L3N9b7VxFNpvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 13 Mar 2022 10:31:41 GMT
content-security-policy
script-src 'report-sample' 'nonce-jmNp7dEw1L3N9b7VxFNpvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
22821
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ Frame 02A1 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&size=normal&cb=ve3qzsoefmf9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 08:30:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 05:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 08:30:49 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ Frame 02A1 		360 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&size=normal&cb=ve3qzsoefmf9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15f9c75454fbc8c7a512938af4ebbe852cd2fe82b8bd32ec98222a231b8a7e12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145081
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 05:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 10:17:35 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5A6B 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
a60406d427e511fb8b6f6a483e4b6f028101e150ed2447d38d5d98418afcb466
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27747
x-xss-protection
0
server
sffe
etag
"1157 / 110 of 1000 / last-modified: 1647040337"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 13 Mar 2022 10:31:41 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 02A1 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=85AXn53af-oJBEtL2o2WpAjZ
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&size=normal&cb=ve3qzsoefmf9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f98ff8ab059bdef9ea7fe9165a4e74fce15166abdbb8dd25307b7b7d9ac26ddd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&size=normal&cb=ve3qzsoefmf9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sun, 13 Mar 2022 10:31:41 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame CACD 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
e865ba2ca00e11081a85a9c02951a24ff5ad447974bfaf3daa5356339bc02b6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27723
x-xss-protection
0
server
sffe
etag
"1157 / 123 of 1000 / last-modified: 1647040256"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 13 Mar 2022 10:31:41 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 468F 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
aaac48be454622fb624348d4cd72ff1983d195ed341e39f25655bf181eb2e44a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27718
x-xss-protection
0
server
sffe
etag
"1157 / 34 of 1000 / last-modified: 1647040256"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 13 Mar 2022 10:31:41 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D687 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
36ae7cd197f222a180957b29c08cdc6440561a9fae3aeeb757ec42a63d90d972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27723
x-xss-protection
0
server
sffe
etag
"1157 / 730 of 1000 / last-modified: 1647040337"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 13 Mar 2022 10:31:41 GMT
bframe
www.google.com/recaptcha/api2/ Frame 1229 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2a3656cc3dc3ed53e485cf84e47918685e694198f3f97f06f16533e6d86b04ce
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-i32xE7gPs2br6+kxLGP0Wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 13 Mar 2022 10:31:41 GMT
content-security-policy
script-src 'report-sample' 'nonce-i32xE7gPs2br6+kxLGP0Wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1110
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5FB7 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
e865ba2ca00e11081a85a9c02951a24ff5ad447974bfaf3daa5356339bc02b6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27723
x-xss-protection
0
server
sffe
etag
"1157 / 338 of 1000 / last-modified: 1647040256"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 13 Mar 2022 10:31:41 GMT
pubads_impl_2022030201.js
securepubads.g.doubleclick.net/gpt/ Frame 5A6B 		364 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
499d742344f4b69df1c45273acccf5c6941269f48276e4d52cdabdfbb77a7904
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 22:37:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
474837
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124504
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 09:35:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 07 Mar 2023 22:37:44 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ Frame 1229 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 08:30:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 05:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 08:30:49 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ Frame 1229 		360 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15f9c75454fbc8c7a512938af4ebbe852cd2fe82b8bd32ec98222a231b8a7e12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145081
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 05:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 10:17:35 GMT
pubads_impl_2022030801.js
securepubads.g.doubleclick.net/gpt/ Frame CACD 		358 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
c00983dee008b49458960478c1cb482043faa725f62c00717915fabddb69bfa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1742
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123897
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 09:34:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Mar 2023 10:02:39 GMT
pubads_impl_2022030801.js
securepubads.g.doubleclick.net/gpt/ Frame D687 		358 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065603
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
c00983dee008b49458960478c1cb482043faa725f62c00717915fabddb69bfa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3528
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123897
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 09:34:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Mar 2023 09:32:53 GMT
pubads_impl_2022030801.js
securepubads.g.doubleclick.net/gpt/ Frame 468F 		358 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
c00983dee008b49458960478c1cb482043faa725f62c00717915fabddb69bfa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1742
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123897
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 09:34:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Mar 2023 10:02:39 GMT
pubads_impl_2022030801.js
securepubads.g.doubleclick.net/gpt/ Frame 5FB7 		358 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
c00983dee008b49458960478c1cb482043faa725f62c00717915fabddb69bfa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1742
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123897
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 09:34:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Mar 2023 10:02:39 GMT
integrator.js
adservice.google.de/adsid/ Frame D687 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D687 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame D687 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3329168481610479&correlator=893384276801030&eid=31064905%2C31065603%2C44742767&output=ldjh&gdfp_req=1&vrg=2022030801&ptt=17&impl=fif&sc=1&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=4203880072&sfv=1-0-38&ecs=20220313&fsapi=false&eri=4&cookie_enabled=1&abxe=1&dt=1647167501808&dlt=1647167501438&idt=352&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=294&adys=5111&ucis=ci1p6cig65k2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fjesus.co&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1312843398.1647167500&ga_sid=1647167502&ga_hid=172075573&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
a9765a17e251c504631928177f8caac5462c7f105aef5b2385ea96fe591d6818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9264
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D687 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f44df6024871e07a9dce8999ff5aa6292613928aee3600d398384cabea67095
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10656
x-xss-protection
0
container.html
c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D633 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 13 Mar 2022 10:31:41 GMT
expires
Mon, 13 Mar 2023 10:31:41 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
h.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: h.clarity.ms
URL: https://h.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://nets4.com
date
Sun, 13 Mar 2022 10:31:41 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
integrator.js
adservice.google.de/adsid/ Frame CACD 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame CACD 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame CACD 		443 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3627229347754885&correlator=874696154354001&eid=31065485%2C31065516%2C44756894&output=ldjh&gdfp_req=1&vrg=2022030801&ptt=17&impl=fif&sc=1&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600%7C120x600%7C200x200%7C250x250&ifi=1&adks=113378651&sfv=1-0-38&ecs=20220313&fsapi=false&eri=4&cookie_enabled=1&abxe=1&dt=1647167501859&dlt=1647167501424&idt=415&biw=1600&bih=1200&isw=160&ish=600&oid=2&adxs=1148&adys=1298&ucis=7cbfn9exs5vh&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fjesus.co&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=160x0&msz=160x0&fws=256&ohw=0&ea=0&ga_vid=1312843398.1647167500&ga_sid=1647167502&ga_hid=1009852716&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
2edfb8e5a246cc2bcf5bc25c9f7cf90ea68ab2d8e555869908ca750b8c4a1f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame CACD 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51d1824c15484bf9e5f7eaecda2f6fcd87ac497425e14e21b36daa2bab07279c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10583
x-xss-protection
0
container.html
5e4a4d08a576fabd6d7653ea67d1e7cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5EFA 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5e4a4d08a576fabd6d7653ea67d1e7cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 13 Mar 2022 10:31:42 GMT
expires
Mon, 13 Mar 2023 10:31:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 5A6B 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5A6B 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5A6B 		65 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=419646701581709&correlator=2932053358579709&output=ldjh&impl=fif&eid=31063377%2C31065568%2C31061166%2C44758226%2C44758229&vrg=2022030201&ptt=17&sc=1&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=4203880072&sfv=1-0-38&ecs=20220313&eri=4&cookie_enabled=1&abxe=1&dt=1647167501897&dlt=1647167501334&idt=543&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=294&adys=507&ucis=f6d8vq4vai1i&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fjesus.co&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1312843398.1647167500&ga_sid=1647167502&ga_hid=1408672909&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
868599f683532d79366bfe9d89e2071bccf655ad0e67a2ca9b379c03ffb3a5e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32339
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5A6B 		13 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e7a58fa4a0eb39a6258df9ea0ea084c7d77a0ccf52caa03ffcac50d27f2e52b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10453
x-xss-protection
0
container.html
c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7C58 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 13 Mar 2022 10:31:42 GMT
expires
Mon, 13 Mar 2023 10:31:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 468F 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 468F 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 468F 		0
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3217454138234025&correlator=3531863666794276&wbsu=3aa1f46f-90ab-4faa-ba6c-fa63efefa45a&callback=googletag.wbn1&eid=31064926%2C31065293%2C31060545%2C31065455%2C31064624&output=wbn&gdfp_req=1&vrg=2022030801&ptt=17&impl=fif&sc=1&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=4203880072&sfv=1-0-38&ecs=20220313&fsapi=false&eri=4&cookie_enabled=1&abxe=1&dt=1647167501926&dlt=1647167501430&idt=480&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=294&adys=2045&ucis=fkokrfwtenuq&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fjesus.co&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1312843398.1647167500&ga_sid=1647167502&ga_hid=1310200072&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9663
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
application/webbundle
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
uuid:3aa1f46f-90ab-4faa-ba6c-fa63efefa45a
/ Frame 468F 		536 B
662 B 		Script
General
Check archive.org
Download Go to
Full URL
urn:uuid:3aa1f46f-90ab-4faa-ba6c-fa63efefa45a
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
URN
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d64a80887c78bdcf8f7e98331022b155ce3ec4eb75e254e1d15a15663e80192e
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-Content-Type-Options
nosniff, nosniff
content-type
text/javascript; charset=utf-8
sodar
pagead2.googlesyndication.com/getconfig/ Frame 468F 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a03908890ad86d977ed3c126f30724071c8729279c7a47d052f6743159f5e75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10616
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 5FB7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5FB7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5FB7 		518 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1762645860729642&correlator=478237823039900&eid=31065294%2C31063246&output=ldjh&gdfp_req=1&vrg=2022030801&ptt=17&impl=fifs&sc=1&iu_parts=21902364955%3A22652385948%2Ccm_pu_nets4.com_technology_and_computing_top%2Ccm_pu_nets4.com_technology_and_computing_btf_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=471609500&sfv=1-0-38&ecs=20220313&fsapi=false&eri=4&cookie_enabled=1&abxe=1&dt=1647167501962&dlt=1647167501522&idt=421&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=294&adys=1350&ucis=hcagfcrjyb07&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fjesus.co&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1312843398.1647167500&ga_sid=1647167502&ga_hid=1134687092&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
d2b59825f8e99fb2dc98d6be2a590fea1d87ddf24d33acc0ceefedbf4b760ff2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
270
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5FB7 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5140090ecc6779cabe638c5e55c8235006b86f1bcab23d89abcf02e163ad3d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10500
x-xss-protection
0
container.html
540b893fe6af5ae4cbc70fa62bb6f302.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D7F5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://540b893fe6af5ae4cbc70fa62bb6f302.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 13 Mar 2022 10:31:42 GMT
expires
Mon, 13 Mar 2023 10:31:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5A6B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:42 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CACD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:42 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D687 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:42 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 468F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:42 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5FB7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:42 GMT
/
api.purpleads.io/x/b/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=5&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=bda687bb-ab21-4253-95a1-ae2d1e1115bd&demand=adipolo&ts=1647167502111
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
d85aa20f051e49b97778c825c881639067f6f5fe70965391cc5098977c6df79f

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
etag
W/"2346-Ei5EVDkKKqpHHt8YyL7Yt/rz9nk"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
74fe0906-d6ec-420c-81dd-04eaba03f779
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=5&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=bda687bb-ab21-4253-95a1-ae2d1e1115bd&demand=adipolo&ts=1647167502111
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
2b9ff7d6-526a-471d-b926-f209e514bf1e
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B0FB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:23:30 GMT
expires
Mon, 13 Mar 2023 10:23:30 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
492
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 0631 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
eff717678e5e48fe42ffb6ce1ab2ff63d78a07a6c31eeaaeb8232267469f9a57
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TKD6qEcAndZ3/exa1Bu+ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 13 Mar 2022 10:31:42 GMT
date
Sun, 13 Mar 2022 10:31:42 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-TKD6qEcAndZ3/exa1Bu+ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E3CF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js?cb=31065603
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:31:41 GMT
expires
Mon, 13 Mar 2023 10:31:41 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
api.purpleads.io/x/a/c68ad8882c371603468bb7e8ca90f696:667ba4fd0b77dc2a80313604e2f0ca10fd6816875a17ca74bb4b544359aac0bd25fa8b4b2fe71025fa16343682577240d789899b335a53ae9a20374abd0c52ecf68cfff05916e37... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/c68ad8882c371603468bb7e8ca90f696:667ba4fd0b77dc2a80313604e2f0ca10fd6816875a17ca74bb4b544359aac0bd25fa8b4b2fe71025fa16343682577240d789899b335a53ae9a20374abd0c52ecf68cfff05916e3735a1110e8b2dcab927266c889cf898c359dbe780e03facf6eff593747945ef552ab05585535965148bac7a87b352f2a5515bafe3ee565ec099738b7c8f0f5c83b983daceeb4a14a79/i?id=030279b9-8f71-491f-bf4c-7a09eccfb8ef&ts=1647167502164
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
96333956-1c19-4111-908d-b1061fe3f693
i
api.purpleads.io/x/a/c68ad8882c371603468bb7e8ca90f696:667ba4fd0b77dc2a80313604e2f0ca10fd6816875a17ca74bb4b544359aac0bd25fa8b4b2fe71025fa16343682577240d789899b335a53ae9a20374abd0c52ecf68cfff05916e37... 		0
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/c68ad8882c371603468bb7e8ca90f696:667ba4fd0b77dc2a80313604e2f0ca10fd6816875a17ca74bb4b544359aac0bd25fa8b4b2fe71025fa16343682577240d789899b335a53ae9a20374abd0c52ecf68cfff05916e3735a1110e8b2dcab927266c889cf898c359dbe780e03facf6eff593747945ef552ab05585535965148bac7a87b352f2a5515bafe3ee565ec099738b7c8f0f5c83b983daceeb4a14a79/i?id=030279b9-8f71-491f-bf4c-7a09eccfb8ef&ts=1647167502164
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

access-control-allow-origin
https://nets4.com
date
Sun, 13 Mar 2022 10:31:42 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
28aa6e23-7a35-46f1-b249-43a5f5434660
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 61D8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:23:30 GMT
expires
Mon, 13 Mar 2023 10:23:30 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
492
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 50E7 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1ebd9ef5e1ff89780334c05eec1b416c72578ff66d763166ef65a82f4791d0cb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-C4/qKZORfNyTzc3GJ8hQoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 13 Mar 2022 10:31:42 GMT
date
Sun, 13 Mar 2022 10:31:42 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-C4/qKZORfNyTzc3GJ8hQoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 95A1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:23:30 GMT
expires
Mon, 13 Mar 2023 10:23:30 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
492
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame C11D 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9b91a220e9397e5c490918cd2d49dd3db349e276ee15c824f89d6c9a554ecf66
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-X3BqCSMVPDswfhhULeuhLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 13 Mar 2022 10:31:42 GMT
date
Sun, 13 Mar 2022 10:31:42 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-X3BqCSMVPDswfhhULeuhLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EF51 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:23:30 GMT
expires
Mon, 13 Mar 2023 10:23:30 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
492
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1805 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
144a80a98d18cf0f7f84176d9ccac08f200db3dc231b281862cffe3803cf49df
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LZva2igwDV27IKUDVvvC1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 13 Mar 2022 10:31:42 GMT
date
Sun, 13 Mar 2022 10:31:42 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-LZva2igwDV27IKUDVvvC1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5A14 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:23:30 GMT
expires
Mon, 13 Mar 2023 10:23:30 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
492
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 2A2F 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fa5a146917b566cc193446e536691259f7ef5506fb99fe5f17937a23b2e6d3c3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BsauJpiN6vR24oCqnlurMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 13 Mar 2022 10:31:42 GMT
date
Sun, 13 Mar 2022 10:31:42 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-BsauJpiN6vR24oCqnlurMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 0631 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030201&jk=419646701581709&rc=null
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 63D5 		624 B
973 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNVA6D19NIfd0UzusPG2c7gRgQSKBdI4YhthJ-hLc0st4RZF2i1ySJXxOc2FxtjI5LXu_ehlWlSuPFuLpxu86YVCyAsFzLp0mSM86f6DIHc8c2526iQ3Mpjo9AyL4YKk88I9yLsEfv7V9oCb88XP59mnh7_I0_CqHBTW1MCtfGKNUvONyf0
Requested by
Host: c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
URL: https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 13 Mar 2022 10:31:42 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 13 Mar 2022 10:31:42 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E3CF 		27 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-HElDJlwRxJokT4y-zrYt-PFAZ0AOIPrgBOeVCkui8zjyRtHYPa6_Lg6LlwqY4Mv2IOJO6NSIGHqCaChm_g4BdDHCyMTli5DUGG3_pm_uBUBPZANgPP7Ma-Y9XDSWDmnbEh4OvS8jhG7d2BJ0RKD6FJ5mOQ&cry=1&dbm_d=AKAmf-BciCc_F4f0YBf7P6q94xeesUp3uBhFuHJRNNU0ngpZ6dewiG5D6BYdhFfZsAiiDdvEmPnFCvkcykPTz348mbXQONflC72wKPS0H9T5E6dzXZPKKuTtPJjhANs6eM6s5zI07NOUrAkdqRPlzc1Tz6dqFAh3Up6gDXe-wCcpvaNoUIjrZjeUWSS9Jgl5LWuVXY0l5ZAeeI291uPkn7ZiaQEOpUZ_8gBPlIaIXJ-CQBZvNc0Pz2wF2zEnnGBI0VtuSYqmhCfnOY8mI_CvU4RDfd-eIdAZGQEGVJG6l8pmc5N5yJKC2YlIq7aokvx01JPmSAjtkKmm-gGBdYaiUuoObXs94PQTdMAaSxV_ufO8-RBcolfTbH2AlclKnoeuybecc7qqSnRSg46zVENG_vmXVboOHrJFWbCLz9joAQldLKBujwLwCIpwtJhSOd5Oig88mSUEPpbanbZfNnDf68TQsm2_94oVjgGxBgmAd9BjaLxUyadyMLyQTuLhrl17EGatH9f8GhCBew-_sx5KAhUxrtSyUZQv1h5hlU3QzbiaOIcmjMEdVLCgTanlLtjC4mPbDusIuY1U0ephVeDvWcj2xSrqdv8ZjF0qREzr-4fMSuYDKyo8CZ3bmUw9bVf7B_edMLX4sYe12W8VovwY9jcf2k4ZmXNbzYyJsUk1r9XdLK01ociBujaEiM0K2G1XxH8DcusrI7A1mJz-e9Uz-d8NbBLyGXotYpjazSi-5x6z2pe_zZMLRZRcHg4rHP58vgpLnQ8W3lXeAvnZymkNrKSbDX1qcSCSJR7Ioo79rVC4Z8S3ZdN4EAHc9lTlnOI1DrDv3hwXhqei3SDWAkFqbtg3AP5KpytieiZnFOFYUr75_ozhNXwCYUk1dSZgFqq96Kpy8KbpsoXf5vvWCQYnsQvhbvOLwZiAAejNj6n72ghDrnIH6PPSk9em2ReyA5TOx3YDWl-pOSNJ3eZOiFht4IPs_3t86W85FSqiennfOYbJ495Ke8IXYqFQO2diTJ6s67_pK-gqObjlBm8bnr3ESVYdezic9fTpZvwpXNbieABRKdO1FnC1cics943pLQtpk6P2KD40ji1EKUKcHH0EXqrA-5KWYH7RNn1ssXysVpE1PXRKJvyoWMAwBFdGkCnuGCnwtpzd-09BQ2mwh1Y78-efAd55lvD8adJO9crTghIgnOH75kX2kUQWKK9OX1BL4F0V-Ko5rP3KjINS12k9MraKNSXq5sKf9KT4QyYBHi1EqXkAphc3lEH2cVMLlZq__zdnoQIsnB2LnOHQTLZWZ7uuUwwiIsQndsPkqNqNfcmagAg881x7qvs_8MT0aprbiLHdkunjtYEtPS3A4AWoH5Y-CK2GsESdN7lE_k7Ywe7JxYjTg7iDmnfQ6s4LY-ksGJ5s7Hga7MC5NskKXoTeIkZ_gcQMEoD1pL0syz-zJdySM8aRbSUQ4MPvDLgtDzGcfXjT2n81f2TAXzjD_7g_18Hm9liE4y231zApnI1_cS8RZ2SOkWq23cJnqD41HWaPrudeblr6EURJxTKYjwZ-PvT0xIjrKtPY4fxDQokMqMmBNOircBexnR9sH2t3rAfCQ0wO0OW2FuVfO-umzHN9USZiS-qTq1uo8TuPPjZIaZ6KQ3x-n6iv087FfEFyRyOrdL1rn1iuTM4tf5Rzyi7iVKtZSZI186GQ4fEPiaz_n9hh4kExKIYrOjbn-f2nzMh2Ep7Q7wUiPaALtxsaGvI0s16uvvX5VWqziEK0AMA27Os7FOHx9UC_ak_Fq7xRCJ5FFUoba-xhdEjPar8Bb0V0AgXOESR4OVMPNyqBFhg4m4ZtCGoztPgyeMgWlcv39J0S4cG9nO-t1VSyb2Zfk_kSN3n7KKz2XGqwTEGdTlxEDKl5trdh-Vktv3gYUBLuh2wjfrhV5DZfSbolWGvrmflQf9hJe7UTjUDpMes7NSLCHLMBz34e5fh2DudSP5btbLawEHEHfcOTRKUPrlm8jI2VCQTLa7hqDkdvgCJW__dtVUMP3bzz3aJiqWrXzzHo4-Vth24IOPAlOKmY6jCHooZSk5_J6JO-8qskRSo0S1vbhRhWYrRJ1JwRJ4Gwh7NWbzqDOPoZ6RJqTFA4myNxXuKErgq3Ye0Jz_sDqaJ6cVJsxDzKv6esaGWycmFBps8LVPFLifW2P4kbT-W8LVAPKhY0iQcIzOZuUVctSTJVdR6O-ZxtlhAVLZyQ8onWtSNYlD1TyAFnNgZhjn4PT0B-1caCVZ_MHVQGfekiXIZ8PH5pGJYH9h5BP3jKtulXdOmWacgqBVjPFcgxKNjueZFj9g5ciBgOsqh6o_e8qbnMO4TElszIlmupCdP1DmDJXI0DaEVOu5s4J7ywm7NLbscS7k7aDvEnX959g_peEaozwgtk1MNcdYSkPdYtD9NkLW2owTBJNCIP8ps8R6FTYYR4qMbArSp6HkFirYSX4AsZW5Y6DzPCbIFqsjh5oG6A8DpIyzv4Mah8G89YkOuRMDbF68fChCqq3qyTv5m7E--ksytbaWHlrt7VAIKiGRzwZux6vm3KhyL0tLFY5hmXUIuTLjK-AoHyqcRF27FZaWmL_NYo-SsLb82bNmKQoHuc12XVn-wPyIoR3CncpxocnNZMl2s_4M_Yeu2Pvl-UIzcGIda6tLPdChwZkxWO5p4q0jAIqEY2kw6I4FqNilJGbATZ0TyXgTRgUWtyPCxx0nQF33W3MSg4cIrNn4dm8Kurt3JYmPgFkogyuVQmNYqulHtn984XhXmPXr5b_SP9-mTV0_dxBPY_NdH46DnmCZUExu59GLOeCVkFD6hBp34kquwoNACROk4l67cNkp2VX-tTrFjbG-tFz-KZ0dqYstHC3QMWBsBYcwo4RAzVx9eap6ov4MJOpTE-H3fDR5ujssmjQTJ-iBSjezCB-VyM2QhLUFzgjpy9wbVgpP_UcnAazxx8Uuysi65kccqlnFl5sExnyQpQztO5aFR_rsTLywToNon-d6raqNICPFZEr7YqwOPkOlF-b61s3vAIDMXRrPKou1gjpfx3HoRhdxqc6_L9mMGzgatmwSGALnLBfo6290KeWzJlD1eM1q8DBE_QI_KXK7_RRFvRZwsgcs5zPl4p_Xsh4rEOBF8tr0ZA084sb8yiPSg9hcBhnErkKZwPiqU_iAyjccMbBG4ycpy3CTu70sZxy0UeNz2D-CcarazqgwK52mJTzP4SnknpmugaDgjPHGjIrqjBzgmIoQcN9uzJIyxEpOsJGUG6pOaTn5fsCl1wECMwj44ZpXAkf1zmTg&cid=CAASKORonBr4gFBev2cp5qFsveoOMRCWp5LSJhi2PPlUhP_2zxA7ElKdSps&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d47ba8428cacc9252d052784dc6573ba82a5bde0a942c7a80850436a81eabc59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16432
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E3CF 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CQBVxHZzCMY-EsWnmkAMVjVfzRuuz0UjxPlDlPdb0Vdu7ROHYobjkhb_m-Fp5SAWqPUVr6pDkDC0Y9IsasFm4JUuUN-kL-PGn4KhcEOYu-GrbxCGo
Requested by
Host: c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
URL: https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame E3CF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js
Requested by
Host: c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
URL: https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:31:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E3CF 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
URL: https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36343
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646830771070120"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame E3CF 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
URL: https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:29:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6397
x-xss-protection
0
server
cafe
etag
14404976697706490601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:29:53 GMT
l
www.google.com/ads/measurement/ Frame E3CF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTrO_M6cvSZHsO9jNYwnOeCCBsZpGZkUMFT0yT-jYZfjSTKcbd8uWjG73mFpYSeZiMAHFHQzmWY5NQN4VT4MXAvt9bRmw
Requested by
Host: c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
URL: https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 50E7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030801&jk=3329168481610479&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame C11D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030801&jk=3627229347754885&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 1805 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030801&jk=1762645860729642&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 2A2F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030801&jk=3217454138234025&rc=null
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame B0FB 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame 5A14 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame 61D8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame EF51 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame 95A1 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
/
api.purpleads.io/x/b/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=6&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=66918125-e889-4222-8a97-cbd6848d5ebd&demand=cybermedia&ts=1647167502311
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
349620e1a7233d74138f3c20c21b9e518440d61d3a6087894638405b45c3cee1

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
etag
W/"2407-GgMuMR51AcZZVhx2PRY3wynuDpY"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
3709af26-0fb8-4fbb-ba6c-cdfc1bfb96d9
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=6&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=66918125-e889-4222-8a97-cbd6848d5ebd&demand=cybermedia&ts=1647167502311
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
dc379461-6e35-4ca3-8428-0471529f3cb5
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 63EB 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
e865ba2ca00e11081a85a9c02951a24ff5ad447974bfaf3daa5356339bc02b6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27723
x-xss-protection
0
server
sffe
etag
"1157 / 384 of 1000 / last-modified: 1647040256"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 13 Mar 2022 10:31:42 GMT
css
fonts.googleapis.com/ Frame 80F0 		708 B
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato&display=swap
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
230f27646f2460a7e13106d06ec50cb822acf254ae08fba4058aa06ca57b9dab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 13 Mar 2022 09:42:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 13 Mar 2022 10:31:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Mar 2022 10:31:42 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 80F0 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
e865ba2ca00e11081a85a9c02951a24ff5ad447974bfaf3daa5356339bc02b6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27723
x-xss-protection
0
server
sffe
etag
"1157 / 396 of 1000 / last-modified: 1647040256"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 13 Mar 2022 10:31:42 GMT
rum
dsum-sec.casalemedia.com/ Frame 63D5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNVA6D19NIfd0UzusPG2c7gRgQSKBdI4YhthJ-hLc0st4RZF2i1ySJXxOc2FxtjI5LXu_ehlWlSuPFuLpxu86YVCyAsFzLp0mSM86f6DIHc8c2526iQ3Mpjo9AyL4YKk88I9yLsEfv7V9oCb88XP59mnh7_I0_CqHBTW1MCtfGKNUvONyf0
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Mar 2022 10:31:42 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 63D5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yi3IDk7X9JUGhnCcR6qUaAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNVA6D19NIfd0UzusPG2c7gRgQSKBdI4YhthJ-hLc0st4RZF2i1ySJXxOc2FxtjI5LXu_ehlWlSuPFuLpxu86YVCyAsFzLp0mSM86f6DIHc8c2526iQ3Mpjo9AyL4YKk88I9yLsEfv7V9oCb88XP59mnh7_I0_CqHBTW1MCtfGKNUvONyf0
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Mar 2022 10:31:42 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 63D5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEENPInjLi8l5Frr3ASPO5Nw&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEENPInjLi8l5Frr3ASPO5Nw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNVA6D19NIfd0UzusPG2c7gRgQSKBdI4YhthJ-hLc0st4RZF2i1ySJXxOc2FxtjI5LXu_ehlWlSuPFuLpxu86YVCyAsFzLp0mSM86f6DIHc8c2526iQ3Mpjo9AyL4YKk88I9yLsEfv7V9oCb88XP59mnh7_I0_CqHBTW1MCtfGKNUvONyf0
Protocol
HTTP/1.1
Server
185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
71908296-fc3a-48e1-851f-aceaeb435253
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEENPInjLi8l5Frr3ASPO5Nw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 63D5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxMDg0MTYxMDgyOTg5MjczNA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxMDg0MTYxMDgyOTg5MjczNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNVA6D19NIfd0UzusPG2c7gRgQSKBdI4YhthJ-hLc0st4RZF2i1ySJXxOc2FxtjI5LXu_ehlWlSuPFuLpxu86YVCyAsFzLp0mSM86f6DIHc8c2526iQ3Mpjo9AyL4YKk88I9yLsEfv7V9oCb88XP59mnh7_I0_CqHBTW1MCtfGKNUvONyf0
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0a137fca-881e-45de-acb8-f936e7bcde66
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxMDg0MTYxMDgyOTg5MjczNA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame E3CF 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-HElDJlwRxJokT4y-zrYt-PFAZ0AOIPrgBOeVCkui8zjyRtHYPa6_Lg6LlwqY4Mv2IOJO6NSIGHqCaChm_g4BdDHCyMTli5DUGG3_pm_uBUBPZANgPP7Ma-Y9XDSWDmnbEh4OvS8jhG7d2BJ0RKD6FJ5mOQ&cry=1&dbm_d=AKAmf-BciCc_F4f0YBf7P6q94xeesUp3uBhFuHJRNNU0ngpZ6dewiG5D6BYdhFfZsAiiDdvEmPnFCvkcykPTz348mbXQONflC72wKPS0H9T5E6dzXZPKKuTtPJjhANs6eM6s5zI07NOUrAkdqRPlzc1Tz6dqFAh3Up6gDXe-wCcpvaNoUIjrZjeUWSS9Jgl5LWuVXY0l5ZAeeI291uPkn7ZiaQEOpUZ_8gBPlIaIXJ-CQBZvNc0Pz2wF2zEnnGBI0VtuSYqmhCfnOY8mI_CvU4RDfd-eIdAZGQEGVJG6l8pmc5N5yJKC2YlIq7aokvx01JPmSAjtkKmm-gGBdYaiUuoObXs94PQTdMAaSxV_ufO8-RBcolfTbH2AlclKnoeuybecc7qqSnRSg46zVENG_vmXVboOHrJFWbCLz9joAQldLKBujwLwCIpwtJhSOd5Oig88mSUEPpbanbZfNnDf68TQsm2_94oVjgGxBgmAd9BjaLxUyadyMLyQTuLhrl17EGatH9f8GhCBew-_sx5KAhUxrtSyUZQv1h5hlU3QzbiaOIcmjMEdVLCgTanlLtjC4mPbDusIuY1U0ephVeDvWcj2xSrqdv8ZjF0qREzr-4fMSuYDKyo8CZ3bmUw9bVf7B_edMLX4sYe12W8VovwY9jcf2k4ZmXNbzYyJsUk1r9XdLK01ociBujaEiM0K2G1XxH8DcusrI7A1mJz-e9Uz-d8NbBLyGXotYpjazSi-5x6z2pe_zZMLRZRcHg4rHP58vgpLnQ8W3lXeAvnZymkNrKSbDX1qcSCSJR7Ioo79rVC4Z8S3ZdN4EAHc9lTlnOI1DrDv3hwXhqei3SDWAkFqbtg3AP5KpytieiZnFOFYUr75_ozhNXwCYUk1dSZgFqq96Kpy8KbpsoXf5vvWCQYnsQvhbvOLwZiAAejNj6n72ghDrnIH6PPSk9em2ReyA5TOx3YDWl-pOSNJ3eZOiFht4IPs_3t86W85FSqiennfOYbJ495Ke8IXYqFQO2diTJ6s67_pK-gqObjlBm8bnr3ESVYdezic9fTpZvwpXNbieABRKdO1FnC1cics943pLQtpk6P2KD40ji1EKUKcHH0EXqrA-5KWYH7RNn1ssXysVpE1PXRKJvyoWMAwBFdGkCnuGCnwtpzd-09BQ2mwh1Y78-efAd55lvD8adJO9crTghIgnOH75kX2kUQWKK9OX1BL4F0V-Ko5rP3KjINS12k9MraKNSXq5sKf9KT4QyYBHi1EqXkAphc3lEH2cVMLlZq__zdnoQIsnB2LnOHQTLZWZ7uuUwwiIsQndsPkqNqNfcmagAg881x7qvs_8MT0aprbiLHdkunjtYEtPS3A4AWoH5Y-CK2GsESdN7lE_k7Ywe7JxYjTg7iDmnfQ6s4LY-ksGJ5s7Hga7MC5NskKXoTeIkZ_gcQMEoD1pL0syz-zJdySM8aRbSUQ4MPvDLgtDzGcfXjT2n81f2TAXzjD_7g_18Hm9liE4y231zApnI1_cS8RZ2SOkWq23cJnqD41HWaPrudeblr6EURJxTKYjwZ-PvT0xIjrKtPY4fxDQokMqMmBNOircBexnR9sH2t3rAfCQ0wO0OW2FuVfO-umzHN9USZiS-qTq1uo8TuPPjZIaZ6KQ3x-n6iv087FfEFyRyOrdL1rn1iuTM4tf5Rzyi7iVKtZSZI186GQ4fEPiaz_n9hh4kExKIYrOjbn-f2nzMh2Ep7Q7wUiPaALtxsaGvI0s16uvvX5VWqziEK0AMA27Os7FOHx9UC_ak_Fq7xRCJ5FFUoba-xhdEjPar8Bb0V0AgXOESR4OVMPNyqBFhg4m4ZtCGoztPgyeMgWlcv39J0S4cG9nO-t1VSyb2Zfk_kSN3n7KKz2XGqwTEGdTlxEDKl5trdh-Vktv3gYUBLuh2wjfrhV5DZfSbolWGvrmflQf9hJe7UTjUDpMes7NSLCHLMBz34e5fh2DudSP5btbLawEHEHfcOTRKUPrlm8jI2VCQTLa7hqDkdvgCJW__dtVUMP3bzz3aJiqWrXzzHo4-Vth24IOPAlOKmY6jCHooZSk5_J6JO-8qskRSo0S1vbhRhWYrRJ1JwRJ4Gwh7NWbzqDOPoZ6RJqTFA4myNxXuKErgq3Ye0Jz_sDqaJ6cVJsxDzKv6esaGWycmFBps8LVPFLifW2P4kbT-W8LVAPKhY0iQcIzOZuUVctSTJVdR6O-ZxtlhAVLZyQ8onWtSNYlD1TyAFnNgZhjn4PT0B-1caCVZ_MHVQGfekiXIZ8PH5pGJYH9h5BP3jKtulXdOmWacgqBVjPFcgxKNjueZFj9g5ciBgOsqh6o_e8qbnMO4TElszIlmupCdP1DmDJXI0DaEVOu5s4J7ywm7NLbscS7k7aDvEnX959g_peEaozwgtk1MNcdYSkPdYtD9NkLW2owTBJNCIP8ps8R6FTYYR4qMbArSp6HkFirYSX4AsZW5Y6DzPCbIFqsjh5oG6A8DpIyzv4Mah8G89YkOuRMDbF68fChCqq3qyTv5m7E--ksytbaWHlrt7VAIKiGRzwZux6vm3KhyL0tLFY5hmXUIuTLjK-AoHyqcRF27FZaWmL_NYo-SsLb82bNmKQoHuc12XVn-wPyIoR3CncpxocnNZMl2s_4M_Yeu2Pvl-UIzcGIda6tLPdChwZkxWO5p4q0jAIqEY2kw6I4FqNilJGbATZ0TyXgTRgUWtyPCxx0nQF33W3MSg4cIrNn4dm8Kurt3JYmPgFkogyuVQmNYqulHtn984XhXmPXr5b_SP9-mTV0_dxBPY_NdH46DnmCZUExu59GLOeCVkFD6hBp34kquwoNACROk4l67cNkp2VX-tTrFjbG-tFz-KZ0dqYstHC3QMWBsBYcwo4RAzVx9eap6ov4MJOpTE-H3fDR5ujssmjQTJ-iBSjezCB-VyM2QhLUFzgjpy9wbVgpP_UcnAazxx8Uuysi65kccqlnFl5sExnyQpQztO5aFR_rsTLywToNon-d6raqNICPFZEr7YqwOPkOlF-b61s3vAIDMXRrPKou1gjpfx3HoRhdxqc6_L9mMGzgatmwSGALnLBfo6290KeWzJlD1eM1q8DBE_QI_KXK7_RRFvRZwsgcs5zPl4p_Xsh4rEOBF8tr0ZA084sb8yiPSg9hcBhnErkKZwPiqU_iAyjccMbBG4ycpy3CTu70sZxy0UeNz2D-CcarazqgwK52mJTzP4SnknpmugaDgjPHGjIrqjBzgmIoQcN9uzJIyxEpOsJGUG6pOaTn5fsCl1wECMwj44ZpXAkf1zmTg&cid=CAASKORonBr4gFBev2cp5qFsveoOMRCWp5LSJhi2PPlUhP_2zxA7ElKdSps&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
947e22d9ed05fbe3f5ed3c4ee35618a1910a85968f48a22c0277f9936f2eb769
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
5177785407398320510
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:31:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E3CF 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-HElDJlwRxJokT4y-zrYt-PFAZ0AOIPrgBOeVCkui8zjyRtHYPa6_Lg6LlwqY4Mv2IOJO6NSIGHqCaChm_g4BdDHCyMTli5DUGG3_pm_uBUBPZANgPP7Ma-Y9XDSWDmnbEh4OvS8jhG7d2BJ0RKD6FJ5mOQ&cry=1&dbm_d=AKAmf-BciCc_F4f0YBf7P6q94xeesUp3uBhFuHJRNNU0ngpZ6dewiG5D6BYdhFfZsAiiDdvEmPnFCvkcykPTz348mbXQONflC72wKPS0H9T5E6dzXZPKKuTtPJjhANs6eM6s5zI07NOUrAkdqRPlzc1Tz6dqFAh3Up6gDXe-wCcpvaNoUIjrZjeUWSS9Jgl5LWuVXY0l5ZAeeI291uPkn7ZiaQEOpUZ_8gBPlIaIXJ-CQBZvNc0Pz2wF2zEnnGBI0VtuSYqmhCfnOY8mI_CvU4RDfd-eIdAZGQEGVJG6l8pmc5N5yJKC2YlIq7aokvx01JPmSAjtkKmm-gGBdYaiUuoObXs94PQTdMAaSxV_ufO8-RBcolfTbH2AlclKnoeuybecc7qqSnRSg46zVENG_vmXVboOHrJFWbCLz9joAQldLKBujwLwCIpwtJhSOd5Oig88mSUEPpbanbZfNnDf68TQsm2_94oVjgGxBgmAd9BjaLxUyadyMLyQTuLhrl17EGatH9f8GhCBew-_sx5KAhUxrtSyUZQv1h5hlU3QzbiaOIcmjMEdVLCgTanlLtjC4mPbDusIuY1U0ephVeDvWcj2xSrqdv8ZjF0qREzr-4fMSuYDKyo8CZ3bmUw9bVf7B_edMLX4sYe12W8VovwY9jcf2k4ZmXNbzYyJsUk1r9XdLK01ociBujaEiM0K2G1XxH8DcusrI7A1mJz-e9Uz-d8NbBLyGXotYpjazSi-5x6z2pe_zZMLRZRcHg4rHP58vgpLnQ8W3lXeAvnZymkNrKSbDX1qcSCSJR7Ioo79rVC4Z8S3ZdN4EAHc9lTlnOI1DrDv3hwXhqei3SDWAkFqbtg3AP5KpytieiZnFOFYUr75_ozhNXwCYUk1dSZgFqq96Kpy8KbpsoXf5vvWCQYnsQvhbvOLwZiAAejNj6n72ghDrnIH6PPSk9em2ReyA5TOx3YDWl-pOSNJ3eZOiFht4IPs_3t86W85FSqiennfOYbJ495Ke8IXYqFQO2diTJ6s67_pK-gqObjlBm8bnr3ESVYdezic9fTpZvwpXNbieABRKdO1FnC1cics943pLQtpk6P2KD40ji1EKUKcHH0EXqrA-5KWYH7RNn1ssXysVpE1PXRKJvyoWMAwBFdGkCnuGCnwtpzd-09BQ2mwh1Y78-efAd55lvD8adJO9crTghIgnOH75kX2kUQWKK9OX1BL4F0V-Ko5rP3KjINS12k9MraKNSXq5sKf9KT4QyYBHi1EqXkAphc3lEH2cVMLlZq__zdnoQIsnB2LnOHQTLZWZ7uuUwwiIsQndsPkqNqNfcmagAg881x7qvs_8MT0aprbiLHdkunjtYEtPS3A4AWoH5Y-CK2GsESdN7lE_k7Ywe7JxYjTg7iDmnfQ6s4LY-ksGJ5s7Hga7MC5NskKXoTeIkZ_gcQMEoD1pL0syz-zJdySM8aRbSUQ4MPvDLgtDzGcfXjT2n81f2TAXzjD_7g_18Hm9liE4y231zApnI1_cS8RZ2SOkWq23cJnqD41HWaPrudeblr6EURJxTKYjwZ-PvT0xIjrKtPY4fxDQokMqMmBNOircBexnR9sH2t3rAfCQ0wO0OW2FuVfO-umzHN9USZiS-qTq1uo8TuPPjZIaZ6KQ3x-n6iv087FfEFyRyOrdL1rn1iuTM4tf5Rzyi7iVKtZSZI186GQ4fEPiaz_n9hh4kExKIYrOjbn-f2nzMh2Ep7Q7wUiPaALtxsaGvI0s16uvvX5VWqziEK0AMA27Os7FOHx9UC_ak_Fq7xRCJ5FFUoba-xhdEjPar8Bb0V0AgXOESR4OVMPNyqBFhg4m4ZtCGoztPgyeMgWlcv39J0S4cG9nO-t1VSyb2Zfk_kSN3n7KKz2XGqwTEGdTlxEDKl5trdh-Vktv3gYUBLuh2wjfrhV5DZfSbolWGvrmflQf9hJe7UTjUDpMes7NSLCHLMBz34e5fh2DudSP5btbLawEHEHfcOTRKUPrlm8jI2VCQTLa7hqDkdvgCJW__dtVUMP3bzz3aJiqWrXzzHo4-Vth24IOPAlOKmY6jCHooZSk5_J6JO-8qskRSo0S1vbhRhWYrRJ1JwRJ4Gwh7NWbzqDOPoZ6RJqTFA4myNxXuKErgq3Ye0Jz_sDqaJ6cVJsxDzKv6esaGWycmFBps8LVPFLifW2P4kbT-W8LVAPKhY0iQcIzOZuUVctSTJVdR6O-ZxtlhAVLZyQ8onWtSNYlD1TyAFnNgZhjn4PT0B-1caCVZ_MHVQGfekiXIZ8PH5pGJYH9h5BP3jKtulXdOmWacgqBVjPFcgxKNjueZFj9g5ciBgOsqh6o_e8qbnMO4TElszIlmupCdP1DmDJXI0DaEVOu5s4J7ywm7NLbscS7k7aDvEnX959g_peEaozwgtk1MNcdYSkPdYtD9NkLW2owTBJNCIP8ps8R6FTYYR4qMbArSp6HkFirYSX4AsZW5Y6DzPCbIFqsjh5oG6A8DpIyzv4Mah8G89YkOuRMDbF68fChCqq3qyTv5m7E--ksytbaWHlrt7VAIKiGRzwZux6vm3KhyL0tLFY5hmXUIuTLjK-AoHyqcRF27FZaWmL_NYo-SsLb82bNmKQoHuc12XVn-wPyIoR3CncpxocnNZMl2s_4M_Yeu2Pvl-UIzcGIda6tLPdChwZkxWO5p4q0jAIqEY2kw6I4FqNilJGbATZ0TyXgTRgUWtyPCxx0nQF33W3MSg4cIrNn4dm8Kurt3JYmPgFkogyuVQmNYqulHtn984XhXmPXr5b_SP9-mTV0_dxBPY_NdH46DnmCZUExu59GLOeCVkFD6hBp34kquwoNACROk4l67cNkp2VX-tTrFjbG-tFz-KZ0dqYstHC3QMWBsBYcwo4RAzVx9eap6ov4MJOpTE-H3fDR5ujssmjQTJ-iBSjezCB-VyM2QhLUFzgjpy9wbVgpP_UcnAazxx8Uuysi65kccqlnFl5sExnyQpQztO5aFR_rsTLywToNon-d6raqNICPFZEr7YqwOPkOlF-b61s3vAIDMXRrPKou1gjpfx3HoRhdxqc6_L9mMGzgatmwSGALnLBfo6290KeWzJlD1eM1q8DBE_QI_KXK7_RRFvRZwsgcs5zPl4p_Xsh4rEOBF8tr0ZA084sb8yiPSg9hcBhnErkKZwPiqU_iAyjccMbBG4ycpy3CTu70sZxy0UeNz2D-CcarazqgwK52mJTzP4SnknpmugaDgjPHGjIrqjBzgmIoQcN9uzJIyxEpOsJGUG6pOaTn5fsCl1wECMwj44ZpXAkf1zmTg&cid=CAASKORonBr4gFBev2cp5qFsveoOMRCWp5LSJhi2PPlUhP_2zxA7ElKdSps&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 13:19:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162740
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Mar 2023 13:19:22 GMT
container.html
c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6060 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:31:42 GMT
expires
Mon, 13 Mar 2023 10:31:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
api.purpleads.io/x/a/37435893f0fea1b1526dd7aee0f16ef9:66516a7840c8d4b4ab78b373a6eb404685c9d3ce02675f47b36105174295ce90f22a7a9cb149a19f999d671c5e486afad3ad83e8afa91c279cfa4075e64ec8dd4c2c30db1e1427e... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/37435893f0fea1b1526dd7aee0f16ef9:66516a7840c8d4b4ab78b373a6eb404685c9d3ce02675f47b36105174295ce90f22a7a9cb149a19f999d671c5e486afad3ad83e8afa91c279cfa4075e64ec8dd4c2c30db1e1427efef9cafdc88a8a32b749a5f51ab345e3d526145254f614f749075850949afd70677a6fedd183d7de1b396245ec86935fd615879b6ad6575586b2e8543391f189f6ccfffd644077d06/i?id=aab4f66a-b422-4c23-a88b-bdaacc34ef3d&ts=1647167502548
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
e52a24cc-6ae2-441a-9182-3f4a01ee3632
i
api.purpleads.io/x/a/37435893f0fea1b1526dd7aee0f16ef9:66516a7840c8d4b4ab78b373a6eb404685c9d3ce02675f47b36105174295ce90f22a7a9cb149a19f999d671c5e486afad3ad83e8afa91c279cfa4075e64ec8dd4c2c30db1e1427e... 		0
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/37435893f0fea1b1526dd7aee0f16ef9:66516a7840c8d4b4ab78b373a6eb404685c9d3ce02675f47b36105174295ce90f22a7a9cb149a19f999d671c5e486afad3ad83e8afa91c279cfa4075e64ec8dd4c2c30db1e1427efef9cafdc88a8a32b749a5f51ab345e3d526145254f614f749075850949afd70677a6fedd183d7de1b396245ec86935fd615879b6ad6575586b2e8543391f189f6ccfffd644077d06/i?id=aab4f66a-b422-4c23-a88b-bdaacc34ef3d&ts=1647167502548
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

access-control-allow-origin
https://nets4.com
date
Sun, 13 Mar 2022 10:31:42 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
9c2f702e-6761-42c0-835c-2c8b6af655dd
pubads_impl_2022030801.js
securepubads.g.doubleclick.net/gpt/ Frame 63EB 		358 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
c00983dee008b49458960478c1cb482043faa725f62c00717915fabddb69bfa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1743
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123897
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 09:34:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Mar 2023 10:02:39 GMT
uuid:52425aa3-28ea-213a-5876-213a28ea5242
/ Frame 1389 		17 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
URN
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
215568fc549dd57a2be6a6e7ecaec66ef0307923832ed445deded31cbe258655
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-Content-Type-Options
nosniff
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
i
api.purpleads.io/x/a/6ec808438b31bfa59b623b8b97743ee0:5c0267632a6dd5260ec7ba7189716bd524fc972c4511b663cd786e2ebd94b7829d34fbdd14fb58712274d1e5fc6ea912470b661e8a3e3897b32bab0a6e65365f73d03ff0313b666... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/6ec808438b31bfa59b623b8b97743ee0:5c0267632a6dd5260ec7ba7189716bd524fc972c4511b663cd786e2ebd94b7829d34fbdd14fb58712274d1e5fc6ea912470b661e8a3e3897b32bab0a6e65365f73d03ff0313b6668766f8bf253f07ef3085b28176cb0e725b07514f3a7aae9689b266f777d692a3d3529dc28c8626dd2aa6b62aa0e284d7f81e48b77f5f27c4db893ed46d4ddee0ac3ab39a7dfc9186d/i?id=e23e3e79-d46b-4316-91a8-974faccbde87&ts=1647167502615
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
d56160d1-0dbb-417e-9a6d-2ce739d1c9c0
i
api.purpleads.io/x/a/6ec808438b31bfa59b623b8b97743ee0:5c0267632a6dd5260ec7ba7189716bd524fc972c4511b663cd786e2ebd94b7829d34fbdd14fb58712274d1e5fc6ea912470b661e8a3e3897b32bab0a6e65365f73d03ff0313b666... 		0
200 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/6ec808438b31bfa59b623b8b97743ee0:5c0267632a6dd5260ec7ba7189716bd524fc972c4511b663cd786e2ebd94b7829d34fbdd14fb58712274d1e5fc6ea912470b661e8a3e3897b32bab0a6e65365f73d03ff0313b6668766f8bf253f07ef3085b28176cb0e725b07514f3a7aae9689b266f777d692a3d3529dc28c8626dd2aa6b62aa0e284d7f81e48b77f5f27c4db893ed46d4ddee0ac3ab39a7dfc9186d/i?id=e23e3e79-d46b-4316-91a8-974faccbde87&ts=1647167502615
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

access-control-allow-origin
https://nets4.com
date
Sun, 13 Mar 2022 10:31:42 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
45548a59-3ab4-46cb-b4ce-3f6d13db1fb9
generate_204
tpc.googlesyndication.com/ Frame B0FB 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?pj0UqA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 5A14 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?7OOpWw
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1389 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ANcCjOKCoUai6zsW1CDYynetd-L_GIPz2TnrdjEk-XOmI9PHJOQhSH0_2peA6GKT-PAcjhVtb5BN6Cxa-7Db_gRo5kwQzQtRzwb7CL_zunYfyyy0U
Requested by
Host: uuid
URL: urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 1389 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js
Requested by
Host: uuid
URL: urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:31:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1389 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: uuid
URL: urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36343
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646830771070120"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 1389 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: uuid
URL: urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:29:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6397
x-xss-protection
0
server
cafe
etag
14404976697706490601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:29:53 GMT
l
www.google.com/ads/measurement/ Frame 1389 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRB-h8kf2TuW61_WXpNue9Jv_1m5odTOghwxCsuZU1-K8q25yNmx4Cwbib3iromAl7cTKEP8knLE8hBFXrReX7wic9Y8g
Requested by
Host: uuid
URL: urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame B2ED 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
e865ba2ca00e11081a85a9c02951a24ff5ad447974bfaf3daa5356339bc02b6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27723
x-xss-protection
0
server
sffe
etag
"1157 / 186 of 1000 / last-modified: 1647040256"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 13 Mar 2022 10:31:42 GMT
t43ocmuaiycq
hal9000.redintelligence.net/zone/ Frame E3CF 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/t43ocmuaiycq?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB1faDcgtYve2NMGPrASP0In4BN2t6KhgqNy3x7kK8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9DidfI3GWyJxBWGrxOzGNOib5cOH1PXchBV1nb8VWpT5DwsztfLHWKzJn23hzA9L4RVYtJ2MHrznZ5LOFH7geyMVafgcCbpmroLNiYFCDcFi_lqPTXAmj8Y-VaChIWMu_BMyAobdDoLg3ZfoVNaW13K8P_iDbzb--bdOqr4Gks-3eM7IR0_E804eIXhgNmokWhoF7W_5Ckdf4Vdkyf6olP1obY4Nv9arehbebNrVv5No6oLbTeSgfrF1RYkE4erFURDvlNZFAPe9Mk-7lcd9j3VgxLG-7BaDdeZn60VycAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORonBr4gFBev2cp5qFsveoOMRCWp5LSJhi2PPlUhP_2zxA7ElKdSps%26sig%3DAOD64_0q8aB6LlcJa9IQoISwV9LOdwqqdw%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-AFfEQ7Bp-qymjlTJXBTL4ysvSmM0mm2mTWktyuKemMEm7HEt0Bdiima91ss84g5qXJgS5WEM9U1qPpS4KNYZPYrb5azDCgOCvcZI5E-yGW5koSh1gjG4Qjn8oW5DTndX03aqU1Xf_9zYqkZugo64a9gL_QVQ%26cry%3D1%26dbm_d%3DAKAmf-AfrZ-2Gzzg4WW8xoOvUzApGL-zPkPvPHqDYqtmG0ZdlilSqJmuJivnv-x7GDUNAO8C-vit6nFEd498Gn9jPb5Ylz2az06zz9ZcV6-3D16_1G4HY8Q47DcT3HTJbTIPjiediPVkNtxKIWmfLIUgTOryH5yk-kwzYXo-TkBzPGn5VaAnCFBXcxDUugs4KJ4yVMIEo59NLIDkVHyiCwY9LDFt4tJnNCcaNGGD7XxPwYYxsGGSkVTQDlddbaCI_nA6CKYMXjgDO3DTACb3VsjLfZ7amaSryO5HT8s88WLqqEE5c4U6K0OECCS1RNTM1ipDTkPXKz2GbdMiFK80-W-E_RMzbG7a3mgDlYYMtJHsolCYjsgBetYG8sUpIaTXVSMkJvICCiiUNhLShXXhrZRW81QRTg5RNSrMJ_IrBI_EDUrtPZ8hkD-Qf_WC82w54XY-34KH3Dxkh1yaTIH4Rmllzu9fW0qrYQ%26adurl%3D
Requested by
Host: c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
URL: https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f2978863218394b3c44f1458d9dde2eb0af779d06b95bb96e3a1aea49803c129

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3966
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8DFC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 11 Mar 2022 13:19:22 GMT
expires
Sat, 11 Mar 2023 13:19:22 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
162740
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5859 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWGfZwIHbw5Q-TGVDPXax0V_jvYpeJlzld1NYHeYJRCPxYvKAKLy7RL4nq1i4S7bwhAXA1NMYX1Rc1jzPtfuRmFobDOcjaJZH8sLH061Wej2Dp5rREfBmzYHCeKv3u8_cs2xOcW1cw1rT4liH4Hm5Bb-8MnDluE7EFZ0qDU5r1yJyJk-2s
Requested by
Host: uuid
URL: urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 13 Mar 2022 10:31:42 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 13 Mar 2022 10:31:42 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1389 		27 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AWNMnczFtr-4p91XLVgMNRupMOLzD7j_0_nnXdDyxfHMOgQOQrnenPid1jiG0RTURHYrkkFhxUhxvoXCaq8L8b_E5Klh7V_KM2aX-8utXLJzQ7j2yY8y2eDF0qilwzB_lJVKDRguZSKmVjM00hpOmiNeKSVQ&cry=1&dbm_d=AKAmf-DtqtvS-Yc8zDWkG_Yp3bKHszHu5SYWpcd9mIFCcZ9cEvdSihRjdG6N8_xvQA5CyiCwJS5AYvZiSb8n4qnWwlOJQ96pMMp4gZdGue1_W0aqKnZQDLuDVxMsOoJolxZ4OcQbOtULzzjekRuC_ztoZiNNAtvCPn_884SqiNYvKEZXmg1Ey5yTIMvuYsKlxs4jbM-h4o6U3xE_vySj65cBIdIq_bKSlpceMz-Fxm1aLRGUSCex05dftqr3Sv6FGwPBb9G39gb-p4SZ_LeUQgksxxy2hXyPWMj_LD3qOUZxqomu4KAimHh1vtVuj7KyqQZnUmIGhSBo1jKmZG4v7d8uS-yhBd7s4PDiETjHBUd0wlCecb1avU0KBOfqal1hbnsDbQyuGMakycBR24yyDDj5FguYzaLYPDabnJgOue4qEvcMAVCsziazedToIsTW-dElok33gCsVIA88024qAbO7cGELs21GIbyCWLXXd_JfeoDNugMTNVl3iiWaDYzV9iQ8vhcCPgutaVxEd1W_PZ7hx-ZsKxEAaaSt-CLntvux-BlNjYnRVbZNWTZ7JWPseFCKRwJMrzqDAt6Ib8LDxovQawI5YpaBScU9TK6jv3tnrQ-hCFe_Elhm4PA-e-BcjVcsQoRHCKQJXu4jBZmHFF1-zhJb9YcHRZTf2U-v6_2ORWPF8b8lEWcZb4_s5MVcy_Y2dp5BaC7DWsKqS1049ub4HkmRhEIvviJVFE8vxH7KI9to9HLHUAHKXTAXYEuVimXTPNah5hiRPurx3uNRLbxnB2YUB5BS99fyZp4kPTdxFbTxJs1VDeDUMqVdjh--KXfbgSbNn8_k_MCbLxsyyf3GqNfQ0R2Mn7G5oGXtVxQ5tkwIMVWUcSG8xoPcXGXuIlWU8-OoAPZ0dklvtics5OPeGKRKBK3WrLhViCqTpolhOJ08l7WuDfgWMwLCsTlL2mkGyjV78w_lOCDrohzkEoVOZG3cl6U5Gyp5Xd7XkTOGqDChUMHS4ibNHgsKvOq8wJ0Fpxd6xZ4ywub71zDygKG90K4laPyKT31LO83unvsOq9BBnIzaKtO1IA1ckTu_a_i_cpzfYnccF1ICApt5a1wFOih0_CP13z0ANyHCbVxz646amnE9HqJMdZBMv3lsCBlIta17FCF2ZwWl6fUfnqEiaIxhv3nG8rLN8vAfVn58ted3gZNmMrL6SfouG3fWJ5Q6frPLbAk9hh8lyVIvoVEsIGyKHC2bvaEa2Ey7VBSjSs94nvA4zLdl8ftdK5Hc7SAtMHeRBuYgBDocdrhCVw27XipDcUuJSMH6zOrXubDhC-n6pOJnmM6bNw9sDqBJxqggWFlEIn7ibZMdfj3ALg-6IQ6ExhpiV4DdUV62_zsjmgmEhkE-vTqjx69yEUdKgLqxiy-4Msu1EgrE7K1pvqOap24hVc7SNdBzPN0Lkrt_xAeu8i-gJPqWFzBQ5XkjG2FTulw_QVnjLIKkhF1mkwlN_p64gY_9o1qE7-J5K1CrYS_MH9pCNIXdKkAWYRpqsd02K-Zk2eIiueQzCKXnQbqUV0dFq_dHfgCTiDrVhhqZUTElXRq6q25vxnUDQsEb2kK4sn_zgWfiR8ixBHVykNXXr4R3xUnJihGBUhnzMJkrTThhh4pTe-_Gyh4VAsjXxP4Y6aixqwNMjenZFZiIf82kQQWxA4BpOLb9d0KdCusU7ZoR-h5BCGz7qgqsS7v-9nr2_30HSfIyC9Vk5_L2Dp2Uav5fa-9ojSih6rwH5hklYkYAv3CAAXLsQa1r0X1GrYJlAB_DFX73serEfK1juvBEXJC0Ad3sLONWNpLfeItpe9uVEnY9QCJWxTTyHLVMtHf4GA5WKgp359bKrMtVIX3QvBB7vIukI3g6gsIoVxa2i1T_bTqSJ2DIQJxQ6aF3wC-j9aBJfosJlEzf2dEz45Uavgb5uyhL6TkuJjDvqD3PbmkYX8rXFw5WC5oGIz8rk4XIzdWKcGSG1tNkcH7zykHMFt3ZPUOeZ9Yd0XmPRYpoRuLkV1S0IX7kDKEk0P738DwdJXBllXDU3eEOM_HHBpoIxYCt03SDwM6z4oY64sl2cb6UgWFw4ktfVJTE7-Xp7L4v0XIQmLuDfNsbAlYuun3Nu-0tH-i2a6crmM-ykHlQIVjIXA507SPzi0LVNYJRyoEi1fj24VkSVBl0452eLfo95n5b3UE_D4jVy0M8RL-b6uXJkcC5reBS1Lj_PXUqDl1-91_zBgrbQ6tp9CcgdmD9SkBLSsDTT7mdr50zpqhXSV0_JIJSbvcHYskt6bdzKI5l0uYVPtuGeGu9yb9Xbb3W6HTbsVIovGtF3jJ8y8FSxr0erN-68YErJH7_QX4WC2FHpyYLFarSkGn3La9O-drb-YPot3dQRD04C5-K4MkwnzJ0B6dmgLruVv3GGjH9--FBvMWR24ha9k20A4CPLjyqUg4zRPLfC1ACWOuUBARr2xyQtDXTEGOUu383KDsiMCVdtkKC7vYxMWVduilc2dA9ypIbR3NAg21LbPDWSy48R-jY42Goo9rjWHrZN4xluxTExQu0ja1gQEfpeCFBnhLOZV4rcftu061TrphdfTlvOihuHUfHN67H7F9UfWTLThdXFNFCCUA6qwEwn5-F2v-JZXMLbXCR-UEHLJbjtcGxXRd4BpCZXXHORwkEIcWBJj5hkvrLgYyYrFfH0nQBuNHAK7hXjZxUFW0_JFE4FJuYurG-oUZ4qCW6e5AZ1tSpiR63sEgdCbvddt9Ou46qXPFMVUy892xzdFpsZLlAyn6jKfnvwMorXdlvVfc60scAhIBzQGPVl6qVtVYoobG-_cHfqv1EB91Z2Q5AF8TF59e6uVKwOeqfrDjOsh-eR2cqerFBvAqZl_HKdzf43nNJ47PFY6gQioInYb_COuFLrQOkvg9t_Sz9QEuYFyn90IyQ_qY6Aha-Lq_QtJJ3zByA2hhc2mkEylt2cM34m5I0jPh6L99arZzG3a3A809br2xj4saxlnaxyAk89bdKQvyClrwy8l_xW777SL374g7cemh3ZPx-gOtRCsbDBd7D_qNz-3jx_oaGPjOhaQtZekd38sUlHCkMlprWWdAI4dmkOO_EBybP9g1m_oamjNfgBiN0Coh7xhapwFKMHf0QL9N2D4B2loam24HYCGIPaXNQBeDGspUYzMQdSIR499A8XBDONXY3OfAtlGAmzpHsz4t41VV-C9zyhPvkB2JLa4c3tfDLbuh_nEn12i8R1rNQnOEnFd5vBgy2_Apf7lv5Z4jZlUyoyBz1qw8eY3imwa8PlT2-k35kH3b_pho&cid=CAASJ-Roil6pWZ_FSRI7pT1YgQwxmSDeHOal2JqyC8P0Yr2Tw33upEgfhg&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2C%2Curn%253Auuid%253A52425aa3-28ea-213a-5876-213a28ea5242%240
Requested by
Host: uuid
URL: urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b98df999bf23647121d5b612d14265d9d1a35e7dfd12f9c3d0bf46394b1a10eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 61D8 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?v2Ks0Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame 80F0 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 19:30:30 GMT
x-content-type-options
nosniff
age
313272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Mar 2023 19:30:30 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D461 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN7YvY8DEImkzJ0DGLGd28QBMAE&v=APEucNV18lTAzB4AK_LqiA2efx5V1akSxjR7egBGmZ4SEobKP5ff9fd4QP-Za2K1dfwvgyKM0OMq3ujJC-OBMvY7Oi7a-a5pOL63KvW0M7JGuh9wQGDVUNAf_EY_I7JSpvphf8Hw9e7VY3oxycr-kL3Xlro52fD5qGe920nMqSn4MW0EZZqIg70
Requested by
Host: c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
URL: https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 13 Mar 2022 10:31:42 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 13 Mar 2022 10:31:42 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 6060 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:19:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
745
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7865
x-xss-protection
0
server
cafe
etag
17470246482903461409
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:19:17 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/elements/html/ Frame 6060 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:25:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
377
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:25:25 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6060 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZAbobWwALBCBakChV8xwNjfe3GTjgHZ8V9pPNTK3uDz5bmgrgnZlJAK79tkGI3MEVi1zj2s4b9yUl4yGcW4MDoReXj-1FsX-ihyueTUkFi6O_XZ7WwOzZ74bdvX39EHGiMM1p3JVYMyRsXiRiazvjlGlsJXputhYlSitmjGdqZleg5sAkB-gm6CwfaLuxabcI-QWitW-koloH1P4DpgEJ7z16EWtN_T8q8IkdI9cwe6xosz62pS0gHyQ9J6PVlHQlzLtvQAeTx3n1xWGBk091rtNFNr7w-0CcqfO5OcGXbkuxL68MEmaR8DQ-ldyWgdIlQre2RNfLmFHKENxeY4Fi4YQ1D35a3PXEcCGdPy0jUqSp5fhYOJ_-m_n7SpOtdRYiDF_RbTAZWulJL8hQAld1ogvDF3_6vxAuRaerVWw1SzCZoy-0A1IGQSWGJQ1LcouFwNezcKBP70iCyJjFw7-hy2K9YOOWE3P8gESx1w2nKwnq7Xh7fVYABLuXkfcZZHHZjkivMZgVmibL1p6NNAxmoqTJ5vAWpk5oYTNHTrIti1J5EUCCMty9nvzYBFCdSqYb8Pxkl2nAPU644f-JR0xjKc8TJLKvVe0pt-uzgiVvLRG7Mka5AjPDskHV3aTDkkTCSqdd5v_Q87wgR3TosYcS2aXAN5bOj0jGvkac81mi8Vx5ZNTYp1oApIhVkPAJEMyXdM1OLx_C1vtWcTU1HryB9k_xqjXQ7SgdqDMHceRcWFUDkYoXYbi1dsrLPndoN3zC_RHMU3mzEs-kP2CsZcKiNhfWLGEEi2YZfL47aDqVzM8cdFMCfnEzmKikJ98q8W2-wWPGCxLgnnx3x3rEJ-3WNi6lcrxYbf-kBBY_2sOwjAvDZnvOvBKMJRRMzLCCM5adg3bzTlOPx_qHq-HCujkNUREpbR_j8CJorLb15hM9i1Fyd3r-eQ9wzYfNFdVSXOraw_w8aUJZWGRQ269O83cHlKn6Yh7kS6ZmCrVJg7VFp7FXs8_iYFKUvubpd-yu0LdCW-UQScB96M-dGKjI8Nx222g9VaR89_A6jdV2ddqgsLwTW-BoZRug_fLbQ8tcDNIh4PXhtO54Ifk_I7AHTmU9iz5pwMk8Y7w-A-5-5BR5pZ40SmEZ&sai=AMfl-YR_YIEPpOhC_GhmGTkdwOl5pPaNPZF-lYaLZMtpxzdWM3FyBGRfhLkXifY242O9i6__cZ0ps9rKyB6ysginuWcJdxqYK06YREw2L0qhULY8PMs_OIEDLcPAhNtmFsW2gwMn-c6OCsWm3-7gBVlUpMRr8qHpslPQ5-juRO5q56DF2iwuktyfGJp-QlyqErsIoHckbKJSEbIarLkbi3YYWDuva0C1o7yaGsQprv4vH4MbFvwQXxUjFdtExYUK2qfW_J9Tiiq9JSzhpRy3oXsQbhAqcdB5o_yh9I3zpHS8Nb9l7WgczwNOCA0-4Yn9h3HfqNxfrYe3Tfz_FN-Dq81pwikNzO7aijewleKyDrkLYGfAbz_T-EgQpXHY9JWITE7O7DDzz-lHKSpVWYQwz8UeMw&sig=Cg0ArKJSzBn81yJxLgaBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220308.97954&adurl=
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sun, 13 Mar 2022 10:31:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6060 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 13:19:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162740
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Mar 2023 13:19:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6060 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CVfbjv4NeoRaqwYqApWrA3JMSGLAINCTc_yTpiJaaEonnosar_b9MThWI9IlJxznsDg25DgX8lsFLVgBUrQseMiEE4XSqQQCzvs7_yMz9WjWxZlec
Requested by
Host: c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
URL: https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 6060 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js
Requested by
Host: c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
URL: https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:31:00 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 6060 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
URL: https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:29:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6397
x-xss-protection
0
server
cafe
etag
14404976697706490601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:29:53 GMT
l
www.google.com/ads/measurement/ Frame 6060 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRK4_wt5h3BSkiV_Amf4uFhqjuev6fYJQw990pw5Vdw2ja5l9QroGIgRzIPR-XZuVQgRt1r3ZduWnLhkxtPlgA4y9hRlA
Requested by
Host: c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
URL: https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6060 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
URL: https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36343
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646830771070120"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:42 GMT
8928051657873516213
s0.2mdn.net/simgad/ Frame 6060 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8928051657873516213
Requested by
Host: c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
URL: https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb768c34f5b170271948a59c94651c37fd1214d64e1bd8863f134c508b905de7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 16:40:15 GMT
x-content-type-options
nosniff
age
237087
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20431
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 12:37:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 Mar 2023 16:40:15 GMT
pubads_impl_2022030801.js
securepubads.g.doubleclick.net/gpt/ Frame 80F0 		358 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
c00983dee008b49458960478c1cb482043faa725f62c00717915fabddb69bfa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1743
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123897
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 09:34:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Mar 2023 10:02:39 GMT
integrator.js
adservice.google.de/adsid/ Frame 63EB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 63EB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 63EB 		501 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1646061999790071&correlator=1012690618161415&eid=31064836%2C31065294%2C44756894&output=ldjh&gdfp_req=1&vrg=2022030801&ptt=17&impl=fifs&sc=1&iu_parts=21902364955%3A22652385948%2Ccm_pu_nets4.com_technology_and_computing_top%2Ccm_pu_nets4.com_technology_and_computing_btf_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600%7C120x600%7C200x200%7C250x250&ifi=1&adks=1946913256&sfv=1-0-38&ecs=20220313&fsapi=false&eri=4&cookie=ID%3D6bf49801c8b0f0f7-225df1845bcd0081%3AT%3D1647167501%3AS%3DALNI_Ma7ZDhgRWOZ6wZhyfuxlce6qtK_ig&abxe=1&dt=1647167502780&dlt=1647167502438&idt=325&biw=1600&bih=1200&isw=160&ish=600&oid=2&adxs=1148&adys=1298&ucis=a6xu9lohn9x&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fjesus.co&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=160x0&msz=160x0&fws=256&ohw=0&ea=0&ga_vid=1312843398.1647167500&ga_sid=1647167503&ga_hid=1006669406&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
2ca375d8fe3464aaefcbf4f826970f9cc795c5875741cfe05afa53937ade429c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
257
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 63EB 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45782083d293574ae5c2febb453d76d965ff2f0c144e816a4e6814fd9814a973
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10684
x-xss-protection
0
container.html
23a21fe3ea42696fcc14fdc866388b53.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DB7D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://23a21fe3ea42696fcc14fdc866388b53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 13 Mar 2022 10:31:42 GMT
expires
Mon, 13 Mar 2023 10:31:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request.php
hal900021.redintelligence.net/ Frame E3CF
Redirect Chain
  • https://hal900021.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=ce5b4e7790&subid=&uid=be8d50cce1e4fb9d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900021.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=ce5b4e7790&subid=&uid=be8d50cce1e4fb9d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900021.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=ce5b4e7790&subid=&uid=be8d50cce1e4fb9d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB1faDcgtYve2NMGPrASP0In4BN2t6KhgqNy3x7kK8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9DidfI3GWyJxBWGrxOzGNOib5cOH1PXchBV1nb8VWpT5DwsztfLHWKzJn23hzA9L4RVYtJ2MHrznZ5LOFH7geyMVafgcCbpmroLNiYFCDcFi_lqPTXAmj8Y-VaChIWMu_BMyAobdDoLg3ZfoVNaW13K8P_iDbzb--bdOqr4Gks-3eM7IR0_E804eIXhgNmokWhoF7W_5Ckdf4Vdkyf6olP1obY4Nv9arehbebNrVv5No6oLbTeSgfrF1RYkE4erFURDvlNZFAPe9Mk-7lcd9j3VgxLG-7BaDdeZn60VycAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORonBr4gFBev2cp5qFsveoOMRCWp5LSJhi2PPlUhP_2zxA7ElKdSps%26sig%3DAOD64_0q8aB6LlcJa9IQoISwV9LOdwqqdw%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-AFfEQ7Bp-qymjlTJXBTL4ysvSmM0mm2mTWktyuKemMEm7HEt0Bdiima91ss84g5qXJgS5WEM9U1qPpS4KNYZPYrb5azDCgOCvcZI5E-yGW5koSh1gjG4Qjn8oW5DTndX03aqU1Xf_9zYqkZugo64a9gL_QVQ%26cry%3D1%26dbm_d%3DAKAmf-AfrZ-2Gzzg4WW8xoOvUzApGL-zPkPvPHqDYqtmG0ZdlilSqJmuJivnv-x7GDUNAO8C-vit6nFEd498Gn9jPb5Ylz2az06zz9ZcV6-3D16_1G4HY8Q47DcT3HTJbTIPjiediPVkNtxKIWmfLIUgTOryH5yk-kwzYXo-TkBzPGn5VaAnCFBXcxDUugs4KJ4yVMIEo59NLIDkVHyiCwY9LDFt4tJnNCcaNGGD7XxPwYYxsGGSkVTQDlddbaCI_nA6CKYMXjgDO3DTACb3VsjLfZ7amaSryO5HT8s88WLqqEE5c4U6K0OECCS1RNTM1ipDTkPXKz2GbdMiFK80-W-E_RMzbG7a3mgDlYYMtJHsolCYjsgBetYG8sUpIaTXVSMkJvICCiiUNhLShXXhrZRW81QRTg5RNSrMJ_IrBI_EDUrtPZ8hkD-Qf_WC82w54XY-34KH3Dxkh1yaTIH4Rmllzu9fW0qrYQ%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=9505920041827&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
URL: https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Server
144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
947f287476fbc9b0c4ca3fc97b70fb7cb6e7d85204d48c5da1b7df38d9fabee8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
28434000045773100757585011897021
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
972
Expires
Sun, 13 Mar 2022 10:31:42 +0100

Redirect headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=ce5b4e7790&subid=&uid=be8d50cce1e4fb9d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB1faDcgtYve2NMGPrASP0In4BN2t6KhgqNy3x7kK8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9DidfI3GWyJxBWGrxOzGNOib5cOH1PXchBV1nb8VWpT5DwsztfLHWKzJn23hzA9L4RVYtJ2MHrznZ5LOFH7geyMVafgcCbpmroLNiYFCDcFi_lqPTXAmj8Y-VaChIWMu_BMyAobdDoLg3ZfoVNaW13K8P_iDbzb--bdOqr4Gks-3eM7IR0_E804eIXhgNmokWhoF7W_5Ckdf4Vdkyf6olP1obY4Nv9arehbebNrVv5No6oLbTeSgfrF1RYkE4erFURDvlNZFAPe9Mk-7lcd9j3VgxLG-7BaDdeZn60VycAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORonBr4gFBev2cp5qFsveoOMRCWp5LSJhi2PPlUhP_2zxA7ElKdSps%26sig%3DAOD64_0q8aB6LlcJa9IQoISwV9LOdwqqdw%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-AFfEQ7Bp-qymjlTJXBTL4ysvSmM0mm2mTWktyuKemMEm7HEt0Bdiima91ss84g5qXJgS5WEM9U1qPpS4KNYZPYrb5azDCgOCvcZI5E-yGW5koSh1gjG4Qjn8oW5DTndX03aqU1Xf_9zYqkZugo64a9gL_QVQ%26cry%3D1%26dbm_d%3DAKAmf-AfrZ-2Gzzg4WW8xoOvUzApGL-zPkPvPHqDYqtmG0ZdlilSqJmuJivnv-x7GDUNAO8C-vit6nFEd498Gn9jPb5Ylz2az06zz9ZcV6-3D16_1G4HY8Q47DcT3HTJbTIPjiediPVkNtxKIWmfLIUgTOryH5yk-kwzYXo-TkBzPGn5VaAnCFBXcxDUugs4KJ4yVMIEo59NLIDkVHyiCwY9LDFt4tJnNCcaNGGD7XxPwYYxsGGSkVTQDlddbaCI_nA6CKYMXjgDO3DTACb3VsjLfZ7amaSryO5HT8s88WLqqEE5c4U6K0OECCS1RNTM1ipDTkPXKz2GbdMiFK80-W-E_RMzbG7a3mgDlYYMtJHsolCYjsgBetYG8sUpIaTXVSMkJvICCiiUNhLShXXhrZRW81QRTg5RNSrMJ_IrBI_EDUrtPZ8hkD-Qf_WC82w54XY-34KH3Dxkh1yaTIH4Rmllzu9fW0qrYQ%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=9505920041827&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Sun, 13 Mar 2022 10:31:42 +0100
pubads_impl_2022030801.js
securepubads.g.doubleclick.net/gpt/ Frame B2ED 		358 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
c00983dee008b49458960478c1cb482043faa725f62c00717915fabddb69bfa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1743
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123897
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 09:34:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Mar 2023 10:02:39 GMT
rum
dsum-sec.casalemedia.com/ Frame 5859
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWGfZwIHbw5Q-TGVDPXax0V_jvYpeJlzld1NYHeYJRCPxYvKAKLy7RL4nq1i4S7bwhAXA1NMYX1Rc1jzPtfuRmFobDOcjaJZH8sLH061Wej2Dp5rREfBmzYHCeKv3u8_cs2xOcW1cw1rT4liH4Hm5Bb-8MnDluE7EFZ0qDU5r1yJyJk-2s
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Mar 2022 10:31:42 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5859
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yi3IDk7X9JUGhnCcR6qUaAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWGfZwIHbw5Q-TGVDPXax0V_jvYpeJlzld1NYHeYJRCPxYvKAKLy7RL4nq1i4S7bwhAXA1NMYX1Rc1jzPtfuRmFobDOcjaJZH8sLH061Wej2Dp5rREfBmzYHCeKv3u8_cs2xOcW1cw1rT4liH4Hm5Bb-8MnDluE7EFZ0qDU5r1yJyJk-2s
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Mar 2022 10:31:42 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5859
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEENPInjLi8l5Frr3ASPO5Nw&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEENPInjLi8l5Frr3ASPO5Nw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWGfZwIHbw5Q-TGVDPXax0V_jvYpeJlzld1NYHeYJRCPxYvKAKLy7RL4nq1i4S7bwhAXA1NMYX1Rc1jzPtfuRmFobDOcjaJZH8sLH061Wej2Dp5rREfBmzYHCeKv3u8_cs2xOcW1cw1rT4liH4Hm5Bb-8MnDluE7EFZ0qDU5r1yJyJk-2s
Protocol
HTTP/1.1
Server
185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b2b7f5bb-d067-4fb8-bec9-7301209b5f29
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEENPInjLi8l5Frr3ASPO5Nw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5859
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxMDg0MTYxMDgyOTg5MjczNA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxMDg0MTYxMDgyOTg5MjczNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWGfZwIHbw5Q-TGVDPXax0V_jvYpeJlzld1NYHeYJRCPxYvKAKLy7RL4nq1i4S7bwhAXA1NMYX1Rc1jzPtfuRmFobDOcjaJZH8sLH061Wej2Dp5rREfBmzYHCeKv3u8_cs2xOcW1cw1rT4liH4Hm5Bb-8MnDluE7EFZ0qDU5r1yJyJk-2s
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3621ebcd-2fd2-42d6-9aa8-131c3cf2e204
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxMDg0MTYxMDgyOTg5MjczNA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D461
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN7YvY8DEImkzJ0DGLGd28QBMAE&v=APEucNV18lTAzB4AK_LqiA2efx5V1akSxjR7egBGmZ4SEobKP5ff9fd4QP-Za2K1dfwvgyKM0OMq3ujJC-OBMvY7Oi7a-a5pOL63KvW0M7JGuh9wQGDVUNAf_EY_I7JSpvphf8Hw9e7VY3oxycr-kL3Xlro52fD5qGe920nMqSn4MW0EZZqIg70
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Mar 2022 10:31:42 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D461
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yi3IDk7X9JUGhnCcR6qUaAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN7YvY8DEImkzJ0DGLGd28QBMAE&v=APEucNV18lTAzB4AK_LqiA2efx5V1akSxjR7egBGmZ4SEobKP5ff9fd4QP-Za2K1dfwvgyKM0OMq3ujJC-OBMvY7Oi7a-a5pOL63KvW0M7JGuh9wQGDVUNAf_EY_I7JSpvphf8Hw9e7VY3oxycr-kL3Xlro52fD5qGe920nMqSn4MW0EZZqIg70
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 13 Mar 2022 10:31:42 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECQx__UuNuZglljIjN5GU7k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame D461
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEENPInjLi8l5Frr3ASPO5Nw&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEENPInjLi8l5Frr3ASPO5Nw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN7YvY8DEImkzJ0DGLGd28QBMAE&v=APEucNV18lTAzB4AK_LqiA2efx5V1akSxjR7egBGmZ4SEobKP5ff9fd4QP-Za2K1dfwvgyKM0OMq3ujJC-OBMvY7Oi7a-a5pOL63KvW0M7JGuh9wQGDVUNAf_EY_I7JSpvphf8Hw9e7VY3oxycr-kL3Xlro52fD5qGe920nMqSn4MW0EZZqIg70
Protocol
HTTP/1.1
Server
185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
99d21977-b123-46d4-839d-96880cd73c5b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEENPInjLi8l5Frr3ASPO5Nw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D461
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxMDg0MTYxMDgyOTg5MjczNA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxMDg0MTYxMDgyOTg5MjczNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN7YvY8DEImkzJ0DGLGd28QBMAE&v=APEucNV18lTAzB4AK_LqiA2efx5V1akSxjR7egBGmZ4SEobKP5ff9fd4QP-Za2K1dfwvgyKM0OMq3ujJC-OBMvY7Oi7a-a5pOL63KvW0M7JGuh9wQGDVUNAf_EY_I7JSpvphf8Hw9e7VY3oxycr-kL3Xlro52fD5qGe920nMqSn4MW0EZZqIg70
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:42 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a47914dc-9b71-4573-9d3c-4756683425f6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxMDg0MTYxMDgyOTg5MjczNA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 54FA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 11 Mar 2022 13:19:22 GMT
expires
Sat, 11 Mar 2023 13:19:22 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
162740
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame 8DFC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
truncated
/ Frame 6060 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1500b60e9892d70bec1c05722802959fe7babc02c8e268c3b10a108bb9070013

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ Frame 80F0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 80F0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 80F0 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4210770730355657&correlator=3618679290001943&eid=31064905%2C44758229%2C31064018&output=ldjh&gdfp_req=1&vrg=2022030801&ptt=17&impl=fifs&sc=1&iu_parts=21902364955%3A22652385948%2Ccm_pu_nets4.com_technology_and_computing_top%2Ccm_pu_nets4.com_technology_and_computing_btf_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=1&adks=2232668132&sfv=1-0-38&ecs=20220313&fsapi=false&eri=4&cookie=ID%3D6bf49801c8b0f0f7-225df1845bcd0081%3AT%3D1647167501%3AS%3DALNI_Ma7ZDhgRWOZ6wZhyfuxlce6qtK_ig&abxe=1&dt=1647167502856&dlt=1647167502486&idt=353&biw=1600&bih=1200&isw=345&ish=85&oid=2&adxs=1244&adys=1121&ucis=cudcw5iqqubq&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fjesus.co&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=345x0&msz=345x0&fws=256&ohw=0&ea=0&ga_vid=1312843398.1647167500&ga_sid=1647167503&ga_hid=526691470&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
dbf6e5b75a285d830029955456eccf8419055e96d252f56a53dfc613cdd74a78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11289
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9F39 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 13 Mar 2022 10:31:42 GMT
expires
Mon, 13 Mar 2023 10:31:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 1389 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AWNMnczFtr-4p91XLVgMNRupMOLzD7j_0_nnXdDyxfHMOgQOQrnenPid1jiG0RTURHYrkkFhxUhxvoXCaq8L8b_E5Klh7V_KM2aX-8utXLJzQ7j2yY8y2eDF0qilwzB_lJVKDRguZSKmVjM00hpOmiNeKSVQ&cry=1&dbm_d=AKAmf-DtqtvS-Yc8zDWkG_Yp3bKHszHu5SYWpcd9mIFCcZ9cEvdSihRjdG6N8_xvQA5CyiCwJS5AYvZiSb8n4qnWwlOJQ96pMMp4gZdGue1_W0aqKnZQDLuDVxMsOoJolxZ4OcQbOtULzzjekRuC_ztoZiNNAtvCPn_884SqiNYvKEZXmg1Ey5yTIMvuYsKlxs4jbM-h4o6U3xE_vySj65cBIdIq_bKSlpceMz-Fxm1aLRGUSCex05dftqr3Sv6FGwPBb9G39gb-p4SZ_LeUQgksxxy2hXyPWMj_LD3qOUZxqomu4KAimHh1vtVuj7KyqQZnUmIGhSBo1jKmZG4v7d8uS-yhBd7s4PDiETjHBUd0wlCecb1avU0KBOfqal1hbnsDbQyuGMakycBR24yyDDj5FguYzaLYPDabnJgOue4qEvcMAVCsziazedToIsTW-dElok33gCsVIA88024qAbO7cGELs21GIbyCWLXXd_JfeoDNugMTNVl3iiWaDYzV9iQ8vhcCPgutaVxEd1W_PZ7hx-ZsKxEAaaSt-CLntvux-BlNjYnRVbZNWTZ7JWPseFCKRwJMrzqDAt6Ib8LDxovQawI5YpaBScU9TK6jv3tnrQ-hCFe_Elhm4PA-e-BcjVcsQoRHCKQJXu4jBZmHFF1-zhJb9YcHRZTf2U-v6_2ORWPF8b8lEWcZb4_s5MVcy_Y2dp5BaC7DWsKqS1049ub4HkmRhEIvviJVFE8vxH7KI9to9HLHUAHKXTAXYEuVimXTPNah5hiRPurx3uNRLbxnB2YUB5BS99fyZp4kPTdxFbTxJs1VDeDUMqVdjh--KXfbgSbNn8_k_MCbLxsyyf3GqNfQ0R2Mn7G5oGXtVxQ5tkwIMVWUcSG8xoPcXGXuIlWU8-OoAPZ0dklvtics5OPeGKRKBK3WrLhViCqTpolhOJ08l7WuDfgWMwLCsTlL2mkGyjV78w_lOCDrohzkEoVOZG3cl6U5Gyp5Xd7XkTOGqDChUMHS4ibNHgsKvOq8wJ0Fpxd6xZ4ywub71zDygKG90K4laPyKT31LO83unvsOq9BBnIzaKtO1IA1ckTu_a_i_cpzfYnccF1ICApt5a1wFOih0_CP13z0ANyHCbVxz646amnE9HqJMdZBMv3lsCBlIta17FCF2ZwWl6fUfnqEiaIxhv3nG8rLN8vAfVn58ted3gZNmMrL6SfouG3fWJ5Q6frPLbAk9hh8lyVIvoVEsIGyKHC2bvaEa2Ey7VBSjSs94nvA4zLdl8ftdK5Hc7SAtMHeRBuYgBDocdrhCVw27XipDcUuJSMH6zOrXubDhC-n6pOJnmM6bNw9sDqBJxqggWFlEIn7ibZMdfj3ALg-6IQ6ExhpiV4DdUV62_zsjmgmEhkE-vTqjx69yEUdKgLqxiy-4Msu1EgrE7K1pvqOap24hVc7SNdBzPN0Lkrt_xAeu8i-gJPqWFzBQ5XkjG2FTulw_QVnjLIKkhF1mkwlN_p64gY_9o1qE7-J5K1CrYS_MH9pCNIXdKkAWYRpqsd02K-Zk2eIiueQzCKXnQbqUV0dFq_dHfgCTiDrVhhqZUTElXRq6q25vxnUDQsEb2kK4sn_zgWfiR8ixBHVykNXXr4R3xUnJihGBUhnzMJkrTThhh4pTe-_Gyh4VAsjXxP4Y6aixqwNMjenZFZiIf82kQQWxA4BpOLb9d0KdCusU7ZoR-h5BCGz7qgqsS7v-9nr2_30HSfIyC9Vk5_L2Dp2Uav5fa-9ojSih6rwH5hklYkYAv3CAAXLsQa1r0X1GrYJlAB_DFX73serEfK1juvBEXJC0Ad3sLONWNpLfeItpe9uVEnY9QCJWxTTyHLVMtHf4GA5WKgp359bKrMtVIX3QvBB7vIukI3g6gsIoVxa2i1T_bTqSJ2DIQJxQ6aF3wC-j9aBJfosJlEzf2dEz45Uavgb5uyhL6TkuJjDvqD3PbmkYX8rXFw5WC5oGIz8rk4XIzdWKcGSG1tNkcH7zykHMFt3ZPUOeZ9Yd0XmPRYpoRuLkV1S0IX7kDKEk0P738DwdJXBllXDU3eEOM_HHBpoIxYCt03SDwM6z4oY64sl2cb6UgWFw4ktfVJTE7-Xp7L4v0XIQmLuDfNsbAlYuun3Nu-0tH-i2a6crmM-ykHlQIVjIXA507SPzi0LVNYJRyoEi1fj24VkSVBl0452eLfo95n5b3UE_D4jVy0M8RL-b6uXJkcC5reBS1Lj_PXUqDl1-91_zBgrbQ6tp9CcgdmD9SkBLSsDTT7mdr50zpqhXSV0_JIJSbvcHYskt6bdzKI5l0uYVPtuGeGu9yb9Xbb3W6HTbsVIovGtF3jJ8y8FSxr0erN-68YErJH7_QX4WC2FHpyYLFarSkGn3La9O-drb-YPot3dQRD04C5-K4MkwnzJ0B6dmgLruVv3GGjH9--FBvMWR24ha9k20A4CPLjyqUg4zRPLfC1ACWOuUBARr2xyQtDXTEGOUu383KDsiMCVdtkKC7vYxMWVduilc2dA9ypIbR3NAg21LbPDWSy48R-jY42Goo9rjWHrZN4xluxTExQu0ja1gQEfpeCFBnhLOZV4rcftu061TrphdfTlvOihuHUfHN67H7F9UfWTLThdXFNFCCUA6qwEwn5-F2v-JZXMLbXCR-UEHLJbjtcGxXRd4BpCZXXHORwkEIcWBJj5hkvrLgYyYrFfH0nQBuNHAK7hXjZxUFW0_JFE4FJuYurG-oUZ4qCW6e5AZ1tSpiR63sEgdCbvddt9Ou46qXPFMVUy892xzdFpsZLlAyn6jKfnvwMorXdlvVfc60scAhIBzQGPVl6qVtVYoobG-_cHfqv1EB91Z2Q5AF8TF59e6uVKwOeqfrDjOsh-eR2cqerFBvAqZl_HKdzf43nNJ47PFY6gQioInYb_COuFLrQOkvg9t_Sz9QEuYFyn90IyQ_qY6Aha-Lq_QtJJ3zByA2hhc2mkEylt2cM34m5I0jPh6L99arZzG3a3A809br2xj4saxlnaxyAk89bdKQvyClrwy8l_xW777SL374g7cemh3ZPx-gOtRCsbDBd7D_qNz-3jx_oaGPjOhaQtZekd38sUlHCkMlprWWdAI4dmkOO_EBybP9g1m_oamjNfgBiN0Coh7xhapwFKMHf0QL9N2D4B2loam24HYCGIPaXNQBeDGspUYzMQdSIR499A8XBDONXY3OfAtlGAmzpHsz4t41VV-C9zyhPvkB2JLa4c3tfDLbuh_nEn12i8R1rNQnOEnFd5vBgy2_Apf7lv5Z4jZlUyoyBz1qw8eY3imwa8PlT2-k35kH3b_pho&cid=CAASJ-Roil6pWZ_FSRI7pT1YgQwxmSDeHOal2JqyC8P0Yr2Tw33upEgfhg&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2C%2Curn%253Auuid%253A52425aa3-28ea-213a-5876-213a28ea5242%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
947e22d9ed05fbe3f5ed3c4ee35618a1910a85968f48a22c0277f9936f2eb769
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
5177785407398320510
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:31:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1389 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AWNMnczFtr-4p91XLVgMNRupMOLzD7j_0_nnXdDyxfHMOgQOQrnenPid1jiG0RTURHYrkkFhxUhxvoXCaq8L8b_E5Klh7V_KM2aX-8utXLJzQ7j2yY8y2eDF0qilwzB_lJVKDRguZSKmVjM00hpOmiNeKSVQ&cry=1&dbm_d=AKAmf-DtqtvS-Yc8zDWkG_Yp3bKHszHu5SYWpcd9mIFCcZ9cEvdSihRjdG6N8_xvQA5CyiCwJS5AYvZiSb8n4qnWwlOJQ96pMMp4gZdGue1_W0aqKnZQDLuDVxMsOoJolxZ4OcQbOtULzzjekRuC_ztoZiNNAtvCPn_884SqiNYvKEZXmg1Ey5yTIMvuYsKlxs4jbM-h4o6U3xE_vySj65cBIdIq_bKSlpceMz-Fxm1aLRGUSCex05dftqr3Sv6FGwPBb9G39gb-p4SZ_LeUQgksxxy2hXyPWMj_LD3qOUZxqomu4KAimHh1vtVuj7KyqQZnUmIGhSBo1jKmZG4v7d8uS-yhBd7s4PDiETjHBUd0wlCecb1avU0KBOfqal1hbnsDbQyuGMakycBR24yyDDj5FguYzaLYPDabnJgOue4qEvcMAVCsziazedToIsTW-dElok33gCsVIA88024qAbO7cGELs21GIbyCWLXXd_JfeoDNugMTNVl3iiWaDYzV9iQ8vhcCPgutaVxEd1W_PZ7hx-ZsKxEAaaSt-CLntvux-BlNjYnRVbZNWTZ7JWPseFCKRwJMrzqDAt6Ib8LDxovQawI5YpaBScU9TK6jv3tnrQ-hCFe_Elhm4PA-e-BcjVcsQoRHCKQJXu4jBZmHFF1-zhJb9YcHRZTf2U-v6_2ORWPF8b8lEWcZb4_s5MVcy_Y2dp5BaC7DWsKqS1049ub4HkmRhEIvviJVFE8vxH7KI9to9HLHUAHKXTAXYEuVimXTPNah5hiRPurx3uNRLbxnB2YUB5BS99fyZp4kPTdxFbTxJs1VDeDUMqVdjh--KXfbgSbNn8_k_MCbLxsyyf3GqNfQ0R2Mn7G5oGXtVxQ5tkwIMVWUcSG8xoPcXGXuIlWU8-OoAPZ0dklvtics5OPeGKRKBK3WrLhViCqTpolhOJ08l7WuDfgWMwLCsTlL2mkGyjV78w_lOCDrohzkEoVOZG3cl6U5Gyp5Xd7XkTOGqDChUMHS4ibNHgsKvOq8wJ0Fpxd6xZ4ywub71zDygKG90K4laPyKT31LO83unvsOq9BBnIzaKtO1IA1ckTu_a_i_cpzfYnccF1ICApt5a1wFOih0_CP13z0ANyHCbVxz646amnE9HqJMdZBMv3lsCBlIta17FCF2ZwWl6fUfnqEiaIxhv3nG8rLN8vAfVn58ted3gZNmMrL6SfouG3fWJ5Q6frPLbAk9hh8lyVIvoVEsIGyKHC2bvaEa2Ey7VBSjSs94nvA4zLdl8ftdK5Hc7SAtMHeRBuYgBDocdrhCVw27XipDcUuJSMH6zOrXubDhC-n6pOJnmM6bNw9sDqBJxqggWFlEIn7ibZMdfj3ALg-6IQ6ExhpiV4DdUV62_zsjmgmEhkE-vTqjx69yEUdKgLqxiy-4Msu1EgrE7K1pvqOap24hVc7SNdBzPN0Lkrt_xAeu8i-gJPqWFzBQ5XkjG2FTulw_QVnjLIKkhF1mkwlN_p64gY_9o1qE7-J5K1CrYS_MH9pCNIXdKkAWYRpqsd02K-Zk2eIiueQzCKXnQbqUV0dFq_dHfgCTiDrVhhqZUTElXRq6q25vxnUDQsEb2kK4sn_zgWfiR8ixBHVykNXXr4R3xUnJihGBUhnzMJkrTThhh4pTe-_Gyh4VAsjXxP4Y6aixqwNMjenZFZiIf82kQQWxA4BpOLb9d0KdCusU7ZoR-h5BCGz7qgqsS7v-9nr2_30HSfIyC9Vk5_L2Dp2Uav5fa-9ojSih6rwH5hklYkYAv3CAAXLsQa1r0X1GrYJlAB_DFX73serEfK1juvBEXJC0Ad3sLONWNpLfeItpe9uVEnY9QCJWxTTyHLVMtHf4GA5WKgp359bKrMtVIX3QvBB7vIukI3g6gsIoVxa2i1T_bTqSJ2DIQJxQ6aF3wC-j9aBJfosJlEzf2dEz45Uavgb5uyhL6TkuJjDvqD3PbmkYX8rXFw5WC5oGIz8rk4XIzdWKcGSG1tNkcH7zykHMFt3ZPUOeZ9Yd0XmPRYpoRuLkV1S0IX7kDKEk0P738DwdJXBllXDU3eEOM_HHBpoIxYCt03SDwM6z4oY64sl2cb6UgWFw4ktfVJTE7-Xp7L4v0XIQmLuDfNsbAlYuun3Nu-0tH-i2a6crmM-ykHlQIVjIXA507SPzi0LVNYJRyoEi1fj24VkSVBl0452eLfo95n5b3UE_D4jVy0M8RL-b6uXJkcC5reBS1Lj_PXUqDl1-91_zBgrbQ6tp9CcgdmD9SkBLSsDTT7mdr50zpqhXSV0_JIJSbvcHYskt6bdzKI5l0uYVPtuGeGu9yb9Xbb3W6HTbsVIovGtF3jJ8y8FSxr0erN-68YErJH7_QX4WC2FHpyYLFarSkGn3La9O-drb-YPot3dQRD04C5-K4MkwnzJ0B6dmgLruVv3GGjH9--FBvMWR24ha9k20A4CPLjyqUg4zRPLfC1ACWOuUBARr2xyQtDXTEGOUu383KDsiMCVdtkKC7vYxMWVduilc2dA9ypIbR3NAg21LbPDWSy48R-jY42Goo9rjWHrZN4xluxTExQu0ja1gQEfpeCFBnhLOZV4rcftu061TrphdfTlvOihuHUfHN67H7F9UfWTLThdXFNFCCUA6qwEwn5-F2v-JZXMLbXCR-UEHLJbjtcGxXRd4BpCZXXHORwkEIcWBJj5hkvrLgYyYrFfH0nQBuNHAK7hXjZxUFW0_JFE4FJuYurG-oUZ4qCW6e5AZ1tSpiR63sEgdCbvddt9Ou46qXPFMVUy892xzdFpsZLlAyn6jKfnvwMorXdlvVfc60scAhIBzQGPVl6qVtVYoobG-_cHfqv1EB91Z2Q5AF8TF59e6uVKwOeqfrDjOsh-eR2cqerFBvAqZl_HKdzf43nNJ47PFY6gQioInYb_COuFLrQOkvg9t_Sz9QEuYFyn90IyQ_qY6Aha-Lq_QtJJ3zByA2hhc2mkEylt2cM34m5I0jPh6L99arZzG3a3A809br2xj4saxlnaxyAk89bdKQvyClrwy8l_xW777SL374g7cemh3ZPx-gOtRCsbDBd7D_qNz-3jx_oaGPjOhaQtZekd38sUlHCkMlprWWdAI4dmkOO_EBybP9g1m_oamjNfgBiN0Coh7xhapwFKMHf0QL9N2D4B2loam24HYCGIPaXNQBeDGspUYzMQdSIR499A8XBDONXY3OfAtlGAmzpHsz4t41VV-C9zyhPvkB2JLa4c3tfDLbuh_nEn12i8R1rNQnOEnFd5vBgy2_Apf7lv5Z4jZlUyoyBz1qw8eY3imwa8PlT2-k35kH3b_pho&cid=CAASJ-Roil6pWZ_FSRI7pT1YgQwxmSDeHOal2JqyC8P0Yr2Tw33upEgfhg&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2C%2Curn%253Auuid%253A52425aa3-28ea-213a-5876-213a28ea5242%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 13:19:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162740
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Mar 2023 13:19:22 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 63EB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:42 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6060 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZAbobWwALBCBakChV8xwNjfe3GTjgHZ8V9pPNTK3uDz5bmgrgnZlJAK79tkGI3MEVi1zj2s4b9yUl4yGcW4MDoReXj-1FsX-ihyueTUkFi6O_XZ7WwOzZ74bdvX39EHGiMM1p3JVYMyRsXiRiazvjlGlsJXputhYlSitmjGdqZleg5sAkB-gm6CwfaLuxabcI-QWitW-koloH1P4DpgEJ7z16EWtN_T8q8IkdI9cwe6xosz62pS0gHyQ9J6PVlHQlzLtvQAeTx3n1xWGBk091rtNFNr7w-0CcqfO5OcGXbkuxL68MEmaR8DQ-ldyWgdIlQre2RNfLmFHKENxeY4Fi4YQ1D35a3PXEcCGdPy0jUqSp5fhYOJ_-m_n7SpOtdRYiDF_RbTAZWulJL8hQAld1ogvDF3_6vxAuRaerVWw1SzCZoy-0A1IGQSWGJQ1LcouFwNezcKBP70iCyJjFw7-hy2K9YOOWE3P8gESx1w2nKwnq7Xh7fVYABLuXkfcZZHHZjkivMZgVmibL1p6NNAxmoqTJ5vAWpk5oYTNHTrIti1J5EUCCMty9nvzYBFCdSqYb8Pxkl2nAPU644f-JR0xjKc8TJLKvVe0pt-uzgiVvLRG7Mka5AjPDskHV3aTDkkTCSqdd5v_Q87wgR3TosYcS2aXAN5bOj0jGvkac81mi8Vx5ZNTYp1oApIhVkPAJEMyXdM1OLx_C1vtWcTU1HryB9k_xqjXQ7SgdqDMHceRcWFUDkYoXYbi1dsrLPndoN3zC_RHMU3mzEs-kP2CsZcKiNhfWLGEEi2YZfL47aDqVzM8cdFMCfnEzmKikJ98q8W2-wWPGCxLgnnx3x3rEJ-3WNi6lcrxYbf-kBBY_2sOwjAvDZnvOvBKMJRRMzLCCM5adg3bzTlOPx_qHq-HCujkNUREpbR_j8CJorLb15hM9i1Fyd3r-eQ9wzYfNFdVSXOraw_w8aUJZWGRQ269O83cHlKn6Yh7kS6ZmCrVJg7VFp7FXs8_iYFKUvubpd-yu0LdCW-UQScB96M-dGKjI8Nx222g9VaR89_A6jdV2ddqgsLwTW-BoZRug_fLbQ8tcDNIh4PXhtO54Ifk_I7AHTmU9iz5pwMk8Y7w-A-5-5BR5pZ40SmEZ&sai=AMfl-YR_YIEPpOhC_GhmGTkdwOl5pPaNPZF-lYaLZMtpxzdWM3FyBGRfhLkXifY242O9i6__cZ0ps9rKyB6ysginuWcJdxqYK06YREw2L0qhULY8PMs_OIEDLcPAhNtmFsW2gwMn-c6OCsWm3-7gBVlUpMRr8qHpslPQ5-juRO5q56DF2iwuktyfGJp-QlyqErsIoHckbKJSEbIarLkbi3YYWDuva0C1o7yaGsQprv4vH4MbFvwQXxUjFdtExYUK2qfW_J9Tiiq9JSzhpRy3oXsQbhAqcdB5o_yh9I3zpHS8Nb9l7WgczwNOCA0-4Yn9h3HfqNxfrYe3Tfz_FN-Dq81pwikNzO7aijewleKyDrkLYGfAbz_T-EgQpXHY9JWITE7O7DDzz-lHKSpVWYQwz8UeMw&sig=Cg0ArKJSzBn81yJxLgaBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=193&vt=11&dtpt=193&dett=2&cstd=0&cisv=r20220308.97954&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js
pagead2.googlesyndication.com/bg/ Frame 54FA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c299cd7441c413e1fe1d6906628f36bdc1142e35fb5907ce8fefa36213db2dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:03:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1716
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13712
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 10:03:06 GMT
4727t6qteyti
hal9000.redintelligence.net/zone/ Frame 1389 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUhj0DcgtYuStO7GA3gO06L2wDrXN-YNX_Ni5q-UM8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9Dy2QVWanGNE0abDVLRE7uclcMwTsvQtHsUIxFLVzgbtjmfZfReMnLLpPVTy1EAV-jNlj2uXPJgQXz9gTL-45axfc1-Z2NJhhs1YZsxf5lr6w6vIhGSD3ccT0Q1QUAvid3KaD8SK0-N3DEsE6ZuMHwywopql03fFG4EmIMofRL5QEt7VNXpp6T-LxD-DRnWt_lCiWWLJR99m9ozCGW3N16WoRTU4V_WipRDl83qYFybyZ4FcqAqH2echo0XPpfoREX5CR3waeXllil60KzwRA8t3P9Cjf-y_SSk6LvWFcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-Roil6pWZ_FSRI7pT1YgQwxmSDeHOal2JqyC8P0Yr2Tw33upEgfhg%26sig%3DAOD64_0wOZl9F-DO_KVyLWgd6Md1zTIMJg%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CmbDkp3_Zrr3rxY1OyJcnqAVrmzXtzPOmwoUWuj0JDK3fKubmn5_kGmGehE6zhRnIqDFBf3QvBafOPBLewWCfQ9s2h_xIrU0SK8VpoOHgvFuFHquZHDpwEEbrtrrSdwyt2lBvtqdbl2n9RzfYjimvZ6ckuyA%26cry%3D1%26dbm_d%3DAKAmf-Dwmkjc_p0clqNpUVraw6XxjmBZF_VNnzTvUjYAbeKW7WKC-sz_oK9xWPeigNMaEbBC7SwVin5OdtbVrSneeGZ51r4awNF4XCaYYw7br9OOK1amqCe-1zMjF1qhF392R1Ni6xFEbKp6mOsDrr2GGbB-QLS9GheTi7Z26pNBV_4Heg_QdvZGrZqdKQLNmK0yiDDC6d679PGhN4gw6l0VjRg7LBjaHba3YxtDr-pZu6ZPqeAUruNc_qVREMUyXzovoSDA1c85i90BTn2hIlJ433FQ3XZb9dw4Irk6CkVM2Gd1yUNyCHjxybU2cjlYnBRuFvxKR3BAAiK76QWMhhdlwzo_y7a-LThlxjqC1q1W-dk748AeHFDBFJjRE1OcU-Yhl-QrzJyOhQOhKosUDB0nSoiniGH-tRb3loTfBYHJXJEoVvp69n4H9LStel2zL4pSTIm0Uwg1lAQSbDlo4ufIlXugAX-eJw%26adurl%3D
Requested by
Host: uuid
URL: urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
915b59897b21e9be15863aa5620b17d476996da229da123482a584bdec59b197

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3965
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
integrator.js
adservice.google.de/adsid/ Frame B2ED 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B2ED 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame B2ED 		19 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2612437989791563&correlator=2488887536906768&eid=31063377%2C44756897&output=ldjh&gdfp_req=1&vrg=2022030801&ptt=17&impl=fif&sc=1&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=4203880072&sfv=1-0-38&ecs=20220313&fsapi=false&eri=4&cookie=ID%3D6bf49801c8b0f0f7-225df1845bcd0081%3AT%3D1647167501%3AS%3DALNI_Ma7ZDhgRWOZ6wZhyfuxlce6qtK_ig&abxe=1&dt=1647167502965&dlt=1647167502680&idt=269&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=294&adys=1310&ucis=6v0whtwoiimn&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fjesus.co&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1312843398.1647167500&ga_sid=1647167503&ga_hid=1242093834&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
64cc219a5d11213dd0ae339608cebdfa99869a9f0010b236f7bf42b893757b69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10368
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B2ED 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6bb6407cde0b1ec326dc517b9db18feb3248ad68900ad9bae04db186a707da17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10693
x-xss-protection
0
container.html
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 35CA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 13 Mar 2022 10:31:43 GMT
expires
Mon, 13 Mar 2023 10:31:43 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C646 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 11 Mar 2022 13:19:22 GMT
expires
Sat, 11 Mar 2023 13:19:22 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
162740
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request.php
hal900024.redintelligence.net/ Frame 1389 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900024.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=9865a78d9e&subid=&uid=4dc75d1110bb3b3d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUhj0DcgtYuStO7GA3gO06L2wDrXN-YNX_Ni5q-UM8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9Dy2QVWanGNE0abDVLRE7uclcMwTsvQtHsUIxFLVzgbtjmfZfReMnLLpPVTy1EAV-jNlj2uXPJgQXz9gTL-45axfc1-Z2NJhhs1YZsxf5lr6w6vIhGSD3ccT0Q1QUAvid3KaD8SK0-N3DEsE6ZuMHwywopql03fFG4EmIMofRL5QEt7VNXpp6T-LxD-DRnWt_lCiWWLJR99m9ozCGW3N16WoRTU4V_WipRDl83qYFybyZ4FcqAqH2echo0XPpfoREX5CR3waeXllil60KzwRA8t3P9Cjf-y_SSk6LvWFcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-Roil6pWZ_FSRI7pT1YgQwxmSDeHOal2JqyC8P0Yr2Tw33upEgfhg%26sig%3DAOD64_0wOZl9F-DO_KVyLWgd6Md1zTIMJg%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CmbDkp3_Zrr3rxY1OyJcnqAVrmzXtzPOmwoUWuj0JDK3fKubmn5_kGmGehE6zhRnIqDFBf3QvBafOPBLewWCfQ9s2h_xIrU0SK8VpoOHgvFuFHquZHDpwEEbrtrrSdwyt2lBvtqdbl2n9RzfYjimvZ6ckuyA%26cry%3D1%26dbm_d%3DAKAmf-Dwmkjc_p0clqNpUVraw6XxjmBZF_VNnzTvUjYAbeKW7WKC-sz_oK9xWPeigNMaEbBC7SwVin5OdtbVrSneeGZ51r4awNF4XCaYYw7br9OOK1amqCe-1zMjF1qhF392R1Ni6xFEbKp6mOsDrr2GGbB-QLS9GheTi7Z26pNBV_4Heg_QdvZGrZqdKQLNmK0yiDDC6d679PGhN4gw6l0VjRg7LBjaHba3YxtDr-pZu6ZPqeAUruNc_qVREMUyXzovoSDA1c85i90BTn2hIlJ433FQ3XZb9dw4Irk6CkVM2Gd1yUNyCHjxybU2cjlYnBRuFvxKR3BAAiK76QWMhhdlwzo_y7a-LThlxjqC1q1W-dk748AeHFDBFJjRE1OcU-Yhl-QrzJyOhQOhKosUDB0nSoiniGH-tRb3loTfBYHJXJEoVvp69n4H9LStel2zL4pSTIm0Uwg1lAQSbDlo4ufIlXugAX-eJw%26adurl%3D&documentReferer=urn%3Auuid%3A52425aa3-28ea-213a-5876-213a28ea5242&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=6320327863626&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUhj0DcgtYuStO7GA3gO06L2wDrXN-YNX_Ni5q-UM8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9Dy2QVWanGNE0abDVLRE7uclcMwTsvQtHsUIxFLVzgbtjmfZfReMnLLpPVTy1EAV-jNlj2uXPJgQXz9gTL-45axfc1-Z2NJhhs1YZsxf5lr6w6vIhGSD3ccT0Q1QUAvid3KaD8SK0-N3DEsE6ZuMHwywopql03fFG4EmIMofRL5QEt7VNXpp6T-LxD-DRnWt_lCiWWLJR99m9ozCGW3N16WoRTU4V_WipRDl83qYFybyZ4FcqAqH2echo0XPpfoREX5CR3waeXllil60KzwRA8t3P9Cjf-y_SSk6LvWFcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-Roil6pWZ_FSRI7pT1YgQwxmSDeHOal2JqyC8P0Yr2Tw33upEgfhg%26sig%3DAOD64_0wOZl9F-DO_KVyLWgd6Md1zTIMJg%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CmbDkp3_Zrr3rxY1OyJcnqAVrmzXtzPOmwoUWuj0JDK3fKubmn5_kGmGehE6zhRnIqDFBf3QvBafOPBLewWCfQ9s2h_xIrU0SK8VpoOHgvFuFHquZHDpwEEbrtrrSdwyt2lBvtqdbl2n9RzfYjimvZ6ckuyA%26cry%3D1%26dbm_d%3DAKAmf-Dwmkjc_p0clqNpUVraw6XxjmBZF_VNnzTvUjYAbeKW7WKC-sz_oK9xWPeigNMaEbBC7SwVin5OdtbVrSneeGZ51r4awNF4XCaYYw7br9OOK1amqCe-1zMjF1qhF392R1Ni6xFEbKp6mOsDrr2GGbB-QLS9GheTi7Z26pNBV_4Heg_QdvZGrZqdKQLNmK0yiDDC6d679PGhN4gw6l0VjRg7LBjaHba3YxtDr-pZu6ZPqeAUruNc_qVREMUyXzovoSDA1c85i90BTn2hIlJ433FQ3XZb9dw4Irk6CkVM2Gd1yUNyCHjxybU2cjlYnBRuFvxKR3BAAiK76QWMhhdlwzo_y7a-LThlxjqC1q1W-dk748AeHFDBFJjRE1OcU-Yhl-QrzJyOhQOhKosUDB0nSoiniGH-tRb3loTfBYHJXJEoVvp69n4H9LStel2zL4pSTIm0Uwg1lAQSbDlo4ufIlXugAX-eJw%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
13977410c5d04cd79154d66ab78bd610f7bcba84a5ebeb673defbe750d7623e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:43 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
49610700065596000710612011897024
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1314
Expires
Sun, 13 Mar 2022 10:31:43 +0100
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 599D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:23:30 GMT
expires
Mon, 13 Mar 2023 10:23:30 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
493
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 2DFD 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0e4ee29eaf66bf9f1df2cbaeb71819cfbbeb22aac7e36fc9b02f2f04e511c9e3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vFc6Y/Iy9TpTSIFDtJLuBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 13 Mar 2022 10:31:43 GMT
date
Sun, 13 Mar 2022 10:31:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-vFc6Y/Iy9TpTSIFDtJLuBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ Frame 80F0 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51dcc2b5c50fa27a20b0c05bdf26f5b496b6bda930b087ccd0ae4856e68628e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10356
x-xss-protection
0
view.aspx
pb.media01.eu/ Frame D3BA
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e58739f38600d8697fb68?subid=28434000045773100757585011897021&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=28434000045773100757585011897021&actionid=981741&produktid=&dt_url=
0
628 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=28434000045773100757585011897021&actionid=981741&produktid=&dt_url=
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=ce5b4e7790&subid=&uid=be8d50cce1e4fb9d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB1faDcgtYve2NMGPrASP0In4BN2t6KhgqNy3x7kK8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9DidfI3GWyJxBWGrxOzGNOib5cOH1PXchBV1nb8VWpT5DwsztfLHWKzJn23hzA9L4RVYtJ2MHrznZ5LOFH7geyMVafgcCbpmroLNiYFCDcFi_lqPTXAmj8Y-VaChIWMu_BMyAobdDoLg3ZfoVNaW13K8P_iDbzb--bdOqr4Gks-3eM7IR0_E804eIXhgNmokWhoF7W_5Ckdf4Vdkyf6olP1obY4Nv9arehbebNrVv5No6oLbTeSgfrF1RYkE4erFURDvlNZFAPe9Mk-7lcd9j3VgxLG-7BaDdeZn60VycAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORonBr4gFBev2cp5qFsveoOMRCWp5LSJhi2PPlUhP_2zxA7ElKdSps%26sig%3DAOD64_0q8aB6LlcJa9IQoISwV9LOdwqqdw%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-AFfEQ7Bp-qymjlTJXBTL4ysvSmM0mm2mTWktyuKemMEm7HEt0Bdiima91ss84g5qXJgS5WEM9U1qPpS4KNYZPYrb5azDCgOCvcZI5E-yGW5koSh1gjG4Qjn8oW5DTndX03aqU1Xf_9zYqkZugo64a9gL_QVQ%26cry%3D1%26dbm_d%3DAKAmf-AfrZ-2Gzzg4WW8xoOvUzApGL-zPkPvPHqDYqtmG0ZdlilSqJmuJivnv-x7GDUNAO8C-vit6nFEd498Gn9jPb5Ylz2az06zz9ZcV6-3D16_1G4HY8Q47DcT3HTJbTIPjiediPVkNtxKIWmfLIUgTOryH5yk-kwzYXo-TkBzPGn5VaAnCFBXcxDUugs4KJ4yVMIEo59NLIDkVHyiCwY9LDFt4tJnNCcaNGGD7XxPwYYxsGGSkVTQDlddbaCI_nA6CKYMXjgDO3DTACb3VsjLfZ7amaSryO5HT8s88WLqqEE5c4U6K0OECCS1RNTM1ipDTkPXKz2GbdMiFK80-W-E_RMzbG7a3mgDlYYMtJHsolCYjsgBetYG8sUpIaTXVSMkJvICCiiUNhLShXXhrZRW81QRTg5RNSrMJ_IrBI_EDUrtPZ8hkD-Qf_WC82w54XY-34KH3Dxkh1yaTIH4Rmllzu9fW0qrYQ%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=9505920041827&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Sun, 13 Mar 2022 11:31:42 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Sun, 13 Mar 2022 10:31:42 GMT
content-length
0

Redirect headers

Server
nginx/1.17.5
Date
Sun, 13 Mar 2022 10:31:43 GMT
Content-Type
application/javascript
Content-Length
0
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=28434000045773100757585011897021&actionid=981741&produktid=&dt_url=
Host
pv.medialead.de
Proxy-Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA9:EBCC_91EFC182:01BB_622DC80F_C2C2CC8:7DE1
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40028
activityi;dc_pre=CL6Io4_xwvYCFdAaGwodeIUCzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7253340165675.943
5994599.fls.doubleclick.net/ Frame 3188
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7253340165675.943?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CL6Io4_xwvYCFdAaGwodeIUCzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7253340165675.943?
391 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CL6Io4_xwvYCFdAaGwodeIUCzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7253340165675.943?
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
b028d17ab2e8d0fbb2e1a8fbd4e48b45b8b4da712f6e9521615140392235c06e
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 13 Mar 2022 10:31:43 GMT
expires
Sun, 13 Mar 2022 10:31:43 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
321
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 13 Mar 2022 10:31:43 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CL6Io4_xwvYCFdAaGwodeIUCzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7253340165675.943?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900021.redintelligence.net/ Frame 035C 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900021.redintelligence.net/request_content.php?s=28434000045773100757585011897021&a=3497a78c
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=ce5b4e7790&subid=&uid=be8d50cce1e4fb9d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB1faDcgtYve2NMGPrASP0In4BN2t6KhgqNy3x7kK8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9DidfI3GWyJxBWGrxOzGNOib5cOH1PXchBV1nb8VWpT5DwsztfLHWKzJn23hzA9L4RVYtJ2MHrznZ5LOFH7geyMVafgcCbpmroLNiYFCDcFi_lqPTXAmj8Y-VaChIWMu_BMyAobdDoLg3ZfoVNaW13K8P_iDbzb--bdOqr4Gks-3eM7IR0_E804eIXhgNmokWhoF7W_5Ckdf4Vdkyf6olP1obY4Nv9arehbebNrVv5No6oLbTeSgfrF1RYkE4erFURDvlNZFAPe9Mk-7lcd9j3VgxLG-7BaDdeZn60VycAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORonBr4gFBev2cp5qFsveoOMRCWp5LSJhi2PPlUhP_2zxA7ElKdSps%26sig%3DAOD64_0q8aB6LlcJa9IQoISwV9LOdwqqdw%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-AFfEQ7Bp-qymjlTJXBTL4ysvSmM0mm2mTWktyuKemMEm7HEt0Bdiima91ss84g5qXJgS5WEM9U1qPpS4KNYZPYrb5azDCgOCvcZI5E-yGW5koSh1gjG4Qjn8oW5DTndX03aqU1Xf_9zYqkZugo64a9gL_QVQ%26cry%3D1%26dbm_d%3DAKAmf-AfrZ-2Gzzg4WW8xoOvUzApGL-zPkPvPHqDYqtmG0ZdlilSqJmuJivnv-x7GDUNAO8C-vit6nFEd498Gn9jPb5Ylz2az06zz9ZcV6-3D16_1G4HY8Q47DcT3HTJbTIPjiediPVkNtxKIWmfLIUgTOryH5yk-kwzYXo-TkBzPGn5VaAnCFBXcxDUugs4KJ4yVMIEo59NLIDkVHyiCwY9LDFt4tJnNCcaNGGD7XxPwYYxsGGSkVTQDlddbaCI_nA6CKYMXjgDO3DTACb3VsjLfZ7amaSryO5HT8s88WLqqEE5c4U6K0OECCS1RNTM1ipDTkPXKz2GbdMiFK80-W-E_RMzbG7a3mgDlYYMtJHsolCYjsgBetYG8sUpIaTXVSMkJvICCiiUNhLShXXhrZRW81QRTg5RNSrMJ_IrBI_EDUrtPZ8hkD-Qf_WC82w54XY-34KH3Dxkh1yaTIH4Rmllzu9fW0qrYQ%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=9505920041827&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
c5de476e2821c786cd2f8605323df45a1035e6ff01a613219ec96fc034a863bc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/

Response headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sun, 13 Mar 2022 10:31:43 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2313
Connection
close
Content-Type
text/html; charset=utf-8
truncated
/ Frame E3CF 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c60dd9372c9ff3fb4a9ad4c841dea15b5f625094870c20c892f1c57092f14534

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B2ED 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:43 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 80F0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:43 GMT
container.html
25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3F7E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:31:42 GMT
expires
Mon, 13 Mar 2023 10:31:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
api.purpleads.io/x/a/297e06ebe1e7c0cbfcf04a5acc8fddff:7c05f90fb9bae83f80791afd99bf28142126e4bd48556f43e12838180b20c2d2fef4a2e4eca0ec7db4f87943397119952f2949644d2d71d0eb787bb6c96105daf8fbb2f123d5503... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/297e06ebe1e7c0cbfcf04a5acc8fddff:7c05f90fb9bae83f80791afd99bf28142126e4bd48556f43e12838180b20c2d2fef4a2e4eca0ec7db4f87943397119952f2949644d2d71d0eb787bb6c96105daf8fbb2f123d550348f67d1d59454eb5df9b28ee0b01ffb07160fd4b8afbe4374/i?id=51a825cf-c9f4-433e-90e3-6c0f7be5e970&ts=1647167503143
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
d097d4e2-cff9-4f98-a20e-630a8f5ec162
i
api.purpleads.io/x/a/297e06ebe1e7c0cbfcf04a5acc8fddff:7c05f90fb9bae83f80791afd99bf28142126e4bd48556f43e12838180b20c2d2fef4a2e4eca0ec7db4f87943397119952f2949644d2d71d0eb787bb6c96105daf8fbb2f123d5503... 		0
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/297e06ebe1e7c0cbfcf04a5acc8fddff:7c05f90fb9bae83f80791afd99bf28142126e4bd48556f43e12838180b20c2d2fef4a2e4eca0ec7db4f87943397119952f2949644d2d71d0eb787bb6c96105daf8fbb2f123d550348f67d1d59454eb5df9b28ee0b01ffb07160fd4b8afbe4374/i?id=51a825cf-c9f4-433e-90e3-6c0f7be5e970&ts=1647167503143
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
0.4.13

Response headers

access-control-allow-origin
https://nets4.com
date
Sun, 13 Mar 2022 10:31:43 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
80658b99-9eaf-429f-a3ca-89341ef24832
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 035C 		89 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=28434000045773100757585011897021&a=3497a78c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 08:29:31 GMT
x-content-type-options
nosniff
age
180132
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91556
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Mar 2023 08:29:31 GMT
pb_girostart_728x90.gif
www.ad-server.eu/wm/pb/girostart/standard/ Frame 035C
Redirect Chain
  • https://pv.medialead.de/trck/eview/e99aace94e6e58739f38600d8697fb68?subid=28434000045773100757585011897021
  • https://www.ad-server.eu/wm/pb/girostart/standard/pb_girostart_728x90.gif
8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ad-server.eu/wm/pb/girostart/standard/pb_girostart_728x90.gif
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=28434000045773100757585011897021&a=3497a78c
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
ec4e04bf6aa1d19b00d36e194a14e06ffc6e75ec1cad535230beee9adc322e82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:37:17 GMT
Last-Modified
Tue, 06 Apr 2021 12:56:42 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"606c5a8a-21e4"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8676

Redirect headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA9:EBCC_91EFC182:01BB_622DC80F_C2C2CD1:7DE1
X-IPLB-Instance
40028
Strict-Transport-Security
max-age=15768000
Content-Type
application/go
Location
https://www.ad-server.eu/wm/pb/girostart/standard/pb_girostart_728x90.gif
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
/
api.purpleads.io/x/b/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=7&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=bda687bb-ab21-4253-95a1-ae2d1e1115bd&demand=cybermedia&ts=1647167503153
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
bc8854601f38c9e4fd09873ba3edf5ed493e51d3187205690d91c73054116e42

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
gzip
etag
W/"23f6-5cclyunjljR73Y/YnLiIetn4d+s"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
a60ad3fa-d590-4016-b206-987d15c4a058
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=7&pid=3e163e18c8b84c2b86766a5e936dcde1&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=bda687bb-ab21-4253-95a1-ae2d1e1115bd&demand=cybermedia&ts=1647167503153
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
d59f68a3-d1c2-49a4-a151-cab87f89572d
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame C646 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
view.aspx
pb.media01.eu/ Frame 77D0
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=49610700065596000710612011897024&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=49610700065596000710612011897024&actionid=981741&produktid=&dt_url=
0
36 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=49610700065596000710612011897024&actionid=981741&produktid=&dt_url=
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=9865a78d9e&subid=&uid=4dc75d1110bb3b3d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUhj0DcgtYuStO7GA3gO06L2wDrXN-YNX_Ni5q-UM8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9Dy2QVWanGNE0abDVLRE7uclcMwTsvQtHsUIxFLVzgbtjmfZfReMnLLpPVTy1EAV-jNlj2uXPJgQXz9gTL-45axfc1-Z2NJhhs1YZsxf5lr6w6vIhGSD3ccT0Q1QUAvid3KaD8SK0-N3DEsE6ZuMHwywopql03fFG4EmIMofRL5QEt7VNXpp6T-LxD-DRnWt_lCiWWLJR99m9ozCGW3N16WoRTU4V_WipRDl83qYFybyZ4FcqAqH2echo0XPpfoREX5CR3waeXllil60KzwRA8t3P9Cjf-y_SSk6LvWFcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-Roil6pWZ_FSRI7pT1YgQwxmSDeHOal2JqyC8P0Yr2Tw33upEgfhg%26sig%3DAOD64_0wOZl9F-DO_KVyLWgd6Md1zTIMJg%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CmbDkp3_Zrr3rxY1OyJcnqAVrmzXtzPOmwoUWuj0JDK3fKubmn5_kGmGehE6zhRnIqDFBf3QvBafOPBLewWCfQ9s2h_xIrU0SK8VpoOHgvFuFHquZHDpwEEbrtrrSdwyt2lBvtqdbl2n9RzfYjimvZ6ckuyA%26cry%3D1%26dbm_d%3DAKAmf-Dwmkjc_p0clqNpUVraw6XxjmBZF_VNnzTvUjYAbeKW7WKC-sz_oK9xWPeigNMaEbBC7SwVin5OdtbVrSneeGZ51r4awNF4XCaYYw7br9OOK1amqCe-1zMjF1qhF392R1Ni6xFEbKp6mOsDrr2GGbB-QLS9GheTi7Z26pNBV_4Heg_QdvZGrZqdKQLNmK0yiDDC6d679PGhN4gw6l0VjRg7LBjaHba3YxtDr-pZu6ZPqeAUruNc_qVREMUyXzovoSDA1c85i90BTn2hIlJ433FQ3XZb9dw4Irk6CkVM2Gd1yUNyCHjxybU2cjlYnBRuFvxKR3BAAiK76QWMhhdlwzo_y7a-LThlxjqC1q1W-dk748AeHFDBFJjRE1OcU-Yhl-QrzJyOhQOhKosUDB0nSoiniGH-tRb3loTfBYHJXJEoVvp69n4H9LStel2zL4pSTIm0Uwg1lAQSbDlo4ufIlXugAX-eJw%26adurl%3D&documentReferer=urn%3Auuid%3A52425aa3-28ea-213a-5876-213a28ea5242&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=6320327863626&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Sun, 13 Mar 2022 11:31:42 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Sun, 13 Mar 2022 10:31:42 GMT
content-length
0

Redirect headers

Server
nginx/1.17.5
Date
Sun, 13 Mar 2022 10:31:43 GMT
Content-Type
application/javascript
Content-Length
0
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=49610700065596000710612011897024&actionid=981741&produktid=&dt_url=
Host
pv.medialead.de
Proxy-Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA9:EBCC_91EFC182:01BB_622DC80F_C2C2CDD:7DE1
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40028
/
adv.office-partner.de/ Frame F146 		930 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=9865a78d9e&subid=&uid=4dc75d1110bb3b3d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUhj0DcgtYuStO7GA3gO06L2wDrXN-YNX_Ni5q-UM8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9Dy2QVWanGNE0abDVLRE7uclcMwTsvQtHsUIxFLVzgbtjmfZfReMnLLpPVTy1EAV-jNlj2uXPJgQXz9gTL-45axfc1-Z2NJhhs1YZsxf5lr6w6vIhGSD3ccT0Q1QUAvid3KaD8SK0-N3DEsE6ZuMHwywopql03fFG4EmIMofRL5QEt7VNXpp6T-LxD-DRnWt_lCiWWLJR99m9ozCGW3N16WoRTU4V_WipRDl83qYFybyZ4FcqAqH2echo0XPpfoREX5CR3waeXllil60KzwRA8t3P9Cjf-y_SSk6LvWFcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-Roil6pWZ_FSRI7pT1YgQwxmSDeHOal2JqyC8P0Yr2Tw33upEgfhg%26sig%3DAOD64_0wOZl9F-DO_KVyLWgd6Md1zTIMJg%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CmbDkp3_Zrr3rxY1OyJcnqAVrmzXtzPOmwoUWuj0JDK3fKubmn5_kGmGehE6zhRnIqDFBf3QvBafOPBLewWCfQ9s2h_xIrU0SK8VpoOHgvFuFHquZHDpwEEbrtrrSdwyt2lBvtqdbl2n9RzfYjimvZ6ckuyA%26cry%3D1%26dbm_d%3DAKAmf-Dwmkjc_p0clqNpUVraw6XxjmBZF_VNnzTvUjYAbeKW7WKC-sz_oK9xWPeigNMaEbBC7SwVin5OdtbVrSneeGZ51r4awNF4XCaYYw7br9OOK1amqCe-1zMjF1qhF392R1Ni6xFEbKp6mOsDrr2GGbB-QLS9GheTi7Z26pNBV_4Heg_QdvZGrZqdKQLNmK0yiDDC6d679PGhN4gw6l0VjRg7LBjaHba3YxtDr-pZu6ZPqeAUruNc_qVREMUyXzovoSDA1c85i90BTn2hIlJ433FQ3XZb9dw4Irk6CkVM2Gd1yUNyCHjxybU2cjlYnBRuFvxKR3BAAiK76QWMhhdlwzo_y7a-LThlxjqC1q1W-dk748AeHFDBFJjRE1OcU-Yhl-QrzJyOhQOhKosUDB0nSoiniGH-tRb3loTfBYHJXJEoVvp69n4H9LStel2zL4pSTIm0Uwg1lAQSbDlo4ufIlXugAX-eJw%26adurl%3D&documentReferer=urn%3Auuid%3A52425aa3-28ea-213a-5876-213a28ea5242&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=6320327863626&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
keycdn-engine
date
Sun, 13 Mar 2022 10:31:43 GMT
content-type
text/html
content-length
552
x-accel-version
0.01
last-modified
Thu, 06 May 2021 15:37:28 GMT
etag
"3a2-5c1ab16b3be00-gzip"
vary
Accept-Encoding
content-encoding
gzip
expires
Sun, 20 Mar 2022 10:31:43 GMT
cache-control
max-age=604800
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache
HIT
x-edge-location
defr
access-control-allow-origin
*
accept-ranges
bytes
link.html
track.webgains.com/ Frame 1389 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3432255&wgcampaignid=99582&js=1&nw=1&viewref=49610700065596000710612011897024
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
21f07320c24e26e1fad8927ea34e6c82c4c53e8e235dac2e0cb8378a82632ed3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:43 GMT
Last-Modified
Sun, 13 Mar 2022 10:31:43 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1239
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame 1389 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=49610700065596000710612011897024&nw=1
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
8b4fa49a1fc6f0c438705bcb65f85d81b05adb553adf3d2a2f2837c29f5a9aa2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:43 GMT
Last-Modified
Sun, 13 Mar 2022 10:31:43 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1233
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CIDBp4_xwvYCFdeEhQodBuMNEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3006064670839.799
8019191.fls.doubleclick.net/ Frame BA66
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3006064670839.799?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CIDBp4_xwvYCFdeEhQodBuMNEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3006064670839.799?
391 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CIDBp4_xwvYCFdeEhQodBuMNEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3006064670839.799?
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
bcd3e5551b1b124d71a393467a4f48238ae52dfc3843f793c374b684574faf3f
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 13 Mar 2022 10:31:43 GMT
expires
Sun, 13 Mar 2022 10:31:43 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
322
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 13 Mar 2022 10:31:43 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CIDBp4_xwvYCFdeEhQodBuMNEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3006064670839.799?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900024.redintelligence.net/ Frame C1A5 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900024.redintelligence.net/request_content.php?s=49610700065596000710612011897024&a=442b5c9b
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=9865a78d9e&subid=&uid=4dc75d1110bb3b3d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUhj0DcgtYuStO7GA3gO06L2wDrXN-YNX_Ni5q-UM8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBN8BT9Dy2QVWanGNE0abDVLRE7uclcMwTsvQtHsUIxFLVzgbtjmfZfReMnLLpPVTy1EAV-jNlj2uXPJgQXz9gTL-45axfc1-Z2NJhhs1YZsxf5lr6w6vIhGSD3ccT0Q1QUAvid3KaD8SK0-N3DEsE6ZuMHwywopql03fFG4EmIMofRL5QEt7VNXpp6T-LxD-DRnWt_lCiWWLJR99m9ozCGW3N16WoRTU4V_WipRDl83qYFybyZ4FcqAqH2echo0XPpfoREX5CR3waeXllil60KzwRA8t3P9Cjf-y_SSk6LvWFcAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODIzOTY5OTg1MDgyMTM2gAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-Roil6pWZ_FSRI7pT1YgQwxmSDeHOal2JqyC8P0Yr2Tw33upEgfhg%26sig%3DAOD64_0wOZl9F-DO_KVyLWgd6Md1zTIMJg%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CmbDkp3_Zrr3rxY1OyJcnqAVrmzXtzPOmwoUWuj0JDK3fKubmn5_kGmGehE6zhRnIqDFBf3QvBafOPBLewWCfQ9s2h_xIrU0SK8VpoOHgvFuFHquZHDpwEEbrtrrSdwyt2lBvtqdbl2n9RzfYjimvZ6ckuyA%26cry%3D1%26dbm_d%3DAKAmf-Dwmkjc_p0clqNpUVraw6XxjmBZF_VNnzTvUjYAbeKW7WKC-sz_oK9xWPeigNMaEbBC7SwVin5OdtbVrSneeGZ51r4awNF4XCaYYw7br9OOK1amqCe-1zMjF1qhF392R1Ni6xFEbKp6mOsDrr2GGbB-QLS9GheTi7Z26pNBV_4Heg_QdvZGrZqdKQLNmK0yiDDC6d679PGhN4gw6l0VjRg7LBjaHba3YxtDr-pZu6ZPqeAUruNc_qVREMUyXzovoSDA1c85i90BTn2hIlJ433FQ3XZb9dw4Irk6CkVM2Gd1yUNyCHjxybU2cjlYnBRuFvxKR3BAAiK76QWMhhdlwzo_y7a-LThlxjqC1q1W-dk748AeHFDBFJjRE1OcU-Yhl-QrzJyOhQOhKosUDB0nSoiniGH-tRb3loTfBYHJXJEoVvp69n4H9LStel2zL4pSTIm0Uwg1lAQSbDlo4ufIlXugAX-eJw%26adurl%3D&documentReferer=urn%3Auuid%3A52425aa3-28ea-213a-5876-213a28ea5242&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=6320327863626&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
cf07f4e2b9da5553441038123a2ff2fb6312d9561dc698248f6d59718a956432

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sun, 13 Mar 2022 10:31:43 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2081
Connection
close
Content-Type
text/html; charset=utf-8
native.png
ad-server.eu/wm/pb/ Frame 1389
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=49610700065596000710612011897024
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=49610700065596000710612011897024
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: uuid
URL: urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:37:18 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA9:EBCC_91EFC182:01BB_622DC80F_C2C2CE9:7DE1
X-IPLB-Instance
40028
Strict-Transport-Security
max-age=15768000
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 731A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:23:30 GMT
expires
Mon, 13 Mar 2023 10:23:30 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
493
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame FCE3 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f12f9c973246403ba908674bd2848ac00239354fa1521217c5c103c1c0f5200f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eS+sTDDCgoXlqEMsf5Fetw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 13 Mar 2022 10:31:43 GMT
date
Sun, 13 Mar 2022 10:31:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-eS+sTDDCgoXlqEMsf5Fetw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
510
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 2DFD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030801&jk=1646061999790071&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
truncated
/ Frame 1389 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dca6b47d1b1344b8dd75f53684acb1030b705199079a5419e9db1140a4361e19

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame 599D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
css
fonts.googleapis.com/ Frame C1A5 		1 KB
419 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=49610700065596000710612011897024&a=442b5c9b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 13 Mar 2022 08:50:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 13 Mar 2022 10:31:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Mar 2022 10:31:43 GMT
/
hal9000.redintelligence.net/scale/ Frame C1A5 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=49610700065596000710612011897024&a=442b5c9b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
7bbf02d07a9047481f569d2705cd1a395da1c314f0b19cc96558ba97c132b6ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16247
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame C1A5 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52113/creativesup/TRG-march-panini-games-banner-1200x627.jpg
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=49610700065596000710612011897024&a=442b5c9b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
61098cc685e1ee432a4f0898efcc830dd9375b97788ee674519c774e418b6361

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
15217
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame C1A5 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=49610700065596000710612011897024&a=442b5c9b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
527b4867bcc7b8a38fac16fea9cc147439ccbe2bb0e23d194e152d1f8d65d154

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16530
Vary
Accept-Encoding
Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 3F7E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CqcvRDsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoEwwJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC9ALimupzSGx3o_2QVmGrMWftIsRDNscC4UGHj9-WNMwavjB13WN-AEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTQxMzMyOTU0NDA0MDk0NxjBjHQ&sigh=xVLhPC982y8&uach_m=[UACH]&cid=CAQSOwCNIrLM1fCF1lfqcNdgt_VYdzo37thKvY29nzGJeQC4g9tPk-8F33zB6ReTp8ORYDne1p_ZdQENs3vkGAE
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 3F7E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gsjv5y56kqpqrv5j270ejcfw16gmf0ncs9deysydf84s57ysm0hw1zvrvscawjbyemc02sm41vt4ed2a9194eh7qbndejjkfwzmyn8b9vjwen91bke4bvjbtfabfenxyv5670zcs65qt5ys9q1dvzzb860kwjdd95qhjqjnaxv55xa1tzb8y2j8gx67yfdsfdwz5j9ahympmeagraq229cf13p6dp34ge7g4bh8eq4r1wae43g1vbvagma388gvqesbwnwdj2sndpgjt9jjsahqwnh95xae774be7753ch0z5vwrb58mky3ztemy3z0qvm8r2xkm2x5gs4688n3g4c63twhxasmq2470920vq6qp4df037cw66zxdt8ghcqyapgv5spq0fx9t5jv3zthywf0zryyrth4r&b=Yi3IDgAN08sKd8GDAAnIwn70GCsqXAI6F1P58Q
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 13 Mar 2022 10:31:43 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame AF83 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1h3evfgqda3erpwq2kg8pcv11npetdqpr79cfkev0ckeg9gx3sc9e84p6g4cgrb45nw4v2wmrkbzr9wwgsn0d04vvb6xfbcz9wp16yxssbbd2xf2na7hczbmk834vqyeyg1c9dxzeph0twv9tgw1wm8rvs8bvpe2r5ejb2egpv1j2vvm5bam7k1qy45d4qdye4ahs7tey8mpp8wsaty92jaxcab2ts9gsqbkgk3smra3gmcdbnk7dfxr3dz3z190gmpbc3x18ghgkhzzgs4zd81nccrya09b7x71mnzg1m7ty6rqe0jtd07xscqxbzxrxr814crpdv3dgrqs4ebkjn12ex3z10fbvewhqa2j3e61n5r24ap4aff6e9f67tn4mwvzvfepxncme3z8pw5famrberrjr73k8ctmfmf7nqe5xhcffpfw8qec39yzk1jjbn0g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%26client%3Dca-pub-5413329544040947%26adurl%3D
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf8731cd02a2e9466c545c3b8a76496a9550af2816014533927223bbb51cf2ce
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6eb419ff89178fe3-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 3F7E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:31:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 02B3 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Sat, 12 Mar 2022 13:26:12 GMT
expires
Sun, 13 Mar 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
75931
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3F7E 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36343
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646830771070120"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:43 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 3F7E 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:29:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6397
x-xss-protection
0
server
cafe
etag
14404976697706490601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:29:53 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3F7E 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 13:19:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162743
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 11 Mar 2023 13:19:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8DFC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4MztDsgtYvLjF_64x_APlPqI0AsAAAAAOAHgBAI&bg=!8fKl8rbNAAb7UztL-1M7ACkAdvg8WoUW4t_sR6LonJsiViL71TnCtHmfLgnYyqXydcOJs9YPLS5oQgIAAAEpUgAAAAFoAQeZAyyyfgvj5zh6a53yMwbUw9jdS3CgskUsyMG93kL9l8q0DTH-JG3-1QPzr1cigMTASh47T-JVYCXjUnQ5pPzLA-p3ae0_dyoGItFyPCH555n1etNgNJsydfox_870fIGlNC_gnwdwNGXq-VHJMOmLmoGgbKLnlPFJ_vd22hTGXC1KA44k5iUG11GiKtntbrNMKCSGtUputwQ9DrMACxPz0_pr9OYWKA3ibiMt54uhPh1ZkWSsWpHovfht1TS55YYZuimgknzyQDZAdSC_BFAkHETgmGcysUsJHsppu7-EhmLy6UQ5VPkmYtX9Gq1JV90bl27YGMxdKtbrpdRH442K5aTb2Ewe6es7VUGTHMWzvHm1r3cVfK4DgtmQHnVuiABBYt4qJZnFHZGGMIEzf475plvYm0NPt1-YnZmJARrtZQsQFm7k8bEUr-_RNCldYBCjkYK9Vh9cO3HMmZdABJaKqyoHRinG0CSxkxqdcFexR7n67-p9Fab8oCIRbaW29SGg3MXrTaUamWelQs7hSNU3TcpMIsw592hlv0yFGZ-Fn475203Kl4jeeRUDCxc0ASKIVmSOr2TSbzDQRTZcbNaueRohmh81ZA_mIm33y7GmE-9Ve4jC-vS5ntvEz_Iv_SWdMa7XJWlz1PprxB6B7HsKCGgQiArzjP1HJ34Nix6hvg_bhUO5VTxFI38H91TEiA-0wzgmngk6fzWwNA6k3KE12jc2v85u7-_NB35DNeYUSlQjwy1jUvc3pzNfwP117IuKbASgMmG0NrybAganGeBFl9qwwc88OKzydZ3Wz0QF6Oa_WB6qjd-H_VXBYVKinA9P5E8i5-XIrVhFM-3S3mRkCdDUToREospXkn9Ryko8ix_WQps9InzhehQl0x7UtfNZ5oaR-i1gN0D2N1_TUMEfJ_YLX_0SJd7vjYJOnLt3gDahd-P7pgpM4P7UdRvX4uD4P6ZiS_5AuUH2s6jcU6qGpW4R1BlMzOIrGJoXTcwYxw8m4B9Sne-T0yj77wTjvUE8R-g4fl2gDUW6BN-wsAYLZYnk28LYiX9uA02mWqw5GCT6ics32vV7I3W_wC8tuQ
Requested by
Host: c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
URL: https://c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CL6Io4_xwvYCFdAaGwodeIUCzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7253340165675.943
adservice.google.com/ddm/fls/z/ Frame 3188 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CL6Io4_xwvYCFdAaGwodeIUCzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7253340165675.943
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CL6Io4_xwvYCFdAaGwodeIUCzw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7253340165675.943?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 58F3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:31:43 GMT
expires
Mon, 13 Mar 2023 10:31:43 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
api.purpleads.io/x/a/fb0fd80144dfd0ee2f04265b273539db:66d14c4ac13062f832c1780ef07f62c41bed5caba8991b69918c3acc0c5368b4ce3d22abaff21b37a8a5800cf506df9130e8ce22c5c2693d6817f4f77dd8c66ae6ae40ad2ebba34... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/fb0fd80144dfd0ee2f04265b273539db:66d14c4ac13062f832c1780ef07f62c41bed5caba8991b69918c3acc0c5368b4ce3d22abaff21b37a8a5800cf506df9130e8ce22c5c2693d6817f4f77dd8c66ae6ae40ad2ebba34c2f7df906a1a62949e454ea7f3bf319917a94d17b3bfbaa0dbe4c92247c1995389c9b0454189d9334628dcd5f8ac7a5274e1f9eda842b071a70d591a5deab3f32340fb5ba8514a7ad/i?id=3709af26-0fb8-4fbb-ba6c-cdfc1bfb96d9&ts=1647167503343
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
a72d9b1d-04f5-4aec-b35b-bb1f33180a1a
i
api.purpleads.io/x/a/fb0fd80144dfd0ee2f04265b273539db:66d14c4ac13062f832c1780ef07f62c41bed5caba8991b69918c3acc0c5368b4ce3d22abaff21b37a8a5800cf506df9130e8ce22c5c2693d6817f4f77dd8c66ae6ae40ad2ebba34... 		0
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/fb0fd80144dfd0ee2f04265b273539db:66d14c4ac13062f832c1780ef07f62c41bed5caba8991b69918c3acc0c5368b4ce3d22abaff21b37a8a5800cf506df9130e8ce22c5c2693d6817f4f77dd8c66ae6ae40ad2ebba34c2f7df906a1a62949e454ea7f3bf319917a94d17b3bfbaa0dbe4c92247c1995389c9b0454189d9334628dcd5f8ac7a5274e1f9eda842b071a70d591a5deab3f32340fb5ba8514a7ad/i?id=3709af26-0fb8-4fbb-ba6c-cdfc1bfb96d9&ts=1647167503343
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

access-control-allow-origin
https://nets4.com
date
Sun, 13 Mar 2022 10:31:43 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
6de49936-a4a1-46a5-a8f2-020c3b65e276
gtm.js
www.googletagmanager.com/ Frame F146 		83 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5aa62593f059da36f7a9c7afabb0e0b9e6d35b60340684d40672e36e7205b4ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32743
x-xss-protection
0
last-modified
Sun, 13 Mar 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 13 Mar 2022 10:31:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A6B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030201&jk=419646701581709&bg=!zM-lz4vNAAb7UztL-1M7ACkAdvg8WrKnLidBPomgy8EEMuNxZZ1SCUmBRdtnDW_Qky5rsjzvWIXcNwIAAAFtUgAAAAJoAQcKAF5wyoeWJpX5ydDnOEctO12I0ABk46ABAxzo9VRlt6pkb22_lPQBQjJPxtrLFwTD8KtWYnbXYPbMC84KTvIfLV4BEPh3pvx3coO3QPpm-YN7xjmZSEPxajXF9aJT9hVrmQLdAYDR5Miww2dg_a-4bsukDBJNymJgIjN910FjV4HitQ75iCQpgWMNE4M0XZ5f9A--6DGdcAeUO1Z4TIOyEzRwzhUJ8LtdM5pn5SWBGkYHcDbg9RNHblwgYYkguFtAaQOWtR5MFFR6pZHi6e2PAqoadJeUvQz6l6qDqHp4xd6BssBmNfAQiQG4I6LaKv6dRQt-0C2-NjS7k3S-MYIN7FnfeqDg1bppRC1F5LGbfWc0MXdb3KB-PGRyArRYMvwGpYJPdHn_kJOnXmBRU-02wEMXMUrSxjWE2AmodXEFWUz0Mnf0FsPw5JltEABkpA53fmYMkpwpCN23SlSSygLDoQzt8Jj-iYNhPJqILoQBsWqNnIqVLSXgZwgJXxKjr_Cgv70wzU1IBAvNz7HZwPHCNVJtGcOkyKq1JaJO4Tbz-wmgr8iWtFe1OSiJGoDCkAWuw9bds5r6kwBDunoT2c7yfWFMAujhloeVPmp6Yzw05yQM4x1Nf7ZFpauUfNFwQd3NL3jpA_k1lHHLrC5i5KT3toiicKN8Dnn7YKapoLm-bJYO4N0xGeDJNYJNNMG9Y3KgYybSXVKJLPNiLEQkaVK4ZzcJ_J8-9D7UBNhbDPHaLBMYa75Z6usm7YNX_8cxGgktrssTSwFhMwLE-EPStCpIMC3RFwouYlxoTYgRZOLvKjsXb2_JPmaH5Mq8OL9VSuPxtmCEzi7rbsb5m2OIbNp_mz6m6gKaCj7tyvh8-lEOULGyWnqiV8c5Svde5D3dWwsEjGfJ58l_vjC6X5avM5wx4eYEg_ZzL0vobnJ40Y6-QCRH6Cu8qkRhZD05T63UBqn87BZYbDNKDjGcqDFY5b7oVN72_JYRuKAH2_TuIXqn83vfVCLs2lr-rJnfbATeIYoh-Xf1rKyvzmeR08cTzw7JvG7buxnJicZvTN5T3mLFxsChQmad8wM5SmL9nt2w8i8lg1G8Ap480J84ZSsvafPalw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CIDBp4_xwvYCFdeEhQodBuMNEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3006064670839.799
adservice.google.com/ddm/fls/z/ Frame BA66 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CIDBp4_xwvYCFdeEhQodBuMNEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3006064670839.799
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CIDBp4_xwvYCFdeEhQodBuMNEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3006064670839.799?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame AF83 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h3evfgqda3erpwq2kg8pcv11npetdqpr79cfkev0ckeg9gx3sc9e84p6g4cgrb45nw4v2wmrkbzr9wwgsn0d04vvb6xfbcz9wp16yxssbbd2xf2na7hczbmk834vqyeyg1c9dxzeph0twv9tgw1wm8rvs8bvpe2r5ejb2egpv1j2vvm5bam7k1qy45d4qdye4ahs7tey8mpp8wsaty92jaxcab2ts9gsqbkgk3smra3gmcdbnk7dfxr3dz3z190gmpbc3x18ghgkhzzgs4zd81nccrya09b7x71mnzg1m7ty6rqe0jtd07xscqxbzxrxr814crpdv3dgrqs4ebkjn12ex3z10fbvewhqa2j3e61n5r24ap4aff6e9f67tn4mwvzvfepxncme3z8pw5famrberrjr73k8ctmfmf7nqe5xhcffpfw8qec39yzk1jjbn0g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1h3evfgqda3erpwq2kg8pcv11npetdqpr79cfkev0ckeg9gx3sc9e84p6g4cgrb45nw4v2wmrkbzr9wwgsn0d04vvb6xfbcz9wp16yxssbbd2xf2na7hczbmk834vqyeyg1c9dxzeph0twv9tgw1wm8rvs8bvpe2r5ejb2egpv1j2vvm5bam7k1qy45d4qdye4ahs7tey8mpp8wsaty92jaxcab2ts9gsqbkgk3smra3gmcdbnk7dfxr3dz3z190gmpbc3x18ghgkhzzgs4zd81nccrya09b7x71mnzg1m7ty6rqe0jtd07xscqxbzxrxr814crpdv3dgrqs4ebkjn12ex3z10fbvewhqa2j3e61n5r24ap4aff6e9f67tn4mwvzvfepxncme3z8pw5famrberrjr73k8ctmfmf7nqe5xhcffpfw8qec39yzk1jjbn0g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%26client%3Dca-pub-5413329544040947%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
434505
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Tue, 08 Mar 2022 09:49:58 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6eb41a005afd92ad-FRA
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame AF83 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h3evfgqda3erpwq2kg8pcv11npetdqpr79cfkev0ckeg9gx3sc9e84p6g4cgrb45nw4v2wmrkbzr9wwgsn0d04vvb6xfbcz9wp16yxssbbd2xf2na7hczbmk834vqyeyg1c9dxzeph0twv9tgw1wm8rvs8bvpe2r5ejb2egpv1j2vvm5bam7k1qy45d4qdye4ahs7tey8mpp8wsaty92jaxcab2ts9gsqbkgk3smra3gmcdbnk7dfxr3dz3z190gmpbc3x18ghgkhzzgs4zd81nccrya09b7x71mnzg1m7ty6rqe0jtd07xscqxbzxrxr814crpdv3dgrqs4ebkjn12ex3z10fbvewhqa2j3e61n5r24ap4aff6e9f67tn4mwvzvfepxncme3z8pw5famrberrjr73k8ctmfmf7nqe5xhcffpfw8qec39yzk1jjbn0g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=tEZe3A==, md5=Jdq10Kok9oEWJwphx1gWLw==
date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84597
x-guploader-uploadid
ADPycdsr5n4kU1rNLkiSrbRzdMb-9DabWoAfQTOrTOqZ3NYXVgPrNi4N3t5dVkDjvEN376F-ekn4TmbIv9GEx6HzMco
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Jan 2022 11:00:45 GMT
server
cloudflare
etag
W/"25dab5d0aa24f68116270a61c758162f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMOC3yZqVKBcCwpzUvNgUP8pKenK0uEoM5F0PzWy4QPGbJMj9rFYHiDuOz4TpWy94qTOOwukC6KeTaIW%2BPo4uLVWNNh%2BPB85BQve0fQu42hn%2B0C04ISKm2ktRwuWg%2ByIH5Gkqqc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1643194845770575
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11870
cf-ray
6eb41a005a4c8fe3-FRA
expires
Sat, 12 Mar 2022 11:01:46 GMT
viewability
hal900024.redintelligence.net/ Frame C1A5 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900024.redintelligence.net/viewability?s=49610700065596000710612011897024&a=9a8a35a8&vb=m
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=49610700065596000710612011897024&a=442b5c9b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/request_content.php?s=49610700065596000710612011897024&a=442b5c9b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 54FA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bt_eFDsgtYpf1BfeQjuwPxM-G0AwAAAAAOAHgBAI&bg=!bW6lbirNAAb7UztL-1M7ACkAdvg8WqmILPAy-Sxev6wCjjsvO8ZxiHw7kWum6UZaEFXC0Jwd-OGq2gIAAAE0UgAAAAFoAQeZAyF7mc64n4U-Xg84nS63UjOcHqeeYw6gy2LOVVtFIrm4XuWLVizAI5JJa1eKFz4uBOdhOxiLff-prpY0ONgOyit_HN-zw53nY0CS4Zeojl_eWkZyK85YgJe1YaoiY_7G9Z06osO1VzNkH6ZiQCVnOAbVzKVxmXnAelg3IoMhNijTTrGrj_I4wWwJTDFSmz_uXrayBgybHsljCH0ndd7TCcouKKGpw7a4jkkfcYplXtCANJLSb-c2pM9Y3O2bOavLs2H953oddDqgFFeWcJqjYikcPKEM0s7spWRilmBbum8o8PLvl6iKjAe_u56cmo7Ud3noOkzmSv32k_AZkzhmy4GvY4TXsDbiSSfSxLP1PVXndikFzk-EpK2OIIAWnjn4MODcSal7OpQJqeN2gBrqTZFRv-nRdmgASSaN5a836UIA68j-PD7w0LxDSQi6K8VNM8g_RbpUCFLQUUETb1svN-d6UBsiBzKdkm5yIwciWXbcHBOExxgAQ4N5FnlDKJJZgpWZUDsqzrCTh2xOD-TTnaxWIv53_L6uNgOWMDnyS_jo0FDw6y_5ehBDVEDRwmh7vzvVQwyBly3VB1q7GQv52I-457O5c4lrKdsJHO9beeO8Pk8yGFY9LR-4ATLzJwQUPCzRi4DTIsFfUHHcLMMfNBOV7tVab1jSq4RdHAg9OkUr-Ml5OPnyH_tTgczAjlbcFI0egkciu-G34XTj0QVEdTPx3wUsXEBU18UAI1GwCDUF4E-IBahOk-DVeV1IEPUIXdt4_gI35QkftSlwFGm40MDf6Z8dsB4kYfL17W6SljwmbIozUCC-B65XIGadKq05Qg7hx5ZWKCwvENWqlMC9qjbLq_qS-biYsk06lDX5CcbRbWkf88iYp9EHDaFC2iNnvM_A8X3CvAliJ2OXHOZ6x1kSRTflL1WnJdnwGkrRQCEvW0Tdq3Tu3EgNKYCMf1UbYZHOXUA2z1Tlz2wLDL7qOhEzK7Hcx2T_GPmXR7XAFJlG4Cgo8IjgDxrfMlvu1cvazQEpX1aEaEwnCA__ZDrP1jVfW3M6JhkDSp3cdCvJUWUEkjk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 468F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030801&jk=3217454138234025&bg=!MzClMHTNAAb7UztL-1M7ACkAdvg8WrJcbihNdVfKSCyz1M3rRXqPy56ijZiZu0cSNHFJvliQENybbAIAAAF5UgAAAAZoAQcKADEHHxmlmH-7rFaz-RAHfAC6Paz4e0jqCO8H0jMPD8X8zKJvDHcsIdAcC5GDtfxGqXr8mQLgFlh7_qUTlK8y5KlpCzIQ_jaZquonjqT9uHhtihn4OlYLwyiVdYx62pxZKuQbfxztNeEVE9mh3FFQDIGI0SBQHrCbzJe0mcPUhHWIlfFbbGadXeJib6MYFT4_dbw3WZ41RgiFcCdhrmqaig6uZIgFqiVbgv-A8NvKxRDSNDQzIALqIZYEAZBlWViSJQ6AfudpMl0ek920_RjUpBEFbiUuICROxxuoRT9Afnc-ol8kG0GAzMISzYuUxsR0iPB3QjBVq79rENzYfIlVwQY5GZ2iDEyLuzoA69mxy1h49bEumV3brPdh3LwVvgnIyey8p8C3TVjtRgIuArxTI4IySUAyZzD0BLi0-El2sGk5TAOMEiLs_jNrVX9WtT3KN5mitolYBzpsCb3H3id98N2NkKHQjJ2vuKsYR23N2REic_ASTCpaP15CawLpoU9iUCk4K0i_fCNH3G9_U1iYcQXXpujLGU7ZjqtL-B5On6HT56K7vGsWu8zFeiFHctcxU9xc1JGcp7lYuguAbD3l6Un_jj5Is-SqMJm2HXtD3TomcmTh52MEn7UQZ4AcQ3OF9wfnRGQ7g8oS3oRPreBDas1ZxpbIIt7K18SY2EkvYb14PQPlt6NUgkMHQkHZxOL9A_DJUaYAyLQnf85jqBJYYcSC0x4GyhRayorMFAd3TTN1GjAQi8hXrmliTYZ9kTenDIKhT1-EKt3QgrtYVeqMKpvfUU0hqwelFph4cIeS6k49v-Pn9iUfDXt-wc-rSpZhmVtbulc__Qiw88fDtdNtQS03mLtdxX4dCEmYmaZQskYlWCig6a-5hLf-477cWfpwv4QrdUkG2Zk3DNSg8lUN0aVHy7xZ2Hpvlg7-tfLkgKNvG4kTzJy-KnQzNzw3uErpTEnfHgzYEBEB7GABwU8vwVruw5YkXXvp2wgI8AekbjD9KYqd01ge9FkM3vAuu7_peQRc2oqoVFrqjcFwM7cFWP3wWoYjcw
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FCE3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030801&jk=2612437989791563&rc=null
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
viewability
hal900021.redintelligence.net/ Frame 035C 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900021.redintelligence.net/viewability?s=28434000045773100757585011897021&a=ee9f4a81&vb=m
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=28434000045773100757585011897021&a=3497a78c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/request_content.php?s=28434000045773100757585011897021&a=3497a78c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 035C 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ Frame 3F7E 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d970eb0d01e5cc2cc4d6582c21de247cc49537cbdc5ac5bfe831f91b185b93c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame D687 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030801&jk=3329168481610479&bg=!NDelN3PNAAb7UztL-1M7ACkAdvg8Wl4e6BIZly8ROG6gJ7PxnHhkjBXdca2VhJiYRT46virkPXuOgwIAAAGHUgAAAAFoAQeZAvb7-RldjhfpjDz6TpShwefhNjQB8iILFbY4xULRZpm7l-d7oPsmkX0ax_-3YriqMalcY1_nURXH6NqqGttc8C4Umns2t1IAqzINZ8d24y2m7IaKgZBXJyTNWqVxRbFc4OlmxqfsoW16JeEpxiQz7kuzz5luxWGFBSA2Yk8hDoV-MKZSpVEztKkOPvlaJsg-wql9x4VPJoh-0qkwmi10YSmXqlur59ruCxNMsUo5bLlNft0nyT2tFF_Im2mKq64EzRQw_AOPqEwS7s1AdjE_Axk2a7SKrpl-Qv29wQIGA8YXK3U3R5-H4Sl3osnSLnYqUkCjwgW94wfJKGsawxkd4u66xEIBIhT7MEu0IURoWmToE0x15icr0ZkwHoCbbCROzVqm708DytZL_J4ooIeSDMkam05ISiNyXItdGekvDm5GhDSJVoNUz78-byyHzjRB53HFl-Fo1Z79pv9gtEDY1nWkvf3ipg3xGomtjNvvRCQjOrbGarbfpcV2LrmDrc65pN2NGRDvUVMKl91LBELBnOTvJkSCBwueEGrzFq4xN55vkKFXokgr9R5WGF0jIs_rS_IZnKk7i3_DrQAgZhQs9JVQjAzCbmI1c-WGjDydH8U0YS2sdzpVk2uMBneTBWv3NFkLpnj7LBGgqk81Khng4Y-vJENL9_XVYTxF_WYBTPatiSAkwbp6PjgyEpJn8fnxe5PqwKh9REt5JQatXNGuYt1ZVx7h8q_Q98daEKfDbDoVr9vLvsa-PViDnBNEIilS41TP5lNDa9negIbOuWXh7j6tHqBM1bbWE3sHFs8XOw8D6NnKZoDTDIieZvXlL5VXW0bYiIedKwW2PCpZYaD_3z64VARHVzyeLvHf_IPvvXPqP47h0wJGaJ5fqq_iuSbwF19F7-pFIYO0vpZFAfuR07Cq-ZY3zmWjtHHnr4MFycUJasFRyIgF-b0XLDMRf5ONhLcjS0DA3mJYjeq8fL9q0dv0NsVUdnIDDWs18BJJyxK-RAtXCHV55g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 02B3 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGDWg58LHjmB3HANPRShags&google_cver=1&google_push=AYg5qPIaek2suXL33eLQtsKgL6FjR35oWqy5y6sjMQByN1_RzdDOI8w54mJOt-OKBaQwioM8f9X5YzYYDIKrTB96L2PIO_NZzl1I
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 02B3
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBsOVFFJwgwK6eSL4Pc7p1A&google_cver=1&google_push=AYg5qPKSi5GBzdNljXDHdL9TkMQJKFfKpXqeR2Tv4nM9tKGxZWQBp6evl17Uk41e7c9qEuDO04d7X8rQp5siDrNzSvf88vf...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKSi5GBzdNljXDHdL9TkMQJKFfKpXqeR2Tv4nM9tKGxZWQBp6evl17Uk41e7c9qEuDO04d7X8rQp5siDrNzSvf88vfxwCK4&google_hm=ODkxOTM3OTg5ODM0Mjc4Nj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKSi5GBzdNljXDHdL9TkMQJKFfKpXqeR2Tv4nM9tKGxZWQBp6evl17Uk41e7c9qEuDO04d7X8rQp5siDrNzSvf88vfxwCK4&google_hm=ODkxOTM3OTg5ODM0Mjc4NjcyNQ%3D%3D
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 13 Mar 2022 10:31:43 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKSi5GBzdNljXDHdL9TkMQJKFfKpXqeR2Tv4nM9tKGxZWQBp6evl17Uk41e7c9qEuDO04d7X8rQp5siDrNzSvf88vfxwCK4&google_hm=ODkxOTM3OTg5ODM0Mjc4NjcyNQ%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
dot.gif
s0.2mdn.net/ Frame 02B3 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEGDRWr1Ot14SxIhBK0kw92Q&google_cver=1&google_push=AYg5qPL0RXOcmgfDLZoVrNminxN8JqC2vQsCxNbOk5FULUFY8SVv6utEZqyHlHGr7tIJ9DKqLS18oNEOvUYKCLN-zGEsEZ1asi-4
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 14 Mar 2022 10:31:43 GMT
pixel
cm.g.doubleclick.net/ Frame 02B3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJmi2jU6klHhn74MCggbP7U&google_cver=1&google_push=AYg5qPJYU7Hq8fDL401WuXsE-8MzxbaeqczsWAP5VYUfsFsIyHysVcA6gIXoRyXC9bb1gCaERewDlsY9...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJmi2jU6klHhn74MCggbP7U&google_cver=1&google_push=AYg5qPJYU7Hq8fDL401WuXsE-8MzxbaeqczsWAP5VYUfsFsIyHysVcA6gIXoRyXC9bb1gCaERew...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0NjI3NTU3OTk0MjE2OTI3Ng&google_push=AYg5qPJYU7Hq8fDL401WuXsE-8MzxbaeqczsWAP5VYUfsFsIyHysVcA6gIXoRyXC9bb1gCaERewDls...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0NjI3NTU3OTk0MjE2OTI3Ng&google_push=AYg5qPJYU7Hq8fDL401WuXsE-8MzxbaeqczsWAP5VYUfsFsIyHysVcA6gIXoRyXC9bb1gCaERewDlsY9ML0WhGREhyvq3GOgfzbM
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0NjI3NTU3OTk0MjE2OTI3Ng&google_push=AYg5qPJYU7Hq8fDL401WuXsE-8MzxbaeqczsWAP5VYUfsFsIyHysVcA6gIXoRyXC9bb1gCaERewDlsY9ML0WhGREhyvq3GOgfzbM
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 02B3
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECaVOaymelfgeYrYconjxb0&google_cver=1&google_push=AYg5qPLQFev4h3kO2j01wGyshaNXpEi6FVdWRLB621WPAReuR_Qnd2xkJJDi_nYrKHf0wlwa2FMAcBJ7Nkevc4wD...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLQFev4h3kO2j01wGyshaNXpEi6FVdWRLB621WPAReuR_Qnd2xkJJDi_nYrKHf0wlwa2FMAcBJ7Nkevc4wDlxeXh7aqjiU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLQFev4h3kO2j01wGyshaNXpEi6FVdWRLB621WPAReuR_Qnd2xkJJDi_nYrKHf0wlwa2FMAcBJ7Nkevc4wDlxeXh7aqjiU
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 13 Mar 2022 10:31:43 GMT
via
1.1 3588568928e677ce9bb8aedfd6e0ea04.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
TXL50-P2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLQFev4h3kO2j01wGyshaNXpEi6FVdWRLB621WPAReuR_Qnd2xkJJDi_nYrKHf0wlwa2FMAcBJ7Nkevc4wDlxeXh7aqjiU
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
lbkWK7RunZwyvyVbr3dbRAabMwrWsG6-1haDRM_8l6vAU-xgjwhPQg==
pixel
cm.g.doubleclick.net/ Frame 02B3
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEJY1tLtEy-9ksqRc5cMn87A&google_cver=1&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
0
0
dot.gif
s0.2mdn.net/ Frame 02B3 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEEmccsdUEI4BhjEHQ2SR1Dk&google_cver=1&google_push=AYg5qPJP1bZ4cAfqCv5hAWhBEB5RsejcI6MZFoOJnt0-nzz-DiwtKiuogzCpAeeD0Cky1_vkYrtAzReciDWiAfQaDTiEk4h6B48zCw
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 14 Mar 2022 10:31:43 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 02B3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LOgtmHuv8fm2kfBXdNWikOG5TbShRkSOiTmdrLVh_HLKgq9MpRKVvk98B_QHHCYDoFIS7QAQ
Requested by
Host: 25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
URL: https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
googleads.g.doubleclick.net/xbbe/ Frame D643 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVNNHPW9elobr4_tAm76V7jOGi8PYQbnfQQnt8Ckm0BOvREIIxbYh96DkNV7fwjqBXLP2U4eiR-JtzblphFW1J8g3IsTPA4tJDfqS5D2POATwjWAavwWL60TU3QvsiO12F_CDl5Kpa1hfj8Bf-CWojO6AwxW-kEISSsvlJPscncgNeliJg
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 13 Mar 2022 10:31:43 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 58F3 		27 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ds2IxQE0Q5Fwzby_chYMgFPpwytYHgmNbYmzvHOcYwQafkijQM5usb-bq4i3RbKmBBfFiJMchUZdldRxCsFjdzb8xW1SPmJcSrCzzIhSMRwBopK2YSm3kIGq89z-E-Gr190IgR8gEDZq7gGMP62oQpC_Tx0Q&cry=1&dbm_d=AKAmf-Av9Mj7sxmb4yVZcbid1w_cTWuCFqF0NK1pBKeWDoxfwCeT_h5v2J7q3AZQd-oW5MrMVvD3xN8bQe6R6ujpB2TrN-rgQLidCpGmYrxM7cYVj_xBPrZ7zoryxnEHRYjnsdW6cKZTUvIY80OyeZAGSd9RcT7TBEDz_ewtU809lb6Ak91wBP-xX0uDY1VVzLvnmINa17hp0lCDzuTqIy7pHs-GDuy6MZqiFwsAt9bATiZS8yooHrDtjBau5w1pdTlHikgMAPbEkw7xOneXYCbNfQlOydhvpI9Dt9SEl60FWwkI9WeZI2O1a8Wl9ZhZoWmp3uDLNRt7V18fT8QkshbTQSyOEcr0LiItyR5vRAMyGTotvSghhPBGYVpj5N9DeXZ7RLVLsxqDmMYG5qjccUsxQHrqYoLNjeyBr8rTCTt23oGTgnpsm3UeSj7aTJ0kHbkwcfoB1_VvQXo0KyApk4bg1jf82BCOHzjav5MHuX6dducJMygTjLpwp6JEUCxwxMhwM39K-gF8nKjdSPPBkSwwDPxN1abfFcO9C5UVo1MZFo2KTuXGe4LZya2ABdRGGiFlK0f_BxlEnskMDfXiFuGaOaLnbyNQ5xkThX3lCZWgB8QGV29LqHkJwxBRHNPfK1aLPSK0MujLye31PeWpcA1XPQsqd-o97Z9fT7Upfa0dDP-IbwN-GvkRQx51j60RDZOIciRIvF-G6fSkkBKI5R80FBbUIn9yg7OxYiJ4CVPk-DP1oLbl-0nhXknFVfvQ_GLhkihsZ88PUuWMbxOU5IxWcNxxp2xadAwiX2Zo0PD3vjcScf81halr1BC2ZIawAVRtsJTl8f824gDlsVG60gPOm1EGOWmPzfPTYru0DiZgg4XcnMLLlMPFdUrAmXkrBKS4BgiKs-KGlQfrARRQsG4YmCmO0tr1-hSRXWg1lo-UP30AxfHQLHiTiLEyftvu5DThoQoJMYuAmSNmamDFJuqi9ovo6wypOJwH26RqyzgV2XkGCikgOJl-Gzo8vx96mi40KFwkLorSY6pGTDTIBfYX8_j0j7T3k8fjZU-X8k8jQbDjpymGXF_Ap9VYExA1sBln_jUOn7IAjoQOW7uh02gzIzAbTMTqJsXPd6s5xz6V64epE5pK4d0tFVVeaDQSTYdPCld43_AzfjaCJM2u9tPEfcjFga9TFn_KQTNKH15o5NgiXFcNvPmEf-WgmPE1-flrzagKIsoall7Fkf8qgNw6G-0ZQGFJuhPm5Bz_uHRd2uNFOahfe4oNhREZRlPiAQX43Nx2iNboSsqyB5FQT3RoeonxV1Osf2g2h1K3Nelfc_UwGCJfJ-2CAtLrnSImqEeFpFA-EHS_eNp3ME8RHdkCBT6rbePkj4ksyiwdS7O8tEVYu1XM0xtEdfojHmK5WDvjN-1Nod--fCqHHXqgrOdaRhbmaiJNpzVKM9DIjf-avftPlraMBR7ORTDDkYFwXgg250-FX4SMcMjSgzumZpAYz7Rb5h3rhiCZodVOqQHmg4u4wuGBgDoaKoJQ8A8bsAU6oSB0j6StR1qK4R9tDTJYFC86y7nz90cO1RJIfyP2oZxrB1hOAPMnjZHtR4LAdomZzr7HJr1uI6Qe39O9q6Hziu3Q8YSgRzR7HVRF0KHsCvKMf3EL7kvgGMRAkJ6mxNR70-Nn2493-2_zuCyXAep0UEz3E0iPV5MEMMg7oSFEu1mj2Om8iIUPIOFzshwN2uXWggkqmTfh7TNSsCnLJSEXBvbri5psIazBfMG304_xuwHmf4sE9zTExS4ndnmmMZsyivKaH8NfjJIl456qonBWRdXs3OJUn8MM5cwpYvnbSeUu_aR6hN1Jv4IaIhP8MtwNBW5jwhrQlRjeV4Z4PvPZk71mFgyBQieecllFm1s1hh4ggF5hSb9UUN7fC6zMJpbNHPeREn9TM6VDvQNSmCA6nSI_QLQ8GcsB7CHsTnmSAHa98-bLfAFWtSw1wi4_c4jfUVKpatmAoBzGTldtLsjBjLOpznq4K6Rb93ZerzBRqTkaw1KOTh5MCyfbBJj-0T44WC8cAydzzqX2GQ-scrlybkZDc7pq2Vv2Yg9xhbl28rybO37qhrcRSD5HgnW3NHb9qi0c7CVGZ1nwApkkKXHXFItgiAHXoIRh1VXJvFysdhzYjY4sAAfbTeRkFTk8tzJL-liKDCafbPQtH47ukSjes1cFfhW7t21HfnY01v9j6i7PqwhercAl-gcSyPCge4UGMXRyzMOEkOnhQv3o36rO2cZLleLdeJZSo2fAxetGUA_zIaehxG62vwBKC9EuicS1SMymdts7zU-nPrRLW8ZPnM_gDbfEChueUODtuKg_IJasgbihzFQvyxq43pEll6ENM77huIswrfJWpVoLV_H7cF4LRUFBh2-DzG3Db3GuPnH4pB-UzYMhQ37kQhovYqT2jphLx6_Ns1agU79VETJICPfHP9XoLcGY3fO7Tw4mr3yxNuW6MxykT-PnhjPbo3BzdsJBDJHaOQsuNfMARWKkRxCWq0aju_i6jwMAVUkGjvuh14PzTYnnblbGKsZTdewlx1oIyV9bOjZvWcJrWgeypOGaLZcvMmGH7vi5JkTo1Zi7pH2aKNZeq7XE8gVxgMSogpwqFzEGHDVq_lJrtvbzBf6uSRPYYsgCo1Q_os9w3Yu8FbHXVL5opiOgXYcBODMvPZNDe2tm5ARBsgLpnwCz4w26y1WCRlqO7lhQLNjEp-_jzY0VeFYbkF7p9Qza3vdnqHchx8C43fMRAUrSPyMJnooje_fqYkOTgWAlHPgsZLHMxHCWx__dwThAcUMrdP4WdeYVcY32n9oCRZ0RAb55URFWG34YZsaxWrmmtW4NZ-dWBJ7l1gtkConoPMpypYDC82OBR1ORn0Njpu6e1s9qdjdeHlMHva1GJ5KPCmhjjmUhMHQ7yQUTA3oHUdBV0-1D_beCXEtaEuAxiabpbwWgc8vY-ndSaOZJSCaNyW613GlJcjNX_v6UZvEMaMNSwgzGIR17YiXjv_GCjGzftqFcsX8xfZBAhX7OGUyNPFA5d1gt60ik1Z7_yfv91gnuQAbbKcKYE9nVy51OmfUq8JNgy9UyCpjFfqqHsHhWClFK98n6Qssqky96X5qnhfVJIgsPrkiNUe1-1Ke3CpGD6PIiWw1FGN0aHvJZ8fj4usUNf3aLE7JD0_5mdpg0uMyB0DW2XbonDrFsliPT3aEIYokTkvHlNHNhQYPrzZ4tVyqBAED7mCQxOFozdASqrKxf7MNB2iQC9jTZ7XpA-sQteB2btGJe9awhXSCCqqQYV4hS0P0cWwgJA8A&cid=CAASJORoQBQPTKVWPBECDcAlmaxFjeD3Wd7Y5pfREq2FDkYVFsCQMQ&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
972bb3d2fed74ca3b0bf9b43dadcda8c373ee8780816ba9b2ef6bd05da724138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16236
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 58F3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D14fOovj9kdYlmKtFhb9veg0DTIWcql6sxVWP_Xtv-OvuSgB3QG23Nz0XM42-T6RDwzgYcJw1sdJrSnEVvTwhW1Md1nKyp5wdJVLmy6EeyntGygdQ
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 58F3 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:31:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 58F3 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36343
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646830771070120"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:43 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 58F3 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:29:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6397
x-xss-protection
0
server
cafe
etag
14404976697706490601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:29:53 GMT
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame 731A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
pvClk.min.js
analytics.webgains.io/ Frame 1389 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3432255&wgcampaignid=99582&js=1&nw=1&viewref=49610700065596000710612011897024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-214-118.arn56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 a626e6748fd7659cdc58de81924341d6.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
20319
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 13 Mar 2022 04:53:05 GMT
x-amz-cf-pop
ARN56-P1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
qQamFUM2Iw9cFp-mo6wMzBRFS--AQ-nE-8NhvWudTqyNzmfWVavzcQ==
link.html
track.webgains.com/ Frame 1389 		667 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=85444100055291300710744011897006&wglinkid=3432255
Requested by
Host: uuid
URL: urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
9ea21905a7edfa4ceda705f977891d5e100f9709318836cfacbab47ad3321ff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:43 GMT
Last-Modified
Sun, 13 Mar 2022 10:31:43 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/jpeg
Content-Length
667
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame 1389 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=68500500049724200714168011897023&wglinkid=2513135
Requested by
Host: uuid
URL: urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:43 GMT
Last-Modified
Sun, 13 Mar 2022 10:31:43 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Content-Length
2808
Expires
Mon, 26 Jul 1997 05:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame A183 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
e865ba2ca00e11081a85a9c02951a24ff5ad447974bfaf3daa5356339bc02b6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27723
x-xss-protection
0
server
sffe
etag
"1157 / 395 of 1000 / last-modified: 1647040256"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 13 Mar 2022 10:31:43 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame AF83 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Sun, 13 Mar 2022 10:31:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4071785
x-guploader-uploadid
ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhVGePHQySvlxFMYa7aT1%2Bu%2BUU2ln9AK3OrXvWlbGYxo9PhCIlXEkLC1%2BQL1qwJxWE7yFcjE%2FKI2dhAPs5S0rbkFdj99JvgJRe7qWWbgFE7njGIFl3l%2FY0UlRH5IaVKzplWMaKvKymZEeG71L9ai6ecF"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6eb41a014b006987-FRA
expires
Wed, 25 Jan 2023 07:28:38 GMT
frame.html
ad4m.at/ Frame 6E44 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdtyt0YYJGM7L4Qh4KppAxdHUa6qSHGwk_MVt1bnpkWR4u_j_tebe8lZvHDpkzKsfKnRm3Uay31h5MKGRnI-yLI
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
expires
Sun, 13 Mar 2022 11:31:43 GMT
cache-control
public, max-age=3600
age
1385599
last-modified
Wed, 06 May 2020 15:09:30 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3x5uolaF6IMWcRMD1dlHb461wKWtq5YQK0PlOBx2CCj%2BXRK9lpQF7cjR3ae0frjfBpoT4uyS2cb%2F1CO3s%2FGX1ytTuJqQ3UOVa4KdmICiCASrpCl8J2J2QBIlwxYGmTtkL1%2FTX%2F0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6eb41a012c3692ad-FRA
content-encoding
br
sd
us-u.openx.net/w/1.0/ Frame D643
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHee0S3eXCOUVExUnUTiT0w&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHee0S3eXCOUVExUnUTiT0w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVNNHPW9elobr4_tAm76V7jOGi8PYQbnfQQnt8Ckm0BOvREIIxbYh96DkNV7fwjqBXLP2U4eiR-JtzblphFW1J8g3IsTPA4tJDfqS5D2POATwjWAavwWL60TU3QvsiO12F_CDl5Kpa1hfj8Bf-CWojO6AwxW-kEISSsvlJPscncgNeliJg
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
via
1.1 google
server
OXGW/17.2.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHee0S3eXCOUVExUnUTiT0w&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame D643 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVNNHPW9elobr4_tAm76V7jOGi8PYQbnfQQnt8Ckm0BOvREIIxbYh96DkNV7fwjqBXLP2U4eiR-JtzblphFW1J8g3IsTPA4tJDfqS5D2POATwjWAavwWL60TU3QvsiO12F_CDl5Kpa1hfj8Bf-CWojO6AwxW-kEISSsvlJPscncgNeliJg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
gzip
server
OXGW/17.2.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame D643
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESENxXkIwzqlFKOT9ZyG0HuYw&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESENxXkIwzqlFKOT9ZyG0HuYw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVNNHPW9elobr4_tAm76V7jOGi8PYQbnfQQnt8Ckm0BOvREIIxbYh96DkNV7fwjqBXLP2U4eiR-JtzblphFW1J8g3IsTPA4tJDfqS5D2POATwjWAavwWL60TU3QvsiO12F_CDl5Kpa1hfj8Bf-CWojO6AwxW-kEISSsvlJPscncgNeliJg
Protocol
H2
Server
104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-106-130.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 13 Mar 2022 10:31:43 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESENxXkIwzqlFKOT9ZyG0HuYw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame D643 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNVNNHPW9elobr4_tAm76V7jOGi8PYQbnfQQnt8Ckm0BOvREIIxbYh96DkNV7fwjqBXLP2U4eiR-JtzblphFW1J8g3IsTPA4tJDfqS5D2POATwjWAavwWL60TU3QvsiO12F_CDl5Kpa1hfj8Bf-CWojO6AwxW-kEISSsvlJPscncgNeliJg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-106-130.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 13 Mar 2022 10:31:43 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 58F3 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ds2IxQE0Q5Fwzby_chYMgFPpwytYHgmNbYmzvHOcYwQafkijQM5usb-bq4i3RbKmBBfFiJMchUZdldRxCsFjdzb8xW1SPmJcSrCzzIhSMRwBopK2YSm3kIGq89z-E-Gr190IgR8gEDZq7gGMP62oQpC_Tx0Q&cry=1&dbm_d=AKAmf-Av9Mj7sxmb4yVZcbid1w_cTWuCFqF0NK1pBKeWDoxfwCeT_h5v2J7q3AZQd-oW5MrMVvD3xN8bQe6R6ujpB2TrN-rgQLidCpGmYrxM7cYVj_xBPrZ7zoryxnEHRYjnsdW6cKZTUvIY80OyeZAGSd9RcT7TBEDz_ewtU809lb6Ak91wBP-xX0uDY1VVzLvnmINa17hp0lCDzuTqIy7pHs-GDuy6MZqiFwsAt9bATiZS8yooHrDtjBau5w1pdTlHikgMAPbEkw7xOneXYCbNfQlOydhvpI9Dt9SEl60FWwkI9WeZI2O1a8Wl9ZhZoWmp3uDLNRt7V18fT8QkshbTQSyOEcr0LiItyR5vRAMyGTotvSghhPBGYVpj5N9DeXZ7RLVLsxqDmMYG5qjccUsxQHrqYoLNjeyBr8rTCTt23oGTgnpsm3UeSj7aTJ0kHbkwcfoB1_VvQXo0KyApk4bg1jf82BCOHzjav5MHuX6dducJMygTjLpwp6JEUCxwxMhwM39K-gF8nKjdSPPBkSwwDPxN1abfFcO9C5UVo1MZFo2KTuXGe4LZya2ABdRGGiFlK0f_BxlEnskMDfXiFuGaOaLnbyNQ5xkThX3lCZWgB8QGV29LqHkJwxBRHNPfK1aLPSK0MujLye31PeWpcA1XPQsqd-o97Z9fT7Upfa0dDP-IbwN-GvkRQx51j60RDZOIciRIvF-G6fSkkBKI5R80FBbUIn9yg7OxYiJ4CVPk-DP1oLbl-0nhXknFVfvQ_GLhkihsZ88PUuWMbxOU5IxWcNxxp2xadAwiX2Zo0PD3vjcScf81halr1BC2ZIawAVRtsJTl8f824gDlsVG60gPOm1EGOWmPzfPTYru0DiZgg4XcnMLLlMPFdUrAmXkrBKS4BgiKs-KGlQfrARRQsG4YmCmO0tr1-hSRXWg1lo-UP30AxfHQLHiTiLEyftvu5DThoQoJMYuAmSNmamDFJuqi9ovo6wypOJwH26RqyzgV2XkGCikgOJl-Gzo8vx96mi40KFwkLorSY6pGTDTIBfYX8_j0j7T3k8fjZU-X8k8jQbDjpymGXF_Ap9VYExA1sBln_jUOn7IAjoQOW7uh02gzIzAbTMTqJsXPd6s5xz6V64epE5pK4d0tFVVeaDQSTYdPCld43_AzfjaCJM2u9tPEfcjFga9TFn_KQTNKH15o5NgiXFcNvPmEf-WgmPE1-flrzagKIsoall7Fkf8qgNw6G-0ZQGFJuhPm5Bz_uHRd2uNFOahfe4oNhREZRlPiAQX43Nx2iNboSsqyB5FQT3RoeonxV1Osf2g2h1K3Nelfc_UwGCJfJ-2CAtLrnSImqEeFpFA-EHS_eNp3ME8RHdkCBT6rbePkj4ksyiwdS7O8tEVYu1XM0xtEdfojHmK5WDvjN-1Nod--fCqHHXqgrOdaRhbmaiJNpzVKM9DIjf-avftPlraMBR7ORTDDkYFwXgg250-FX4SMcMjSgzumZpAYz7Rb5h3rhiCZodVOqQHmg4u4wuGBgDoaKoJQ8A8bsAU6oSB0j6StR1qK4R9tDTJYFC86y7nz90cO1RJIfyP2oZxrB1hOAPMnjZHtR4LAdomZzr7HJr1uI6Qe39O9q6Hziu3Q8YSgRzR7HVRF0KHsCvKMf3EL7kvgGMRAkJ6mxNR70-Nn2493-2_zuCyXAep0UEz3E0iPV5MEMMg7oSFEu1mj2Om8iIUPIOFzshwN2uXWggkqmTfh7TNSsCnLJSEXBvbri5psIazBfMG304_xuwHmf4sE9zTExS4ndnmmMZsyivKaH8NfjJIl456qonBWRdXs3OJUn8MM5cwpYvnbSeUu_aR6hN1Jv4IaIhP8MtwNBW5jwhrQlRjeV4Z4PvPZk71mFgyBQieecllFm1s1hh4ggF5hSb9UUN7fC6zMJpbNHPeREn9TM6VDvQNSmCA6nSI_QLQ8GcsB7CHsTnmSAHa98-bLfAFWtSw1wi4_c4jfUVKpatmAoBzGTldtLsjBjLOpznq4K6Rb93ZerzBRqTkaw1KOTh5MCyfbBJj-0T44WC8cAydzzqX2GQ-scrlybkZDc7pq2Vv2Yg9xhbl28rybO37qhrcRSD5HgnW3NHb9qi0c7CVGZ1nwApkkKXHXFItgiAHXoIRh1VXJvFysdhzYjY4sAAfbTeRkFTk8tzJL-liKDCafbPQtH47ukSjes1cFfhW7t21HfnY01v9j6i7PqwhercAl-gcSyPCge4UGMXRyzMOEkOnhQv3o36rO2cZLleLdeJZSo2fAxetGUA_zIaehxG62vwBKC9EuicS1SMymdts7zU-nPrRLW8ZPnM_gDbfEChueUODtuKg_IJasgbihzFQvyxq43pEll6ENM77huIswrfJWpVoLV_H7cF4LRUFBh2-DzG3Db3GuPnH4pB-UzYMhQ37kQhovYqT2jphLx6_Ns1agU79VETJICPfHP9XoLcGY3fO7Tw4mr3yxNuW6MxykT-PnhjPbo3BzdsJBDJHaOQsuNfMARWKkRxCWq0aju_i6jwMAVUkGjvuh14PzTYnnblbGKsZTdewlx1oIyV9bOjZvWcJrWgeypOGaLZcvMmGH7vi5JkTo1Zi7pH2aKNZeq7XE8gVxgMSogpwqFzEGHDVq_lJrtvbzBf6uSRPYYsgCo1Q_os9w3Yu8FbHXVL5opiOgXYcBODMvPZNDe2tm5ARBsgLpnwCz4w26y1WCRlqO7lhQLNjEp-_jzY0VeFYbkF7p9Qza3vdnqHchx8C43fMRAUrSPyMJnooje_fqYkOTgWAlHPgsZLHMxHCWx__dwThAcUMrdP4WdeYVcY32n9oCRZ0RAb55URFWG34YZsaxWrmmtW4NZ-dWBJ7l1gtkConoPMpypYDC82OBR1ORn0Njpu6e1s9qdjdeHlMHva1GJ5KPCmhjjmUhMHQ7yQUTA3oHUdBV0-1D_beCXEtaEuAxiabpbwWgc8vY-ndSaOZJSCaNyW613GlJcjNX_v6UZvEMaMNSwgzGIR17YiXjv_GCjGzftqFcsX8xfZBAhX7OGUyNPFA5d1gt60ik1Z7_yfv91gnuQAbbKcKYE9nVy51OmfUq8JNgy9UyCpjFfqqHsHhWClFK98n6Qssqky96X5qnhfVJIgsPrkiNUe1-1Ke3CpGD6PIiWw1FGN0aHvJZ8fj4usUNf3aLE7JD0_5mdpg0uMyB0DW2XbonDrFsliPT3aEIYokTkvHlNHNhQYPrzZ4tVyqBAED7mCQxOFozdASqrKxf7MNB2iQC9jTZ7XpA-sQteB2btGJe9awhXSCCqqQYV4hS0P0cWwgJA8A&cid=CAASJORoQBQPTKVWPBECDcAlmaxFjeD3Wd7Y5pfREq2FDkYVFsCQMQ&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
947e22d9ed05fbe3f5ed3c4ee35618a1910a85968f48a22c0277f9936f2eb769
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
5177785407398320510
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:31:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 58F3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ds2IxQE0Q5Fwzby_chYMgFPpwytYHgmNbYmzvHOcYwQafkijQM5usb-bq4i3RbKmBBfFiJMchUZdldRxCsFjdzb8xW1SPmJcSrCzzIhSMRwBopK2YSm3kIGq89z-E-Gr190IgR8gEDZq7gGMP62oQpC_Tx0Q&cry=1&dbm_d=AKAmf-Av9Mj7sxmb4yVZcbid1w_cTWuCFqF0NK1pBKeWDoxfwCeT_h5v2J7q3AZQd-oW5MrMVvD3xN8bQe6R6ujpB2TrN-rgQLidCpGmYrxM7cYVj_xBPrZ7zoryxnEHRYjnsdW6cKZTUvIY80OyeZAGSd9RcT7TBEDz_ewtU809lb6Ak91wBP-xX0uDY1VVzLvnmINa17hp0lCDzuTqIy7pHs-GDuy6MZqiFwsAt9bATiZS8yooHrDtjBau5w1pdTlHikgMAPbEkw7xOneXYCbNfQlOydhvpI9Dt9SEl60FWwkI9WeZI2O1a8Wl9ZhZoWmp3uDLNRt7V18fT8QkshbTQSyOEcr0LiItyR5vRAMyGTotvSghhPBGYVpj5N9DeXZ7RLVLsxqDmMYG5qjccUsxQHrqYoLNjeyBr8rTCTt23oGTgnpsm3UeSj7aTJ0kHbkwcfoB1_VvQXo0KyApk4bg1jf82BCOHzjav5MHuX6dducJMygTjLpwp6JEUCxwxMhwM39K-gF8nKjdSPPBkSwwDPxN1abfFcO9C5UVo1MZFo2KTuXGe4LZya2ABdRGGiFlK0f_BxlEnskMDfXiFuGaOaLnbyNQ5xkThX3lCZWgB8QGV29LqHkJwxBRHNPfK1aLPSK0MujLye31PeWpcA1XPQsqd-o97Z9fT7Upfa0dDP-IbwN-GvkRQx51j60RDZOIciRIvF-G6fSkkBKI5R80FBbUIn9yg7OxYiJ4CVPk-DP1oLbl-0nhXknFVfvQ_GLhkihsZ88PUuWMbxOU5IxWcNxxp2xadAwiX2Zo0PD3vjcScf81halr1BC2ZIawAVRtsJTl8f824gDlsVG60gPOm1EGOWmPzfPTYru0DiZgg4XcnMLLlMPFdUrAmXkrBKS4BgiKs-KGlQfrARRQsG4YmCmO0tr1-hSRXWg1lo-UP30AxfHQLHiTiLEyftvu5DThoQoJMYuAmSNmamDFJuqi9ovo6wypOJwH26RqyzgV2XkGCikgOJl-Gzo8vx96mi40KFwkLorSY6pGTDTIBfYX8_j0j7T3k8fjZU-X8k8jQbDjpymGXF_Ap9VYExA1sBln_jUOn7IAjoQOW7uh02gzIzAbTMTqJsXPd6s5xz6V64epE5pK4d0tFVVeaDQSTYdPCld43_AzfjaCJM2u9tPEfcjFga9TFn_KQTNKH15o5NgiXFcNvPmEf-WgmPE1-flrzagKIsoall7Fkf8qgNw6G-0ZQGFJuhPm5Bz_uHRd2uNFOahfe4oNhREZRlPiAQX43Nx2iNboSsqyB5FQT3RoeonxV1Osf2g2h1K3Nelfc_UwGCJfJ-2CAtLrnSImqEeFpFA-EHS_eNp3ME8RHdkCBT6rbePkj4ksyiwdS7O8tEVYu1XM0xtEdfojHmK5WDvjN-1Nod--fCqHHXqgrOdaRhbmaiJNpzVKM9DIjf-avftPlraMBR7ORTDDkYFwXgg250-FX4SMcMjSgzumZpAYz7Rb5h3rhiCZodVOqQHmg4u4wuGBgDoaKoJQ8A8bsAU6oSB0j6StR1qK4R9tDTJYFC86y7nz90cO1RJIfyP2oZxrB1hOAPMnjZHtR4LAdomZzr7HJr1uI6Qe39O9q6Hziu3Q8YSgRzR7HVRF0KHsCvKMf3EL7kvgGMRAkJ6mxNR70-Nn2493-2_zuCyXAep0UEz3E0iPV5MEMMg7oSFEu1mj2Om8iIUPIOFzshwN2uXWggkqmTfh7TNSsCnLJSEXBvbri5psIazBfMG304_xuwHmf4sE9zTExS4ndnmmMZsyivKaH8NfjJIl456qonBWRdXs3OJUn8MM5cwpYvnbSeUu_aR6hN1Jv4IaIhP8MtwNBW5jwhrQlRjeV4Z4PvPZk71mFgyBQieecllFm1s1hh4ggF5hSb9UUN7fC6zMJpbNHPeREn9TM6VDvQNSmCA6nSI_QLQ8GcsB7CHsTnmSAHa98-bLfAFWtSw1wi4_c4jfUVKpatmAoBzGTldtLsjBjLOpznq4K6Rb93ZerzBRqTkaw1KOTh5MCyfbBJj-0T44WC8cAydzzqX2GQ-scrlybkZDc7pq2Vv2Yg9xhbl28rybO37qhrcRSD5HgnW3NHb9qi0c7CVGZ1nwApkkKXHXFItgiAHXoIRh1VXJvFysdhzYjY4sAAfbTeRkFTk8tzJL-liKDCafbPQtH47ukSjes1cFfhW7t21HfnY01v9j6i7PqwhercAl-gcSyPCge4UGMXRyzMOEkOnhQv3o36rO2cZLleLdeJZSo2fAxetGUA_zIaehxG62vwBKC9EuicS1SMymdts7zU-nPrRLW8ZPnM_gDbfEChueUODtuKg_IJasgbihzFQvyxq43pEll6ENM77huIswrfJWpVoLV_H7cF4LRUFBh2-DzG3Db3GuPnH4pB-UzYMhQ37kQhovYqT2jphLx6_Ns1agU79VETJICPfHP9XoLcGY3fO7Tw4mr3yxNuW6MxykT-PnhjPbo3BzdsJBDJHaOQsuNfMARWKkRxCWq0aju_i6jwMAVUkGjvuh14PzTYnnblbGKsZTdewlx1oIyV9bOjZvWcJrWgeypOGaLZcvMmGH7vi5JkTo1Zi7pH2aKNZeq7XE8gVxgMSogpwqFzEGHDVq_lJrtvbzBf6uSRPYYsgCo1Q_os9w3Yu8FbHXVL5opiOgXYcBODMvPZNDe2tm5ARBsgLpnwCz4w26y1WCRlqO7lhQLNjEp-_jzY0VeFYbkF7p9Qza3vdnqHchx8C43fMRAUrSPyMJnooje_fqYkOTgWAlHPgsZLHMxHCWx__dwThAcUMrdP4WdeYVcY32n9oCRZ0RAb55URFWG34YZsaxWrmmtW4NZ-dWBJ7l1gtkConoPMpypYDC82OBR1ORn0Njpu6e1s9qdjdeHlMHva1GJ5KPCmhjjmUhMHQ7yQUTA3oHUdBV0-1D_beCXEtaEuAxiabpbwWgc8vY-ndSaOZJSCaNyW613GlJcjNX_v6UZvEMaMNSwgzGIR17YiXjv_GCjGzftqFcsX8xfZBAhX7OGUyNPFA5d1gt60ik1Z7_yfv91gnuQAbbKcKYE9nVy51OmfUq8JNgy9UyCpjFfqqHsHhWClFK98n6Qssqky96X5qnhfVJIgsPrkiNUe1-1Ke3CpGD6PIiWw1FGN0aHvJZ8fj4usUNf3aLE7JD0_5mdpg0uMyB0DW2XbonDrFsliPT3aEIYokTkvHlNHNhQYPrzZ4tVyqBAED7mCQxOFozdASqrKxf7MNB2iQC9jTZ7XpA-sQteB2btGJe9awhXSCCqqQYV4hS0P0cWwgJA8A&cid=CAASJORoQBQPTKVWPBECDcAlmaxFjeD3Wd7Y5pfREq2FDkYVFsCQMQ&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 13:19:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162741
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Mar 2023 13:19:22 GMT
pubads_impl_2022030801.js
securepubads.g.doubleclick.net/gpt/ Frame A183 		358 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
c00983dee008b49458960478c1cb482043faa725f62c00717915fabddb69bfa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1744
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123897
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 09:34:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Mar 2023 10:02:39 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C646 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkhKkDsgtYuXmLoHEx_APotaj0AIAAAAAOAHgBAI&bg=!ammlaS3NAAb7UztL-1M7ACkAdvg8WtZzcgFnn_vTsunEYJQ4kDXRX2tTnQYlF8j842STYFFQM_mgsQIAAAFfUgAAAAZoAQcKALsYKvxI3Ac29vBpP2GEbNyJ_vq8zC-SWXcUxoefl3EGkcshFG9rW-ouLXF4xqXa1OkrGKqvkNQwwzsJG4PBgW4dblmVDmgWbJGbZtJ7OIkSAJUnGOFOzCn6fRHgAyf0TSY4MEKJCd8Lpa460-sMsBRn1feS9MrMBCSoeuVHtfjuYQK8x2utiCu_BOUfBOqqW30nbETv2FY82FHyYVUy_mi6Om0f5J77XS2PmLY8r-9bYq0WF2Wz6TfX3Y_MmQLR2dEdfVQSWepf-Db3NsD3hBRdzs6ez4baHoYmW4Aip5UNKdUO0EUd8nyIM7gULhTPTmOIwCoJ9LAC_GpgadSbtgHB4407ZHxVNlUUQdmhvvcxQ7CvlOmxLb9Yx36ikazEBxb9SdDCk8KjXLWlVwHpoWs1sLQA8fbZt0-1GsPUH-2KgzXGjMO-5w6ToqUYMYLaUZz6m4nigMcKezGjoqJAMWawJpZygqsEswFlWm-j-BvmL9Cm5QAktL3IJOb2l7cB0nKVEIPwzw0qsZMgTjUyW935SH9XAn14zCQkQL44si52eWfjH6AT4A3NcPKU4kRV3HQzRTCZTr02lp8r1weFzZR0A8P01yePCAFx0mRk5FVbpX7l3BCwatWCRUbcmbC-dJt-AQj47mpHyf8AqrxkNwm1itJ4M8sE6SB0XivQbqwJtvN7rZlWDcNVsI_WWYv4cIyDhm3g91Rd3yCeEJQATCyTQOMjqW1T3-2vqAouHwiRtlnOUc2fngHJndnC2OxLRSVBrrcNaCRrd11mizuZVW9ph7ghbfliSqH4fSjvbXvgEDtv_d-qHtwQWv5cHnFhQh9r3XbKgFUC5lrvoREeYcFZz1t4-oXeum8z-owoKESCriZX1EVQYTztKTlQ1dObGPmazC8cJpGtlXu6IdG_3AWr0CSIgHZ1cmf6kDgnonR7t2by5LGnRYH2NNc6gP84zbzvJ8vViyTL0z6OFm981DBCPAR6eh0de9cZHMmS4rd1x-xcT4CBkj-J7fKzd6cjrTtEf1ZuxZF89XS98HZ0gFXXiS2QLNJqmEgJgXd0J1Rfft_ke2jYxCAr30lh-uL6v4YxSNU7oW9VC-Wg4E9Vn7ofMzlWK8Za5PnO2rg8hgcK376cWELQ2BqdiDij6K4teddWol4Xi6J5F5OIy8FfNE8QU_ZN8IDTFG3vkv5dSc2ZT3f9cPyRAHDfu3JmfmWHzA
Requested by
Host: uuid
URL: urn:uuid:52425aa3-28ea-213a-5876-213a28ea5242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rs
ad4m.at/ Frame AF83 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54c706dae9926641af2e18a59361fb06195084976f0dbbafc0214adc8ccdfcd2

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6eb41a0258079b86-FRA
date
Sun, 13 Mar 2022 10:31:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xO5bqPRm66C0NKkDuqtoyRNvUFEl4UDJWoyVE8Apgc%2BSkKM8CO78vofnkJDpxk%2FaJ4MSrtNflyTqh5SkwQ9GGTfckNtU3ByAwgbrLdOOdv7wi%2BXOlhS58ybJr3%2F5tjqpmKZU1Xs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-bjhb
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-bjhb
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k276%2FrRKQBA9mNCd3yFrg6GOMxNPsc04mc0hWkYrX%2FN1T7YzHCM9gBnx7qTblL2%2BIwESlNfpLNYvr4tA6%2FnLibUgBfKBQjTADAEp7IdKe%2BqiBTG3BDMgfvPoF7KQ%2BrMaGJdF5xw%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6eb41a021f8f9b86-FRA
4727t6qteyti
hal9000.redintelligence.net/zone/ Frame 58F3 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMPXQD8gtYuhkk-3fA8O_o-AOtc35g1f82Lmr5QzwLhABILnb8yZgleKQgqAHyAEJqQIY8YtEyE6yPqgDAaoE3wFP0MlRunBA1UqCHZB560SwhaLJ5PLKHsYyXo1--yBxBJA3mwGTzwHKvmSKoEecDrXYom02OqVgy9GQBe-diDb4ps71gypY6yDPI3s7wLr_dhShotLEEnkutZZ37u1XoVcyNoKQY9szsnbswE4F4ymJj23zrgI8pCRdnVs3bEh3qZNPzJAnIpXjLYf2Mok6FoJDxHvEwsQO7dTkCCLO_6buqWeAkvFAo5HGt3xwhgWjteCp3wp30u0wAxG7bst06u_glBk51A2bDXWqIQCIri9HksrlBk7H5hW5tND_bTdwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoQBQPTKVWPBECDcAlmaxFjeD3Wd7Y5pfREq2FDkYVFsCQMQ%26sig%3DAOD64_1B7B5xLMf-Y-xjqJg0gGBTK4IlAA%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-Cx-WULrftp90PzSP47BaEQL1ev6Z4YkAs4HmWeqTy5pd65d4ofRA8Wc0aVq1J5UlyAMPnpAagHyUUtmU-u-BGtBIMsgAy0YFfkmJpsN-xfd5RE5ytG-Y9JcCqMczd8L7Iyoke9FfyHubYC8kA_EtqGAcWrPQ%26cry%3D1%26dbm_d%3DAKAmf-BjTRhM6_8Y6GtW14j63TRTLTA2_zieVAwceLy9Lmggx9u9QP5QLx1y_xTYrwSGdM5k_66gg32dZM8zMJnuObS7_MlKQPmJ7n1gd9Rjsfs3M020bQTQx53i4alimtmkwahQmrsC1eRufJ98P4e-m0oUSG_h-8UKeeGLwBaM6wuiPcdWdKGrZ0QEVtz24ZbDD6yRO1Rf9E8UPkvZN_civTIQM1djvCkAWNgWd_nH3BJXlvIBO7pjTyCsqa7yB5I5dm8AljX7CQN8eONjL4tXKV9tmV8VnbeeNw234YIgxQFn9IxODTFpASnZ1_UlLwoH9mDa2WMWwasiAfgh5GLndRSpMAQXFmVd1bQqC2RVvu0P744ZaNvRIgvLXJ6KLPYirgDr6dKtkzXzPH-D2ar4P67eUU2QLVRVQ--Gn9sz_cHBaj6ElR6ybFY7PO8_E8NY_tCqiDSYM6tFqYnB4NGkvqPC_nVsDA%26adurl%3D
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
aef780d4bc2115d3b8eb19d469e750879ca2a97bd4f921753d14b0c73352cb9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3961
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D274 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 11 Mar 2022 13:19:22 GMT
expires
Sat, 11 Mar 2023 13:19:22 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
162741
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame A183 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A183 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame A183 		19 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=301711144975138&correlator=3688913406980031&eid=31064905%2C44758228&output=ldjh&gdfp_req=1&vrg=2022030801&ptt=17&impl=fif&sc=1&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600%7C120x600%7C200x200%7C250x250&ifi=1&adks=113378651&sfv=1-0-38&ecs=20220313&fsapi=false&eri=4&cookie=ID%3D6bf49801c8b0f0f7%3AT%3D1647167501%3AS%3DALNI_Ma-2pTd4Th25scBsEIeyhjqF7kSIg&abxe=1&dt=1647167503704&dlt=1647167503494&idt=194&biw=1600&bih=1200&isw=160&ish=600&oid=2&adxs=1148&adys=1298&ucis=81kj8eeye5r1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fjesus.co&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=160x0&msz=160x0&fws=256&ohw=0&ea=0&ga_vid=1312843398.1647167500&ga_sid=1647167504&ga_hid=1372197369&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
40e978ebe9f3ec208164c8b123cc96a0951060daf1182c0c4e230695c61f1f04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10309
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A183 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cca36826c839c9b3779224cba3025ee800a077f7de6ce8edb7501cc3d1125447
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10586
x-xss-protection
0
container.html
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1D60 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 13 Mar 2022 10:31:43 GMT
expires
Mon, 13 Mar 2023 10:31:43 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
generate_204
tpc.googlesyndication.com/ Frame 731A 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?lC5m1w
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
request.php
hal900028.redintelligence.net/ Frame 58F3 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=7327bef5f3&subid=&uid=be6e8149e49ba227&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMPXQD8gtYuhkk-3fA8O_o-AOtc35g1f82Lmr5QzwLhABILnb8yZgleKQgqAHyAEJqQIY8YtEyE6yPqgDAaoE3wFP0MlRunBA1UqCHZB560SwhaLJ5PLKHsYyXo1--yBxBJA3mwGTzwHKvmSKoEecDrXYom02OqVgy9GQBe-diDb4ps71gypY6yDPI3s7wLr_dhShotLEEnkutZZ37u1XoVcyNoKQY9szsnbswE4F4ymJj23zrgI8pCRdnVs3bEh3qZNPzJAnIpXjLYf2Mok6FoJDxHvEwsQO7dTkCCLO_6buqWeAkvFAo5HGt3xwhgWjteCp3wp30u0wAxG7bst06u_glBk51A2bDXWqIQCIri9HksrlBk7H5hW5tND_bTdwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoQBQPTKVWPBECDcAlmaxFjeD3Wd7Y5pfREq2FDkYVFsCQMQ%26sig%3DAOD64_1B7B5xLMf-Y-xjqJg0gGBTK4IlAA%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-Cx-WULrftp90PzSP47BaEQL1ev6Z4YkAs4HmWeqTy5pd65d4ofRA8Wc0aVq1J5UlyAMPnpAagHyUUtmU-u-BGtBIMsgAy0YFfkmJpsN-xfd5RE5ytG-Y9JcCqMczd8L7Iyoke9FfyHubYC8kA_EtqGAcWrPQ%26cry%3D1%26dbm_d%3DAKAmf-BjTRhM6_8Y6GtW14j63TRTLTA2_zieVAwceLy9Lmggx9u9QP5QLx1y_xTYrwSGdM5k_66gg32dZM8zMJnuObS7_MlKQPmJ7n1gd9Rjsfs3M020bQTQx53i4alimtmkwahQmrsC1eRufJ98P4e-m0oUSG_h-8UKeeGLwBaM6wuiPcdWdKGrZ0QEVtz24ZbDD6yRO1Rf9E8UPkvZN_civTIQM1djvCkAWNgWd_nH3BJXlvIBO7pjTyCsqa7yB5I5dm8AljX7CQN8eONjL4tXKV9tmV8VnbeeNw234YIgxQFn9IxODTFpASnZ1_UlLwoH9mDa2WMWwasiAfgh5GLndRSpMAQXFmVd1bQqC2RVvu0P744ZaNvRIgvLXJ6KLPYirgDr6dKtkzXzPH-D2ar4P67eUU2QLVRVQ--Gn9sz_cHBaj6ElR6ybFY7PO8_E8NY_tCqiDSYM6tFqYnB4NGkvqPC_nVsDA%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=5507060125969&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMPXQD8gtYuhkk-3fA8O_o-AOtc35g1f82Lmr5QzwLhABILnb8yZgleKQgqAHyAEJqQIY8YtEyE6yPqgDAaoE3wFP0MlRunBA1UqCHZB560SwhaLJ5PLKHsYyXo1--yBxBJA3mwGTzwHKvmSKoEecDrXYom02OqVgy9GQBe-diDb4ps71gypY6yDPI3s7wLr_dhShotLEEnkutZZ37u1XoVcyNoKQY9szsnbswE4F4ymJj23zrgI8pCRdnVs3bEh3qZNPzJAnIpXjLYf2Mok6FoJDxHvEwsQO7dTkCCLO_6buqWeAkvFAo5HGt3xwhgWjteCp3wp30u0wAxG7bst06u_glBk51A2bDXWqIQCIri9HksrlBk7H5hW5tND_bTdwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoQBQPTKVWPBECDcAlmaxFjeD3Wd7Y5pfREq2FDkYVFsCQMQ%26sig%3DAOD64_1B7B5xLMf-Y-xjqJg0gGBTK4IlAA%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-Cx-WULrftp90PzSP47BaEQL1ev6Z4YkAs4HmWeqTy5pd65d4ofRA8Wc0aVq1J5UlyAMPnpAagHyUUtmU-u-BGtBIMsgAy0YFfkmJpsN-xfd5RE5ytG-Y9JcCqMczd8L7Iyoke9FfyHubYC8kA_EtqGAcWrPQ%26cry%3D1%26dbm_d%3DAKAmf-BjTRhM6_8Y6GtW14j63TRTLTA2_zieVAwceLy9Lmggx9u9QP5QLx1y_xTYrwSGdM5k_66gg32dZM8zMJnuObS7_MlKQPmJ7n1gd9Rjsfs3M020bQTQx53i4alimtmkwahQmrsC1eRufJ98P4e-m0oUSG_h-8UKeeGLwBaM6wuiPcdWdKGrZ0QEVtz24ZbDD6yRO1Rf9E8UPkvZN_civTIQM1djvCkAWNgWd_nH3BJXlvIBO7pjTyCsqa7yB5I5dm8AljX7CQN8eONjL4tXKV9tmV8VnbeeNw234YIgxQFn9IxODTFpASnZ1_UlLwoH9mDa2WMWwasiAfgh5GLndRSpMAQXFmVd1bQqC2RVvu0P744ZaNvRIgvLXJ6KLPYirgDr6dKtkzXzPH-D2ar4P67eUU2QLVRVQ--Gn9sz_cHBaj6ElR6ybFY7PO8_E8NY_tCqiDSYM6tFqYnB4NGkvqPC_nVsDA%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
1d2d6cda758ae9f4f0d97d348293dfe0eaa3b36a3ddc8467f0ec99ebea7a57ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:43 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
97124400064943500710612011897028
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
861
Expires
Sun, 13 Mar 2022 10:31:43 +0100
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame D274 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A183 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:43 GMT
rar
as.ad4m.at/ad/ Frame 865A 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bb978d5472963fc09d519246511b7b146dac5e9033348bb1feef925410d6c45
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1h3evfgqda3erpwq2kg8pcv11npetdqpr79cfkev0ckeg9gx3sc9e84p6g4cgrb45nw4v2wmrkbzr9wwgsn0d04vvb6xfbcz9wp16yxssbbd2xf2na7hczbmk834vqyeyg1c9dxzeph0twv9tgw1wm8rvs8bvpe2r5ejb2egpv1j2vvm5bam7k1qy45d4qdye4ahs7tey8mpp8wsaty92jaxcab2ts9gsqbkgk3smra3gmcdbnk7dfxr3dz3z190gmpbc3x18ghgkhzzgs4zd81nccrya09b7x71mnzg1m7ty6rqe0jtd07xscqxbzxrxr814crpdv3dgrqs4ebkjn12ex3z10fbvewhqa2j3e61n5r24ap4aff6e9f67tn4mwvzvfepxncme3z8pw5famrberrjr73k8ctmfmf7nqe5xhcffpfw8qec39yzk1jjbn0g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%26client%3Dca-pub-5413329544040947%26adurl%3D

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6eb41a029eee92ad-FRA
content-encoding
br
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0ECA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:23:30 GMT
expires
Mon, 13 Mar 2023 10:23:30 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
493
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 9A69 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
946568e52dfc8128302488404fed54469e7f8a2de085f2617ad97c00402e41d9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-182TfjvE1T+NYSW+2uGoMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 13 Mar 2022 10:31:43 GMT
date
Sun, 13 Mar 2022 10:31:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-182TfjvE1T+NYSW+2uGoMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 865A 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
434505
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Tue, 08 Mar 2022 09:49:58 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6eb41a031fbd92ad-FRA
cf-bgj
minify
A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
assets.ad4m.at/logo/ Frame 865A 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=i1Ff/Q==, md5=AYpfNzYzK/oFCZjsj3K+tA==
date
Sun, 13 Mar 2022 10:31:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
306491
cf-polished
origFmt=png, origSize=26777
x-guploader-uploadid
ADPycdsY1S65O4yO-xAEHmQnzs3c8nG8CtPtPBAb9c5K3A5w6txpu4UFx0it-0DGkwAuCrQjm4_7ZfWcRyNi6vElJEi8QRATIg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15238
last-modified
Tue, 07 Jul 2020 09:20:40 GMT
server
cloudflare
etag
"018a5f3736332bfa050998ec8f72beb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZiVOCulokVTqcWH0TUOa%2FYSI71vZbd2K%2BvwmnzenrrUa3NpkCvV9XipAKmUszfZARv7D8H0IxfQ%2BnvYHkSAhSEbAeOco2kqHpP2jqEh4D3xHwLNFboMJM9f%2BGaMOPDwE9Ze5smXBBsA8rPe"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1594113640078278
content-type
image/webp
expires
Mon, 14 Mar 2022 10:31:43 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
26777
accept-ranges
bytes
cf-ray
6eb41a032f338fe3-FRA
cf-bgj
imgq:85,h2pri
CD344C7198208A9A5F740F476AC3F2335508D7627FCE5B0F39A1436D67E60AB1E86775C9CFAD06EEACFED0D65DCA993D91C20CCA09713249CF6834EEECD25F41
assets.ad4m.at/product_image/ Frame 865A 		382 KB
383 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/CD344C7198208A9A5F740F476AC3F2335508D7627FCE5B0F39A1436D67E60AB1E86775C9CFAD06EEACFED0D65DCA993D91C20CCA09713249CF6834EEECD25F41
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25cbb0598f62d55b16729065a0955ce9efcdfb096c7f11fec31e731dcfa11e8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=d5mymQ==, md5=bWiWSMa0+LV8pKw7Fyjaew==
date
Sun, 13 Mar 2022 10:31:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
317640
cf-polished
origFmt=png, origSize=588465
x-guploader-uploadid
ADPycdun-knxGhAyI790DgV5XEnGTOPZxdrsjjYwaCrIMYb6HRdel_9hoYIBIBxXaSMNyTIjcWbo8ULaKYYYrv2ws1B-5mblUg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
391402
last-modified
Fri, 22 Oct 2021 09:31:50 GMT
server
cloudflare
etag
"6d689648c6b4f8b57ca4ac3b1728da7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZNIYM8cMZigNeh3apq6RwJQjYNMjXcUEOOtWfgrluMSZ77zhC2BEmqEn5QhQGYEdPsLgt4VfSNluVXn4k7uorIu2UzzqF4gkKIcKJshP%2FG7qS57DzTuAfQ7QJs%2F1KhMn9Y%2BTXev5LrbCoch"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634895110632642
content-type
image/webp
expires
Mon, 14 Mar 2022 10:31:43 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
588465
accept-ranges
bytes
cf-ray
6eb41a032f358fe3-FRA
cf-bgj
imgq:85,h2pri
view.aspx
pb.media01.eu/ Frame 865A
Redirect Chain
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuid6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3asuid__suite_Netmix_Reach09_PRIVATK...
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuid6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3asuid__suite_Ne...
0
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuid6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3asuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=981741&produktid=&dt_url=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
H2
Server
88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sun, 13 Mar 2022 11:31:44 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET,POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA9:EC0E_91EFC182:01BB_622DC80F_BF6F77A:F723
X-IPLB-Instance
40027
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuid6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3asuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=981741&produktid=&dt_url=
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 865A 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date
Sun, 13 Mar 2022 10:31:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
304851
cf-polished
origFmt=png, origSize=35453
x-guploader-uploadid
ADPycdt9BjFJB-STMuGP-36lUtp6nSK9mwiwj_7MJG-4itnlsrXpenpuAlQOa6-PkESwuB1KruuhpEHkniYK-rHLccllZpMV6A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18872
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udiBEbQ9vAEaAlTWEdnL093nXx2fWD79Z%2BPLAc8Vnmsmvq0krZZ%2FRGkc1aUft6n69gC7B8xOk44VDeYYYi5hoNcIiNP0S1lQjPjmVnpwA9x6a9IvsNuND4g73D3IyKPyIpYJxyU8Q0zvKVYq"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589805029334103
content-type
image/webp
expires
Mon, 14 Mar 2022 10:31:43 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35453
accept-ranges
bytes
cf-ray
6eb41a032f2c8fe3-FRA
cf-bgj
imgq:85,h2pri
285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame 865A 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=FPfkEg==, md5=cNeMaybSTgOMvyODLhu1OA==
date
Sun, 13 Mar 2022 10:31:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
303866
cf-polished
qual=85, origFmt=jpeg, origSize=83479
x-guploader-uploadid
ADPycdvlWWNyZ0_yVnle0Rp18a4UBQCgcUnm2yGpQ26-8_4pdPziMnb89A2kFa5Nk83CYeNcEKEjCMmYI60tc1-GnE4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9260
last-modified
Mon, 29 Nov 2021 15:03:15 GMT
server
cloudflare
etag
"70d78c6b26d24e038cbf23832e1bb538"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kww%2FoWR4atwokVbl8Dup55PwzhrYB1RVlos%2BUJ5iEES1p552t%2BKPinDdLbLY3y8J2T3WoHJOeCG62nBNB93xzK5tIhlAwFq7HijOAWKoN4ea2hPOYBRJVxgJipwLcQm%2FAFOAmvV85V0homPf"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1638198195167024
content-type
image/webp
expires
Mon, 14 Mar 2022 10:31:43 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
83479
accept-ranges
bytes
cf-ray
6eb41a032f288fe3-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 865A 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneideYET3fVfxBVcjHZHet1teW3swSQT81s7Ewoneid__asuid6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3asuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-94-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:43 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 865A 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Sun, 13 Mar 2022 10:31:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
308694
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ADPycdtQB0ZlO6faz5D0Hr1U_IJAXNzEPmLG9ByOrKjn0IdvbQjoRv7aym0wOPPY8wuH3qcWMenl-3meUbTlu3fV8GPke87R_w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JY38jK%2FnDRJVXC%2BrIgSeIGxDYcgoc8faDxFhN5meiIV3%2FZtClcToyP8a3kkwFCtWU20C%2BR%2BqRSG4aaVZxQVE9DR1qcM8dhS9afHq%2FymK0et9rdi6bEXfsX3EAXNf3FBmoJluEpr5Qcpo9ih"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Mon, 14 Mar 2022 10:31:43 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
6eb41a032f2e8fe3-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 865A 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Sun, 13 Mar 2022 10:31:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1393380
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ADPycdu4nh5obCsLLSKtVW321FZH20V_oHseo8WCszOV5QRZyn8AI_p2Ga8U-RQdTMLH3UX-cvFr--pvECd8J4wOD0A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85727
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znWWUYnX63EbkW2A0y27%2F8eACYDY0%2FlJHNtha4d6wL%2BYi7HoEs9FVUuHhbw9XdwkaJCARn38NNvN6u0AhU%2F55Wwq0pi%2BuewpAK8JORJYdZXTlE1GR9yJGC61MBLDCr5HZU%2BVMUwMWtJFY2pz"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Mon, 14 Mar 2022 10:31:43 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
6eb41a032f318fe3-FRA
cf-bgj
imgq:85,h2pri
view.aspx
pb.media01.eu/ Frame 8D18
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=97124400064943500710612011897028&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=97124400064943500710612011897028&actionid=981741&produktid=&dt_url=
0
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=97124400064943500710612011897028&actionid=981741&produktid=&dt_url=
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=7327bef5f3&subid=&uid=be6e8149e49ba227&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMPXQD8gtYuhkk-3fA8O_o-AOtc35g1f82Lmr5QzwLhABILnb8yZgleKQgqAHyAEJqQIY8YtEyE6yPqgDAaoE3wFP0MlRunBA1UqCHZB560SwhaLJ5PLKHsYyXo1--yBxBJA3mwGTzwHKvmSKoEecDrXYom02OqVgy9GQBe-diDb4ps71gypY6yDPI3s7wLr_dhShotLEEnkutZZ37u1XoVcyNoKQY9szsnbswE4F4ymJj23zrgI8pCRdnVs3bEh3qZNPzJAnIpXjLYf2Mok6FoJDxHvEwsQO7dTkCCLO_6buqWeAkvFAo5HGt3xwhgWjteCp3wp30u0wAxG7bst06u_glBk51A2bDXWqIQCIri9HksrlBk7H5hW5tND_bTdwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoQBQPTKVWPBECDcAlmaxFjeD3Wd7Y5pfREq2FDkYVFsCQMQ%26sig%3DAOD64_1B7B5xLMf-Y-xjqJg0gGBTK4IlAA%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-Cx-WULrftp90PzSP47BaEQL1ev6Z4YkAs4HmWeqTy5pd65d4ofRA8Wc0aVq1J5UlyAMPnpAagHyUUtmU-u-BGtBIMsgAy0YFfkmJpsN-xfd5RE5ytG-Y9JcCqMczd8L7Iyoke9FfyHubYC8kA_EtqGAcWrPQ%26cry%3D1%26dbm_d%3DAKAmf-BjTRhM6_8Y6GtW14j63TRTLTA2_zieVAwceLy9Lmggx9u9QP5QLx1y_xTYrwSGdM5k_66gg32dZM8zMJnuObS7_MlKQPmJ7n1gd9Rjsfs3M020bQTQx53i4alimtmkwahQmrsC1eRufJ98P4e-m0oUSG_h-8UKeeGLwBaM6wuiPcdWdKGrZ0QEVtz24ZbDD6yRO1Rf9E8UPkvZN_civTIQM1djvCkAWNgWd_nH3BJXlvIBO7pjTyCsqa7yB5I5dm8AljX7CQN8eONjL4tXKV9tmV8VnbeeNw234YIgxQFn9IxODTFpASnZ1_UlLwoH9mDa2WMWwasiAfgh5GLndRSpMAQXFmVd1bQqC2RVvu0P744ZaNvRIgvLXJ6KLPYirgDr6dKtkzXzPH-D2ar4P67eUU2QLVRVQ--Gn9sz_cHBaj6ElR6ybFY7PO8_E8NY_tCqiDSYM6tFqYnB4NGkvqPC_nVsDA%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=5507060125969&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Sun, 13 Mar 2022 11:31:43 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Sun, 13 Mar 2022 10:31:42 GMT
content-length
0

Redirect headers

Server
nginx/1.17.5
Date
Sun, 13 Mar 2022 10:31:43 GMT
Content-Type
application/javascript
Content-Length
0
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=97124400064943500710612011897028&actionid=981741&produktid=&dt_url=
Host
pv.medialead.de
Proxy-Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA9:EBCC_91EFC182:01BB_622DC80F_C2C2CF5:7DE1
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40028
request_content.php
hal900028.redintelligence.net/ Frame F59D 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/request_content.php?s=97124400064943500710612011897028&a=ea19281c
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=7327bef5f3&subid=&uid=be6e8149e49ba227&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMPXQD8gtYuhkk-3fA8O_o-AOtc35g1f82Lmr5QzwLhABILnb8yZgleKQgqAHyAEJqQIY8YtEyE6yPqgDAaoE3wFP0MlRunBA1UqCHZB560SwhaLJ5PLKHsYyXo1--yBxBJA3mwGTzwHKvmSKoEecDrXYom02OqVgy9GQBe-diDb4ps71gypY6yDPI3s7wLr_dhShotLEEnkutZZ37u1XoVcyNoKQY9szsnbswE4F4ymJj23zrgI8pCRdnVs3bEh3qZNPzJAnIpXjLYf2Mok6FoJDxHvEwsQO7dTkCCLO_6buqWeAkvFAo5HGt3xwhgWjteCp3wp30u0wAxG7bst06u_glBk51A2bDXWqIQCIri9HksrlBk7H5hW5tND_bTdwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoQBQPTKVWPBECDcAlmaxFjeD3Wd7Y5pfREq2FDkYVFsCQMQ%26sig%3DAOD64_1B7B5xLMf-Y-xjqJg0gGBTK4IlAA%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-Cx-WULrftp90PzSP47BaEQL1ev6Z4YkAs4HmWeqTy5pd65d4ofRA8Wc0aVq1J5UlyAMPnpAagHyUUtmU-u-BGtBIMsgAy0YFfkmJpsN-xfd5RE5ytG-Y9JcCqMczd8L7Iyoke9FfyHubYC8kA_EtqGAcWrPQ%26cry%3D1%26dbm_d%3DAKAmf-BjTRhM6_8Y6GtW14j63TRTLTA2_zieVAwceLy9Lmggx9u9QP5QLx1y_xTYrwSGdM5k_66gg32dZM8zMJnuObS7_MlKQPmJ7n1gd9Rjsfs3M020bQTQx53i4alimtmkwahQmrsC1eRufJ98P4e-m0oUSG_h-8UKeeGLwBaM6wuiPcdWdKGrZ0QEVtz24ZbDD6yRO1Rf9E8UPkvZN_civTIQM1djvCkAWNgWd_nH3BJXlvIBO7pjTyCsqa7yB5I5dm8AljX7CQN8eONjL4tXKV9tmV8VnbeeNw234YIgxQFn9IxODTFpASnZ1_UlLwoH9mDa2WMWwasiAfgh5GLndRSpMAQXFmVd1bQqC2RVvu0P744ZaNvRIgvLXJ6KLPYirgDr6dKtkzXzPH-D2ar4P67eUU2QLVRVQ--Gn9sz_cHBaj6ElR6ybFY7PO8_E8NY_tCqiDSYM6tFqYnB4NGkvqPC_nVsDA%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=5507060125969&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
350bebaeb7e2ae8396b259b6b7c98a92d0748299c5b06fb97b5d3a7b69429115

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/

Response headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sun, 13 Mar 2022 10:31:43 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2160
Connection
close
Content-Type
text/html; charset=utf-8
native.png
ad-server.eu/wm/pb/ Frame 58F3
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=97124400064943500710612011897028
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=97124400064943500710612011897028
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:37:18 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA9:EC90_91EFC182:01BB_622DC80F_BFAF4EA:F725
X-IPLB-Instance
40027
Strict-Transport-Security
max-age=15768000
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
cshow.php
www.awin1.com/ Frame 58F3 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=97124400064943500710612011897028&pv=1
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-94-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:43 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cshow.php
www.awin1.com/ Frame 58F3 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2588355&v=18692&q=383790&r=296283&pref1=97124400064943500710612011897028&pv=1
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-94-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:43 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2C50 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:23:30 GMT
expires
Mon, 13 Mar 2023 10:23:30 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
493
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 81CB 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8c6738b987d7226be8dd8628a78a7b8d0de03d1b3883146c547bbf8659df820d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LG28tQnS+fCu4ukKLYF74w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 13 Mar 2022 10:31:43 GMT
date
Sun, 13 Mar 2022 10:31:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-LG28tQnS+fCu4ukKLYF74w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E6CF 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Sat, 12 Mar 2022 13:26:12 GMT
expires
Sun, 13 Mar 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
75931
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 58F3 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35a325444a0bc4175c8ce57a68c40668f032fdda466aeaa609a23193d6eb43fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
link.html
track.webgains.com/ Frame 865A 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jqh2b4ayve293t234crd90gm8qy33gennsk4asz8axm7sesk08gvz3m2p7wkr6pjfxjbas8q72met2phbaeyhmf6wdfkfcteq4jhwax0xxf3z6187ryc2e04a5qn133vsqk6ga0qk7rgx226gt8b1jahxh777y6dchwr6qywhqbgdfpyv84cr20qxgs3j9w4wpxy49dg5zrpkpq320wjy8eqwvacqtrh26qn236fsdr93dgrr8efj54pw0g9764w0gcfb7qbjq154k99rg0w168p0yrtc0q3nc0a7gevry1wfb60hq0%26a%3D&clickref=oneidP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73Aoneid__asuid6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3asuid__suite_Netmix_Reach09_PRIVATKREDIT&viewref=oneidrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4Roneid__asuid6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3asuid__suite_Netmix_Reach09_PRIVATKREDIT
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
70d75afdf2c4ec977f52f0977d52e4137863e37c88ed4cc45a2a40b038abd8e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:43 GMT
Last-Modified
Sun, 13 Mar 2022 10:31:43 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1470
Expires
Mon, 26 Jul 1997 05:00:00 GMT
css
fonts.googleapis.com/ Frame F59D 		1 KB
419 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=97124400064943500710612011897028&a=ea19281c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 13 Mar 2022 09:01:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 13 Mar 2022 10:31:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Mar 2022 10:31:43 GMT
/
hal9000.redintelligence.net/scale/ Frame F59D 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=97124400064943500710612011897028&a=ea19281c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
7bbf02d07a9047481f569d2705cd1a395da1c314f0b19cc96558ba97c132b6ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16247
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame F59D 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=97124400064943500710612011897028&a=ea19281c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
268314ab319caf7c48f031375ae04f67c9e5bb1bb633072694628fb0ea2591b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16857
Vary
Accept-Encoding
Content-Type
image/png
imgawinbanner_120x60_122019-1578486349125.jpg
a1.awin1.com/ads/awin/18692/ Frame F59D
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2588355&v=18692&q=383790&r=296283&pref1=97124400064943500710612011897028&pv=0
  • https://ui2.awin.com/ads/awin/18692/imgawinbanner_120x60_122019-1578486349125.jpg
  • https://a1.awin1.com/ads/awin/18692/imgawinbanner_120x60_122019-1578486349125.jpg
25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1.awin1.com/ads/awin/18692/imgawinbanner_120x60_122019-1578486349125.jpg
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=97124400064943500710612011897028&a=ea19281c
Protocol
H2
Server
151.101.2.110 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
fad88df6f78eca6556822fb4a8d589ac6b8e89a95434f05cc13a452d2f63b6ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:44 GMT
via
1.1 varnish, 1.1 varnish
server
Apache
age
24574
x-cache
HIT, HIT
content-type
image/jpeg
expires
Sun, 13 Mar 2022 15:42:09 GMT
cache-control
max-age=43200
x-cache-hits
1, 716
accept-ranges
bytes
x-timer
S1647167504.169839,VS0,VE0
content-length
25150
x-served-by
cache-fra19156-FRA, cache-hhn4028-HHN

Redirect headers

location
https://a1.awin1.com/ads/awin/18692/imgawinbanner_120x60_122019-1578486349125.jpg
date
Sun, 13 Mar 2022 10:31:44 GMT
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 6060 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1JtSeHixqbfIAxLePm4NmjOMeftkXB3bjBBg2G8ncTYTo0sHZHGRFd8DUssbc2a6A5nUIc3Z2FQ-PvwiNE7iOiAF_eCp77yHYVpbHoe84cYXeR3gg1Q&sai=AMfl-YQnSTKPXfVSYPLjaI3bdXKGWPTPdBdop_4bjT9wrYHX3_oy5TFx0eUKkqu74-hcYaWqxS2cQTSNzfJ3JpQATp-iTGfKFKa8X9_YcD0VEKAXUVONmpvpBift8VkJLbWu&sig=Cg0ArKJSzLiq0jvf2VbuEAE&cid=CAASKORoNhxoX9gw_hbV2p5sSrW7-pjyQw0I2oLFvag0mgmKm7jltgmUJIM&id=lidar2&mcvt=1010&p=5071,294,5121,614&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20220309&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4203880072&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647167502546&rpt=377&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame E6CF
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKLrp42vaJA19U_ur1itTeI&google_cver=1&google_push=AYg5qPI0Q70rhQH60aASjrNAUtcwXI7eRh2RbC5sAIi1lE8RIjlZzqxx1RCCssg8MhzFjGlhB4Z86yV-cLDnZa6jwFmsgwcfF39E
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMwOTU5NTQ1MjUzNDY4NTQxNw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKLrp42vaJA19U_ur1itTeI&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKLrp42vaJA19U_ur1itTeI&google_cver=1
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKLrp42vaJA19U_ur1itTeI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame E6CF 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGDWg58LHjmB3HANPRShags&google_cver=1&google_push=AYg5qPJ0-u-pl9MK7_1i7oI1aGrjdfwNaumCMzX-Hbix4x_kNgiTqlrUe_I1OPxRRXm_Iae_zVhOyQzr3G0otTovx_gRDDvDw3Kw
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame E6CF
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEC4UCH2S3L3HTvue98ltUjQ&google_cver=1&google_push=AYg5qPJPwq_pg80jvgu_Rkf2liGiQPkX8M6fMfKDUeio-j-VY61JRQLr2Z2rTWKbtO-TSCI4RRgt4YkRdvV3da7sGqzr-pcDXIzl
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5C964958223F48A89FFC7F9C8931A585&google_push=AYg5qPJPwq_pg80jvgu_Rkf2liGiQPkX8M6fMfKDUeio-j-VY61JRQLr2Z2rTWKbtO-TSCI4RRgt4YkRdvV3da7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5C964958223F48A89FFC7F9C8931A585&google_push=AYg5qPJPwq_pg80jvgu_Rkf2liGiQPkX8M6fMfKDUeio-j-VY61JRQLr2Z2rTWKbtO-TSCI4RRgt4YkRdvV3da7sGqzr-pcDXIzl
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 13 Mar 2022 10:31:44 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5C964958223F48A89FFC7F9C8931A585&google_push=AYg5qPJPwq_pg80jvgu_Rkf2liGiQPkX8M6fMfKDUeio-j-VY61JRQLr2Z2rTWKbtO-TSCI4RRgt4YkRdvV3da7sGqzr-pcDXIzl
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 12 Mar 2022 10:31:44 GMT
pixel
cm.g.doubleclick.net/ Frame E6CF
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESECQxMWCyA5RaR4Bs2FVgoKI&google_cver=1&google_push=AYg5qPLI3xkEzT1-e1ZrjSvb7vLe7ZzG4_RkiOT9XVRZanQQ5ccohWzzT4F58fwq8bAQOUS_zx7...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESECQxMWCyA5RaR4Bs2FVgoKI&google_cver=1&google_push=AYg5qPLI3xkEzT1-e1ZrjSvb7vLe7ZzG4_RkiOT9XVRZanQQ5ccohWzzT4F58fwq8bAQOUS_zx7...
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=FOYGkJR8TMmtK8elTk_IuA&gdpr=1&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=FOYGkJR8TMmtK8elTk_IuA&gdpr=1&gdpr_consent=
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
Apache-Coyote/1.1
location
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=FOYGkJR8TMmtK8elTk_IuA&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
pixel
cm.g.doubleclick.net/ Frame E6CF
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESELMirBMp3YVTJUaF1jkTGKs&google_cver=1&google_push=AYg5qPJotD_WqLDz-_F0HeCPXQsRTcV9sHtfLgMW_3ZT4KQuvNJhutOWUYq0mRAfgJHFbqkEkFAqoP2oO3VDXUXq...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=2ShuyzY3TBa_U9EZ7-W6Fw2&google_push=AYg5qPJotD_WqLDz-_F0HeCPXQsRTcV9sHtfLgMW_3ZT4KQuvNJhutOWUYq0mRAfgJHFbqkEkFAqoP2oO3VDXUXqK3nzb_2TNOkp
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=2ShuyzY3TBa_U9EZ7-W6Fw2&google_push=AYg5qPJotD_WqLDz-_F0HeCPXQsRTcV9sHtfLgMW_3ZT4KQuvNJhutOWUYq0mRAfgJHFbqkEkFAqoP2oO3VDXUXqK3nzb_2TNOkp
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 13 Mar 2022 10:31:44 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=2ShuyzY3TBa_U9EZ7-W6Fw2&google_push=AYg5qPJotD_WqLDz-_F0HeCPXQsRTcV9sHtfLgMW_3ZT4KQuvNJhutOWUYq0mRAfgJHFbqkEkFAqoP2oO3VDXUXqK3nzb_2TNOkp
x-host
tde-deliveryengine-production-6b8798558c-tbd2p
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame E6CF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJmi2jU6klHhn74MCggbP7U&google_cver=1&google_push=AYg5qPJjlwVuCnk0aKujopImRH66lyos0IailP8mDaR7ONXoaik92VMhqU3BksHET1iqnp9-Z6UsLPLO...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0NjI3NTU3OTk0MjE2OTI3Ng&google_push=AYg5qPJjlwVuCnk0aKujopImRH66lyos0IailP8mDaR7ONXoaik92VMhqU3BksHET1iqnp9-Z6UsLP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0NjI3NTU3OTk0MjE2OTI3Ng&google_push=AYg5qPJjlwVuCnk0aKujopImRH66lyos0IailP8mDaR7ONXoaik92VMhqU3BksHET1iqnp9-Z6UsLPLOAjBwUCF-bUnAiKAnsHo
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0NjI3NTU3OTk0MjE2OTI3Ng&google_push=AYg5qPJjlwVuCnk0aKujopImRH66lyos0IailP8mDaR7ONXoaik92VMhqU3BksHET1iqnp9-Z6UsLPLOAjBwUCF-bUnAiKAnsHo
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame E6CF
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPK5dXiYfFKy_FSSjCbkj3I62Q_5JkRJ3yCu7sLc57J4TeY4xHgto8bbWFKMAK5LYmaHtM4o9klGpLl_vf43GQjYCAvhqfXZ&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-4ba235ce-d577-4322-bac4-4afb85905177-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPK5dXiYfFKy_FSSjCbkj...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPK5dXiYfFKy_FSSjCbkj3I62Q_5JkRJ3yCu7sLc57J4TeY4xHgto8bbWFKMAK5LYmaHtM4o9klGpLl_vf43GQjYCAvhqfXZ&google_hm=A0uiNc7Vd0MiusRK-4WQUXc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPK5dXiYfFKy_FSSjCbkj3I62Q_5JkRJ3yCu7sLc57J4TeY4xHgto8bbWFKMAK5LYmaHtM4o9klGpLl_vf43GQjYCAvhqfXZ&google_hm=A0uiNc7Vd0MiusRK-4WQUXc
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPK5dXiYfFKy_FSSjCbkj3I62Q_5JkRJ3yCu7sLc57J4TeY4xHgto8bbWFKMAK5LYmaHtM4o9klGpLl_vf43GQjYCAvhqfXZ&google_hm=A0uiNc7Vd0MiusRK-4WQUXc
date
Sun, 13 Mar 2022 10:31:44 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4ba235ced5774322bac44afb85905177003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame E6CF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JqcZQo7YzTMwkd5pS5Md_Tn-VLA4tr7Iczonb6uwcsRcGa60g7Exp9enh-Tya9JcFjGPZb
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame 9A69 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030801&jk=4210770730355657&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame 0ECA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 81CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030801&jk=301711144975138&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame 2C50 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
viewability
hal900028.redintelligence.net/ Frame F59D 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/viewability?s=97124400064943500710612011897028&a=efa0c76c&vb=m
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=97124400064943500710612011897028&a=ea19281c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/request_content.php?s=97124400064943500710612011897028&a=ea19281c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:44 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame D274 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3XylD8gtYrn3HrSJx_APoYOM6A0AAAAAOAHgBAI&bg=!Hh2lHVnNAAb7UztL-1M7ACkAdvg8WmUJUMXGD8qehxUbqa_yrfcsxG0cW9uODSEnI5vN2P6CxkE_0AIAAADCUgAAAAFoAQeZAyZjmvXcp9SaCFhEeWzHHSjN_nmTvs7LkosR158do4HnJsUpAb-fAzdT1RN-06Z8W4DK4pcwA1RKTLcp_O2pp0zzJr0v4-IGfykIWUWL7A_U17VssQOXRcXpJXKpZHQQEbBKMn2TGF-fbveqexQc7VaD11jN6HUL27nwKf8DJfoi4WVxNBLlFzcgc7KVDsxU9iajbCc5j3K06x4kNvxheMD0f-pHOQVcEXvh8YTrH3FgeVsJQf2clBhQA6rsaR6WG_nyOCN_bH4tpkrNYDUExzjAUZ-YOd6xkCAJX3UcABHwJw48pRvvXwSwqp8Z5jLFg1_lO5wK7aoBnuOfPMlapaag80HZzS_Fj-GOWYK69nlnalHKHSokFwROyvk9D3JChvsrA4nLM8VXceB7ST539UsN2q2qpgjRXkCub86ZvSVcNjYZFuY_D2P0DAbzEWT_VMXSjt7qzgq6VPv3J3hPtq3yt-61mQDAHLWcN890cGT3uxTKMNtktAAUu_qfY10823js2JJiCNGMAtjPOYdHlacereohKcmhCzL0NJD00i1L1OpUqhCABsZPZMFPp989G--MEshdWV5uovtxZ2H75C_jxDdddNTyJ49pqV1ZTfkVSxBUsRJIme65UjuUDPt6a6jabGb9Lk-rK3U8-pCY6NEpoF07Dx_2n3Azm-lEEoEGV85dZF_CRF6fR10Ao-8oocJKqALNc85WotVeiKjRGLJjUoBYcMgtzkSLT26Vs2nVll1Fy7GWMKZvg9luRYULBsf3kMfAXhdutLUIUWGoQST-kdUPvZ19ngaLN4l7Ysubjhk0jNM5MJAiL1713cC4tsbgmD-ch82M7Opha6rBfmwTheyIjHTI47JVG4Q8aHLhZD5fjfgBnKMsQ0RsFWlENT7JYWS5IR3p7Fe3bqlDc4mdmC0MMSQx1tnhjQXmGLGGAQNNTrW_iMfXaofGrvoCuDvJBdYyX5BL8AUBRePf4zMLqRnXxzy73zNMCzFBltBCDvCQOZk7F-26PK3TRpCEkAyulU7iD3NAD055VWkFkaIZ8-Bu1-gfwing2ep3NY8qSTv9F8HTgg
Requested by
Host: 8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
URL: https://8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 865A 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jqh2b4ayve293t234crd90gm8qy33gennsk4asz8axm7sesk08gvz3m2p7wkr6pjfxjbas8q72met2phbaeyhmf6wdfkfcteq4jhwax0xxf3z6187ryc2e04a5qn133vsqk6ga0qk7rgx226gt8b1jahxh777y6dchwr6qywhqbgdfpyv84cr20qxgs3j9w4wpxy49dg5zrpkpq320wjy8eqwvacqtrh26qn236fsdr93dgrr8efj54pw0g9764w0gcfb7qbjq154k99rg0w168p0yrtc0q3nc0a7gevry1wfb60hq0%26a%3D&clickref=oneidP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73Aoneid__asuid6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3asuid__suite_Netmix_Reach09_PRIVATKREDIT&viewref=oneidrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4Roneid__asuid6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3asuid__suite_Netmix_Reach09_PRIVATKREDIT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-214-118.arn56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 a626e6748fd7659cdc58de81924341d6.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
20320
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 13 Mar 2022 04:53:05 GMT
x-amz-cf-pop
ARN56-P1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
5vOHRXylWV_mosFakI_bxhSlGnND1xSdubO_IPk0jdX8De5FPT7rLQ==
link.html
track.webgains.com/ Frame 865A 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidzgQBTRfYfbqxteCBHMtqtzX4sVSZtg31UWoneid__asuidg5ujv9j95YxcDRLtXR0FJ2e45SrEw0-gasuid__adalliance_mobile_advancedad_300x250&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=6IaW1Vg26uBDdfXBiyc4sVFZz7YNVBR3&g=10c2bbaad2da5b442a346f5e334ebc95%2F7333894301345488325&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1647167503747&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyz31663qz3fe47z3amhap9199cnr0snyqvwjrrmznvfp3xy7hpc24smcqw64xjm5kz4aqf4rnxdtey74wcp1wajj9k2jwakgf3mb5nw37mdzgpyhhcygnqbcn7wwqawke98hyp3jep2hqhd1rtcte73yzz0a9xjas6qp950xqn4ds6x6wyb9d8xkw2vqx7841gdv03djpdgct3vmhfzt28446t4n1k01z4parvap0knj96k8f0y5cee5bm8g6y15ft51q358tfgy6ng77kahvq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7ps0DsgtYsunN4OD3wPCkafwA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAcKu6N0DyAEJqQIY8YtEyE6yPuACAKgDAaoExgJP0Omf3HmwC9gZG78zwrbnsqDY_zi47jN-rFhHI-1VQMdDfkLXRmyqOdoilDzODyvXO7PDzaCpdg1Rx-iVQN13lMNP3_LxyUymDE0va776qZbELKTDMBvJGpBYlTpu1s5DiEukEc6Vhy8Q2Re0WObRzrEiMXOHmO4p44f7AVS5wWdtL-HxWOuJOUrlHCT1R89z-ejaJejW9vU9n4W0LsAiuJm5r8XCZ3ry_IaRLCX-TJSLiESj8xcXwe_zRVvcLWspvhzR67q2S0Z7IIngQEytOlvbk-vyygho-Z1jnmHXBzskWfyB0brWtjcqQR0ISG9wLe-c7sqhmbyeabph8w8tQadeNUxecqmsBdcdf9ice9PYHVjFutCHlWh8cC8CLAg8cM0Bh7K4kZO8UyHkR8Ym6TlCaPOU2jFvAfdS7bM228KW_z_1YOAEAYAG8LGN5faIvuxvoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1GbhJ7zPqeyGPsd24EkhEJKaCjLA%252526client%25253Dca-pub-5413329544040947%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:44 GMT
Last-Modified
Sun, 13 Mar 2022 10:31:44 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 2C50 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1RHBWA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 0ECA 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Y5yhwA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
collect
h.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: h.clarity.ms
URL: https://h.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://nets4.com
date
Sun, 13 Mar 2022 10:31:43 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
container.html
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F911 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Mar 2022 10:31:43 GMT
expires
Mon, 13 Mar 2023 10:31:43 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
api.purpleads.io/x/a/b8f16d313ac836832299f4e9bcc5aa59:455d5111cd98628349af90cd2c71f46095c6853c943a6f365b140e3f8da6037298b414c4db1090666d2403e5cabde609462b437d0e978572c25c3bdcb295ca3a6d12f6995158109... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/b8f16d313ac836832299f4e9bcc5aa59:455d5111cd98628349af90cd2c71f46095c6853c943a6f365b140e3f8da6037298b414c4db1090666d2403e5cabde609462b437d0e978572c25c3bdcb295ca3a6d12f6995158109a463cd849c5d6d14d8e11561cc2539782adb71f0a705086481eef2cbb720a7db6d12ae878a064634de0b8f6b00a39e37456a0fa99571164f67c3db6e209e4f53dea98235661ad37d0/i?id=a60ad3fa-d590-4016-b206-987d15c4a058&ts=1647167504192
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:44 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
f6d4fd50-966e-48d5-a291-97961b401e12
i
api.purpleads.io/x/a/b8f16d313ac836832299f4e9bcc5aa59:455d5111cd98628349af90cd2c71f46095c6853c943a6f365b140e3f8da6037298b414c4db1090666d2403e5cabde609462b437d0e978572c25c3bdcb295ca3a6d12f6995158109... 		0
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/b8f16d313ac836832299f4e9bcc5aa59:455d5111cd98628349af90cd2c71f46095c6853c943a6f365b140e3f8da6037298b414c4db1090666d2403e5cabde609462b437d0e978572c25c3bdcb295ca3a6d12f6995158109a463cd849c5d6d14d8e11561cc2539782adb71f0a705086481eef2cbb720a7db6d12ae878a064634de0b8f6b00a39e37456a0fa99571164f67c3db6e209e4f53dea98235661ad37d0/i?id=a60ad3fa-d590-4016-b206-987d15c4a058&ts=1647167504192
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2plc3VzLmNv
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.26

Response headers

access-control-allow-origin
https://nets4.com
date
Sun, 13 Mar 2022 10:31:44 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
5b0ee593-a590-4d6c-88dc-f872beb1e9f6
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7074 		499 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1-OpXTAB&v=APEucNXRxOS81FmBtegPjxJk2mub9I7cbdWXw4Un86Nbc7dbY2EA7Yfced3FIO-Vck_eGx4joHYpI1UKRGBXPWRM3lTEuH9bU2ztI-OJpfOxttldH6UEGRVf0mEV4jh11uCfsKLkxef6mWfj15mMlzoK6GMQvGrIDyqOgi1QLkevST0BSJxbVKY
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 13 Mar 2022 10:31:44 GMT
server
cafe
cache-control
private
content-length
313
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame F911 		27 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AG2AEdaibkkRuGl2fEmWNgwYNvg_LYnEMnKAHzvgDwdkuI8wQxNY0q6sh09hsGSEjsLTCiIpqrJwYJaOHNOi0xIDX3-M9fxa8CA9mc7wqiGMP1qtP4lmanZfYt09ml045mc00_D86J9AzpNkobrkSkU0IXuA&cry=1&dbm_d=AKAmf-DIzhVbsv9gjChbuxQJfCJR47tu9rOZAi9Bhvcyp-PidtL-_XkpYKzF9LspX78rV5m6ve1WEg4EuNxQTfzLoimXdVbGJ_rEQxZgqEIJ3yuKbTr_VBnROJGg1E5cwf2M-0n9aPqRebflPwNmfOUlEj0Dd65NGogeG9pe5LNw2lhS76vVAjYqU3-DUEVmd8lIl1D2AOAzXvk9_A2WgMC4g811jRXyFIOEusvjPSUJ6968BfZbp0enqbDrsrISrFaMh5UCXUo_vLfDdnQSPCqQ1aefw2aswz2YabJWwxu8HSGi7Low95EoyOyj0Ad8_-FaJCxdMgliUViWtDOTyjDOT9lOxoDYmRAnuuWRoBmTZ7hVIom06ACg0mqm_U5D7fCXSePi30UKMfTP3kSTKytJ4Jw8Sn44UbNm1fepToEZI4icePk1s87jaCClE4--Hn14kelaNLmvzgrp7GzSw829-aKzKfl7Ugd-zokeuPSTXTb1y38mSjHdebes4MRkcrCnZZqM6qhKzRSHde6QNGDuhe8TUz4aOJPTXLn36i9qKivu_SkXwVFow0oQUG2Fmg6X0WuAErevJy2QQhG66Ke_5MBe7FFRO0BHurOXHaTO4blffAeH06z29BsdhaZagl8xhjzMc52pgz20fmPZMY8IjP89JrhnvwU1Nfb9PjgfDdRN5gUax7lUdKg-9S1ZF170E81HxrNabVdsw8xzh9bxSfMJmxhaLkw32ASjxzvo8O--Jb_rXrTztLu9K_FcR1E1iSOuisqq5eLCuyHrHvHbtLD6n61FMxv13m1R3IXrfJWxKLT-9AnxebDxX4etH5qVIqzkWLaGIq2KqdMrfG0KB4cpQLwy39p8FxY_hqb5VeP06Q8ijuHelZh_KM1KS1R9jtKujZDaXWUd1gbDPYohyG2ej1BtDOPMFKhNTh6dErpoMPsiAdQTZPq3q1R4-T2RscWWdNWunQAbI5FFcckRJdHeVFbnF4s_ByeXPx0LeZgrijqUIfrA_If5NueLg-Mr_zu3p3XD6hdxOVtZpWBbuLu9lTXtKwbqziA3qAiKCysgECY4oT2XUTqQVqNNsPRT-Kg7L1mNawD39G3eGRb6LGh2MIL6oS82En9k6pjcg-NVbDFGAiWXjQJAn6TzvAMXx4jOwJ8q2aYQc_TqM1RRlCghsQDhX7yf4dZBq1uDwPTQKQThOdjd2ioGEQd-7pewYBSyLq0Rwtz5Xy839c2NK41QSLLEq5IX7NG4wJLQ59d2sa4FpxU6v2XhLw012mweb_rBw9k4UbN8UIUEoiV1wO0w7XuNmFkzYqXb-MvvOTNEP96Ciu9DvY7RAnRksZERf9wekTlHzfEpGf4ENlxaq11ndQrJZu7c7K-ca0jlYZ3tJOPff1Dzr1J-cbJTwtDalpGgI8Lama9AlL8vXcJ3Nh3fnzYEcf9Kkgi3t1QDYgdcPTrrrjTZlktIdL43Xb3YUZcERRUx3lbkhX3HTrPaIxmhqcc3g6Hez2QC_vZ9ncIEUnX751hVjvoDtWR-3mHJxoZJQz9IMCHE70He2NJLWTta5cadAJhVbeoaa7K2S7nQiDCUN3szQduU_6ppKKi5KhGNTlnFwnptev_X2ksoJR7zuuwwWluIFAD5J3Ct77wSwjSb7xPbFt-vm1jMme1rcsGRvbAmTjnQMAO2RN-ZViaVNnLUIclR_Mr2N7QjDX7kpzTrsBYveOfeFjlemIgQg6NDmYKdWWz7G42aIUxY-vR7Fho0YvwcjyNR2oU_NCNxWxwVOsTQX1qXxAKbkdIeKf6kWwgRoPobhoh6MxCYNeBPBSali92NzLxpQD4PvV-S2hAAeV70C-eh_Vu5l9_5qN5bSAEjCJcO6ATB0ovXbbZTZIcuR7BDeH8OLny_CO5yVDMYUwBwXep9tYswE4IHE3bogIn6rB-nCDfR-Rz5qxQ5tb5L5KbCA_8LtwN6vqo83r_0lOl5tJL5n7vym9S4csDklhyWWvGAHrU19zjRfPtBsY7o_N1i9jXGLIenDMP5vXyj5HWJoTvatPNPGJ1hWju0AaJ540WI9nZp9Rvmk9B8nyQbjCkH5r92j9UCMLt90abP3mvlLaT4zZVq6NiyW5dC4JtBRRm6B3_4K8UiyNq29QoqulHVRcUlZ3-jQwQfcHRCpgcx65I-M19Jc9ivobl7hjcjbZV6pgEJXdhgFaf9si4OapN9iHYu1Z4HAAr7lnhPgS7VnRl3NdHVtigdnbWsx2XBTy2_tZtsGyseZscPREonobl8LMwBlBzKb3CSSdkQ2LCHY17AcmyUwARESxW4B0CPxqIBcAwhSu3KNLUfYpeatE5JlqkZ4GpaTwqi8qQ8SvyppjW2pLHspFvLPbU4U8OJMoOWfZCdcdecC6KUh_nSY7nmpIuPi5DM0Worz7-n_PYohm17TACMA0COulyBUG8sf3YZ4jMrp3o6J1U_nKvRAvGzCxdqgSsyKJzUUpi6z_hN5BIDtMhqwf-0U-pXR0mpopOmabtWVP3AsnM5ZuK_B_Jr2MBxgySym8Cb_WjXr-3yjbt-ptYlcb0HxZdrIHaHhvFcVwWxTtU9-aUuGoIhT5RiVYBpXY7djaL_H_IyFwYc91-Ab8rZ273LmMTRHWLK3MEhfmi3nDBlw0qGQFq7BgzB1piPcohz-3KmYwVxBiYxMo9w8cF7TWN1mFruKw4ePTUXRUYVLSqP4xBie9ksONsqSp8JhWpVHh8MCaKPNNogtZYVnfxTEzRbwVLWzBMHJuG9s4-KvhVP-23enESQMBd6veGxP-zWfNIrhA6-pKyGrCS-XmHMxlwZUo_sAaFQXZJ1aGtyl3l5XTq39FG7YQ6GvpylJV_1syjNmo3KIq6ou8WcbCHvi_wrS2W5hViBhalzAPuIgJXM3naJEklSFjap2Wykjs99fiONhrJLa-zW1z8koqTDGTK5goHqk4V1-szYV8rf9aHyjWq4tNsSJvyMGgiK5jAy8NAZjpbFyX_rTlpEqqP8BQ2_DyfJ9XzTHH1IbBnT4Ls-lkLoRheoq9OZXsMvBpouO4vmBkWzSw_0vp3OYW3CnKe0PsCi_pMN7eAcg_AYuuU8ULLd-uoibHG-0TEPaPp78rTcEe614AYQmKMjwYZqDx3GKH723ZtPUm6wxRx2MjSYX10_cDP-v0Dbn5ucgZZcqcjNYOXB6cW-W2MYqUG7-lcQyUfUgijaGdwi39LosyQAEjNuXXwojKxPC7Drc1TkU_00rctr5XXTkQNiT1f3-Sk6URvDfUwNl6Gm-HUpZSircttOxk_Zmg&cid=CAASJORox6xv8kVe_vCkG2H-WfFWi_NFrYs8JUZdEJFHZ5bcym8Zmw&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Requested by
Host: nets4.com
URL: https://nets4.com/domain/jesus.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4737c095b2fe07c3277576ec1875b043639cdf54d6527ede7109908abc6d299a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16239
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F911 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DBh9ZwiN5v7X9Z8zAQz29wZcNFPZRBN3PzFWjLeww8aLgrRgULci05AT46XmCfJJifxPtpmhunlmb_iT1GpBA1OWVatuJBsyDwf_OqK3PSio1gaak
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame F911 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:31:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F911 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36343
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646830771070120"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 10:31:44 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame F911 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:29:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6397
x-xss-protection
0
server
cafe
etag
14404976697706490601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:29:53 GMT
l
www.google.com/ads/measurement/ Frame F911 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTMEFiWXqrm9SlosBuhR_Kdjf-WDdbdFp0e8kVfXqXTSe5iEXWsoVpySXCgPwO7KEdsRhYq6tK-946tXoyaTY68ObT81A
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2ED 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030801&jk=2612437989791563&bg=!hYalhsLNAAb7UztL-1M7ACkAdvg8Wse1DHc4uo0teK8h-1mUm_LVLqgLslnY00hWzjq2zekebxUvgwIAAAC0UgAAAAJoAQeZAtYR-QVZ2Uv5kMFYJClE-0lSbd0CnOTbwzeCiMPjSQeOOoJfkXpd6LP0_iEg0vZn8-CPyoA7CEyPoRjPQWNv5UNmGyfuDBoeOYC7WUGrPm_iyldAscmaqNMZ__Rap7Ue8czi-9r56xoqlyoQEqMyqzA9MeJz0RHodQcgimz7ncGl2F5eonHyfTo0izTpakpZ3-EGWCb0XMk-pK5wt5FzGAuTPm4l1WNyt7xbfndEaOUjQDB17HbKjYyPsr-Ebgzxl7jY9iPqUJkN9nLRryHON5SRB5TWY3Ldh6g1hgH-mLNQwIA2axmsXAleESCKAkiHmoReZ-Ue2PxPFmk8tNKLe5Y5ydMQEbh0AXAvy2CrfBwOdkZLQ_TPDKrZ1OxgMqmLRiqUR0n7xYn-Qik43wuSBtT5MrXIP8-UDvV7V4ALqsZnJvcyUYDXyHMh8O7hTAQqw0giITAVGeJbuoYFSdDObWGmadcRyngfu6whS39YK2fYQFci2rjFqcMXFgNbkhwTrPnzKvSSVnxJOkN53eRMqrrsRU_eIkj70xi_m0ViADQxn0gWn1Ce9ZAPXRyogqq-zkplGM9j5l-EHgmz8KUV7-tIXoJmEB4N-didh7O_9RxYt0PKu5TaGSr3lmo-48OSHQhjrv-Fk4koLHDPxOvN9kx99B4O0CUzS16Xw-tlzV-v00E0HDgSlqn9aC1K5CFYIGN4k-Lrm6EVm8vT-T728MRfUL1K8zjCxl5NO3MDTsxR9fQPkNBoXeRuFWLeWcUrvh4Ycf8xIlRcgAS3Kunn2N6NCYH3IbE1BLAMpURsbvIKGyWEjSfvceeaWlIVYf99XOrtIZLi2UUf7PLhPCGs6R2WHUljC7DlZ5NkYF7hazC7OY1_hc72mjKrq4wjBLg0N2yPWhKYbCnFYSKh0QbkOHNeRDeTdMtaqMx46zVA8nKvxcdqu40YniKDE6MNrzR5iQ83eek23Ow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 7074
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEENTucHRFYD2JZPs-uximaM&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEENTucHRFYD2JZPs-uximaM&google_cver=1&__user_check__=1&sync_id=c76841fd-a2b8-11ec-8af8-102ad03c0206
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEENTucHRFYD2JZPs-uximaM&google_cver=1&__user_check__=1&sync_id=c76841fd-a2b8-11ec-8af8-102ad03c0206
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1-OpXTAB&v=APEucNXRxOS81FmBtegPjxJk2mub9I7cbdWXw4Un86Nbc7dbY2EA7Yfced3FIO-Vck_eGx4joHYpI1UKRGBXPWRM3lTEuH9bU2ztI-OJpfOxttldH6UEGRVf0mEV4jh11uCfsKLkxef6mWfj15mMlzoK6GMQvGrIDyqOgi1QLkevST0BSJxbVKY
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:44 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
33
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Sun, 13 Mar 2022 10:31:44 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEENTucHRFYD2JZPs-uximaM&google_cver=1&__user_check__=1&sync_id=c76841fd-a2b8-11ec-8af8-102ad03c0206
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
134
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 7074
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Yzc2ODNiZjQtYTJiOC0xMWVjLWI5OWYtMTkyY2IxNmUwMjA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Yzc2ODNiZjQtYTJiOC0xMWVjLWI5OWYtMTkyY2IxNmUwMjA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1-OpXTAB&v=APEucNXRxOS81FmBtegPjxJk2mub9I7cbdWXw4Un86Nbc7dbY2EA7Yfced3FIO-Vck_eGx4joHYpI1UKRGBXPWRM3lTEuH9bU2ztI-OJpfOxttldH6UEGRVf0mEV4jh11uCfsKLkxef6mWfj15mMlzoK6GMQvGrIDyqOgi1QLkevST0BSJxbVKY
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 13 Mar 2022 10:31:44 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Yzc2ODNiZjQtYTJiOC0xMWVjLWI5OWYtMTkyY2IxNmUwMjA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
35
Connection
keep-alive
Content-Length
0
v1
ads.yahoo.com/cms/ Frame 7074 		0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1-OpXTAB&v=APEucNXRxOS81FmBtegPjxJk2mub9I7cbdWXw4Un86Nbc7dbY2EA7Yfced3FIO-Vck_eGx4joHYpI1UKRGBXPWRM3lTEuH9bU2ztI-OJpfOxttldH6UEGRVf0mEV4jh11uCfsKLkxef6mWfj15mMlzoK6GMQvGrIDyqOgi1QLkevST0BSJxbVKY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:44 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame F911 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AG2AEdaibkkRuGl2fEmWNgwYNvg_LYnEMnKAHzvgDwdkuI8wQxNY0q6sh09hsGSEjsLTCiIpqrJwYJaOHNOi0xIDX3-M9fxa8CA9mc7wqiGMP1qtP4lmanZfYt09ml045mc00_D86J9AzpNkobrkSkU0IXuA&cry=1&dbm_d=AKAmf-DIzhVbsv9gjChbuxQJfCJR47tu9rOZAi9Bhvcyp-PidtL-_XkpYKzF9LspX78rV5m6ve1WEg4EuNxQTfzLoimXdVbGJ_rEQxZgqEIJ3yuKbTr_VBnROJGg1E5cwf2M-0n9aPqRebflPwNmfOUlEj0Dd65NGogeG9pe5LNw2lhS76vVAjYqU3-DUEVmd8lIl1D2AOAzXvk9_A2WgMC4g811jRXyFIOEusvjPSUJ6968BfZbp0enqbDrsrISrFaMh5UCXUo_vLfDdnQSPCqQ1aefw2aswz2YabJWwxu8HSGi7Low95EoyOyj0Ad8_-FaJCxdMgliUViWtDOTyjDOT9lOxoDYmRAnuuWRoBmTZ7hVIom06ACg0mqm_U5D7fCXSePi30UKMfTP3kSTKytJ4Jw8Sn44UbNm1fepToEZI4icePk1s87jaCClE4--Hn14kelaNLmvzgrp7GzSw829-aKzKfl7Ugd-zokeuPSTXTb1y38mSjHdebes4MRkcrCnZZqM6qhKzRSHde6QNGDuhe8TUz4aOJPTXLn36i9qKivu_SkXwVFow0oQUG2Fmg6X0WuAErevJy2QQhG66Ke_5MBe7FFRO0BHurOXHaTO4blffAeH06z29BsdhaZagl8xhjzMc52pgz20fmPZMY8IjP89JrhnvwU1Nfb9PjgfDdRN5gUax7lUdKg-9S1ZF170E81HxrNabVdsw8xzh9bxSfMJmxhaLkw32ASjxzvo8O--Jb_rXrTztLu9K_FcR1E1iSOuisqq5eLCuyHrHvHbtLD6n61FMxv13m1R3IXrfJWxKLT-9AnxebDxX4etH5qVIqzkWLaGIq2KqdMrfG0KB4cpQLwy39p8FxY_hqb5VeP06Q8ijuHelZh_KM1KS1R9jtKujZDaXWUd1gbDPYohyG2ej1BtDOPMFKhNTh6dErpoMPsiAdQTZPq3q1R4-T2RscWWdNWunQAbI5FFcckRJdHeVFbnF4s_ByeXPx0LeZgrijqUIfrA_If5NueLg-Mr_zu3p3XD6hdxOVtZpWBbuLu9lTXtKwbqziA3qAiKCysgECY4oT2XUTqQVqNNsPRT-Kg7L1mNawD39G3eGRb6LGh2MIL6oS82En9k6pjcg-NVbDFGAiWXjQJAn6TzvAMXx4jOwJ8q2aYQc_TqM1RRlCghsQDhX7yf4dZBq1uDwPTQKQThOdjd2ioGEQd-7pewYBSyLq0Rwtz5Xy839c2NK41QSLLEq5IX7NG4wJLQ59d2sa4FpxU6v2XhLw012mweb_rBw9k4UbN8UIUEoiV1wO0w7XuNmFkzYqXb-MvvOTNEP96Ciu9DvY7RAnRksZERf9wekTlHzfEpGf4ENlxaq11ndQrJZu7c7K-ca0jlYZ3tJOPff1Dzr1J-cbJTwtDalpGgI8Lama9AlL8vXcJ3Nh3fnzYEcf9Kkgi3t1QDYgdcPTrrrjTZlktIdL43Xb3YUZcERRUx3lbkhX3HTrPaIxmhqcc3g6Hez2QC_vZ9ncIEUnX751hVjvoDtWR-3mHJxoZJQz9IMCHE70He2NJLWTta5cadAJhVbeoaa7K2S7nQiDCUN3szQduU_6ppKKi5KhGNTlnFwnptev_X2ksoJR7zuuwwWluIFAD5J3Ct77wSwjSb7xPbFt-vm1jMme1rcsGRvbAmTjnQMAO2RN-ZViaVNnLUIclR_Mr2N7QjDX7kpzTrsBYveOfeFjlemIgQg6NDmYKdWWz7G42aIUxY-vR7Fho0YvwcjyNR2oU_NCNxWxwVOsTQX1qXxAKbkdIeKf6kWwgRoPobhoh6MxCYNeBPBSali92NzLxpQD4PvV-S2hAAeV70C-eh_Vu5l9_5qN5bSAEjCJcO6ATB0ovXbbZTZIcuR7BDeH8OLny_CO5yVDMYUwBwXep9tYswE4IHE3bogIn6rB-nCDfR-Rz5qxQ5tb5L5KbCA_8LtwN6vqo83r_0lOl5tJL5n7vym9S4csDklhyWWvGAHrU19zjRfPtBsY7o_N1i9jXGLIenDMP5vXyj5HWJoTvatPNPGJ1hWju0AaJ540WI9nZp9Rvmk9B8nyQbjCkH5r92j9UCMLt90abP3mvlLaT4zZVq6NiyW5dC4JtBRRm6B3_4K8UiyNq29QoqulHVRcUlZ3-jQwQfcHRCpgcx65I-M19Jc9ivobl7hjcjbZV6pgEJXdhgFaf9si4OapN9iHYu1Z4HAAr7lnhPgS7VnRl3NdHVtigdnbWsx2XBTy2_tZtsGyseZscPREonobl8LMwBlBzKb3CSSdkQ2LCHY17AcmyUwARESxW4B0CPxqIBcAwhSu3KNLUfYpeatE5JlqkZ4GpaTwqi8qQ8SvyppjW2pLHspFvLPbU4U8OJMoOWfZCdcdecC6KUh_nSY7nmpIuPi5DM0Worz7-n_PYohm17TACMA0COulyBUG8sf3YZ4jMrp3o6J1U_nKvRAvGzCxdqgSsyKJzUUpi6z_hN5BIDtMhqwf-0U-pXR0mpopOmabtWVP3AsnM5ZuK_B_Jr2MBxgySym8Cb_WjXr-3yjbt-ptYlcb0HxZdrIHaHhvFcVwWxTtU9-aUuGoIhT5RiVYBpXY7djaL_H_IyFwYc91-Ab8rZ273LmMTRHWLK3MEhfmi3nDBlw0qGQFq7BgzB1piPcohz-3KmYwVxBiYxMo9w8cF7TWN1mFruKw4ePTUXRUYVLSqP4xBie9ksONsqSp8JhWpVHh8MCaKPNNogtZYVnfxTEzRbwVLWzBMHJuG9s4-KvhVP-23enESQMBd6veGxP-zWfNIrhA6-pKyGrCS-XmHMxlwZUo_sAaFQXZJ1aGtyl3l5XTq39FG7YQ6GvpylJV_1syjNmo3KIq6ou8WcbCHvi_wrS2W5hViBhalzAPuIgJXM3naJEklSFjap2Wykjs99fiONhrJLa-zW1z8koqTDGTK5goHqk4V1-szYV8rf9aHyjWq4tNsSJvyMGgiK5jAy8NAZjpbFyX_rTlpEqqP8BQ2_DyfJ9XzTHH1IbBnT4Ls-lkLoRheoq9OZXsMvBpouO4vmBkWzSw_0vp3OYW3CnKe0PsCi_pMN7eAcg_AYuuU8ULLd-uoibHG-0TEPaPp78rTcEe614AYQmKMjwYZqDx3GKH723ZtPUm6wxRx2MjSYX10_cDP-v0Dbn5ucgZZcqcjNYOXB6cW-W2MYqUG7-lcQyUfUgijaGdwi39LosyQAEjNuXXwojKxPC7Drc1TkU_00rctr5XXTkQNiT1f3-Sk6URvDfUwNl6Gm-HUpZSircttOxk_Zmg&cid=CAASJORox6xv8kVe_vCkG2H-WfFWi_NFrYs8JUZdEJFHZ5bcym8Zmw&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
947e22d9ed05fbe3f5ed3c4ee35618a1910a85968f48a22c0277f9936f2eb769
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
5177785407398320510
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Mar 2022 10:31:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F911 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AG2AEdaibkkRuGl2fEmWNgwYNvg_LYnEMnKAHzvgDwdkuI8wQxNY0q6sh09hsGSEjsLTCiIpqrJwYJaOHNOi0xIDX3-M9fxa8CA9mc7wqiGMP1qtP4lmanZfYt09ml045mc00_D86J9AzpNkobrkSkU0IXuA&cry=1&dbm_d=AKAmf-DIzhVbsv9gjChbuxQJfCJR47tu9rOZAi9Bhvcyp-PidtL-_XkpYKzF9LspX78rV5m6ve1WEg4EuNxQTfzLoimXdVbGJ_rEQxZgqEIJ3yuKbTr_VBnROJGg1E5cwf2M-0n9aPqRebflPwNmfOUlEj0Dd65NGogeG9pe5LNw2lhS76vVAjYqU3-DUEVmd8lIl1D2AOAzXvk9_A2WgMC4g811jRXyFIOEusvjPSUJ6968BfZbp0enqbDrsrISrFaMh5UCXUo_vLfDdnQSPCqQ1aefw2aswz2YabJWwxu8HSGi7Low95EoyOyj0Ad8_-FaJCxdMgliUViWtDOTyjDOT9lOxoDYmRAnuuWRoBmTZ7hVIom06ACg0mqm_U5D7fCXSePi30UKMfTP3kSTKytJ4Jw8Sn44UbNm1fepToEZI4icePk1s87jaCClE4--Hn14kelaNLmvzgrp7GzSw829-aKzKfl7Ugd-zokeuPSTXTb1y38mSjHdebes4MRkcrCnZZqM6qhKzRSHde6QNGDuhe8TUz4aOJPTXLn36i9qKivu_SkXwVFow0oQUG2Fmg6X0WuAErevJy2QQhG66Ke_5MBe7FFRO0BHurOXHaTO4blffAeH06z29BsdhaZagl8xhjzMc52pgz20fmPZMY8IjP89JrhnvwU1Nfb9PjgfDdRN5gUax7lUdKg-9S1ZF170E81HxrNabVdsw8xzh9bxSfMJmxhaLkw32ASjxzvo8O--Jb_rXrTztLu9K_FcR1E1iSOuisqq5eLCuyHrHvHbtLD6n61FMxv13m1R3IXrfJWxKLT-9AnxebDxX4etH5qVIqzkWLaGIq2KqdMrfG0KB4cpQLwy39p8FxY_hqb5VeP06Q8ijuHelZh_KM1KS1R9jtKujZDaXWUd1gbDPYohyG2ej1BtDOPMFKhNTh6dErpoMPsiAdQTZPq3q1R4-T2RscWWdNWunQAbI5FFcckRJdHeVFbnF4s_ByeXPx0LeZgrijqUIfrA_If5NueLg-Mr_zu3p3XD6hdxOVtZpWBbuLu9lTXtKwbqziA3qAiKCysgECY4oT2XUTqQVqNNsPRT-Kg7L1mNawD39G3eGRb6LGh2MIL6oS82En9k6pjcg-NVbDFGAiWXjQJAn6TzvAMXx4jOwJ8q2aYQc_TqM1RRlCghsQDhX7yf4dZBq1uDwPTQKQThOdjd2ioGEQd-7pewYBSyLq0Rwtz5Xy839c2NK41QSLLEq5IX7NG4wJLQ59d2sa4FpxU6v2XhLw012mweb_rBw9k4UbN8UIUEoiV1wO0w7XuNmFkzYqXb-MvvOTNEP96Ciu9DvY7RAnRksZERf9wekTlHzfEpGf4ENlxaq11ndQrJZu7c7K-ca0jlYZ3tJOPff1Dzr1J-cbJTwtDalpGgI8Lama9AlL8vXcJ3Nh3fnzYEcf9Kkgi3t1QDYgdcPTrrrjTZlktIdL43Xb3YUZcERRUx3lbkhX3HTrPaIxmhqcc3g6Hez2QC_vZ9ncIEUnX751hVjvoDtWR-3mHJxoZJQz9IMCHE70He2NJLWTta5cadAJhVbeoaa7K2S7nQiDCUN3szQduU_6ppKKi5KhGNTlnFwnptev_X2ksoJR7zuuwwWluIFAD5J3Ct77wSwjSb7xPbFt-vm1jMme1rcsGRvbAmTjnQMAO2RN-ZViaVNnLUIclR_Mr2N7QjDX7kpzTrsBYveOfeFjlemIgQg6NDmYKdWWz7G42aIUxY-vR7Fho0YvwcjyNR2oU_NCNxWxwVOsTQX1qXxAKbkdIeKf6kWwgRoPobhoh6MxCYNeBPBSali92NzLxpQD4PvV-S2hAAeV70C-eh_Vu5l9_5qN5bSAEjCJcO6ATB0ovXbbZTZIcuR7BDeH8OLny_CO5yVDMYUwBwXep9tYswE4IHE3bogIn6rB-nCDfR-Rz5qxQ5tb5L5KbCA_8LtwN6vqo83r_0lOl5tJL5n7vym9S4csDklhyWWvGAHrU19zjRfPtBsY7o_N1i9jXGLIenDMP5vXyj5HWJoTvatPNPGJ1hWju0AaJ540WI9nZp9Rvmk9B8nyQbjCkH5r92j9UCMLt90abP3mvlLaT4zZVq6NiyW5dC4JtBRRm6B3_4K8UiyNq29QoqulHVRcUlZ3-jQwQfcHRCpgcx65I-M19Jc9ivobl7hjcjbZV6pgEJXdhgFaf9si4OapN9iHYu1Z4HAAr7lnhPgS7VnRl3NdHVtigdnbWsx2XBTy2_tZtsGyseZscPREonobl8LMwBlBzKb3CSSdkQ2LCHY17AcmyUwARESxW4B0CPxqIBcAwhSu3KNLUfYpeatE5JlqkZ4GpaTwqi8qQ8SvyppjW2pLHspFvLPbU4U8OJMoOWfZCdcdecC6KUh_nSY7nmpIuPi5DM0Worz7-n_PYohm17TACMA0COulyBUG8sf3YZ4jMrp3o6J1U_nKvRAvGzCxdqgSsyKJzUUpi6z_hN5BIDtMhqwf-0U-pXR0mpopOmabtWVP3AsnM5ZuK_B_Jr2MBxgySym8Cb_WjXr-3yjbt-ptYlcb0HxZdrIHaHhvFcVwWxTtU9-aUuGoIhT5RiVYBpXY7djaL_H_IyFwYc91-Ab8rZ273LmMTRHWLK3MEhfmi3nDBlw0qGQFq7BgzB1piPcohz-3KmYwVxBiYxMo9w8cF7TWN1mFruKw4ePTUXRUYVLSqP4xBie9ksONsqSp8JhWpVHh8MCaKPNNogtZYVnfxTEzRbwVLWzBMHJuG9s4-KvhVP-23enESQMBd6veGxP-zWfNIrhA6-pKyGrCS-XmHMxlwZUo_sAaFQXZJ1aGtyl3l5XTq39FG7YQ6GvpylJV_1syjNmo3KIq6ou8WcbCHvi_wrS2W5hViBhalzAPuIgJXM3naJEklSFjap2Wykjs99fiONhrJLa-zW1z8koqTDGTK5goHqk4V1-szYV8rf9aHyjWq4tNsSJvyMGgiK5jAy8NAZjpbFyX_rTlpEqqP8BQ2_DyfJ9XzTHH1IbBnT4Ls-lkLoRheoq9OZXsMvBpouO4vmBkWzSw_0vp3OYW3CnKe0PsCi_pMN7eAcg_AYuuU8ULLd-uoibHG-0TEPaPp78rTcEe614AYQmKMjwYZqDx3GKH723ZtPUm6wxRx2MjSYX10_cDP-v0Dbn5ucgZZcqcjNYOXB6cW-W2MYqUG7-lcQyUfUgijaGdwi39LosyQAEjNuXXwojKxPC7Drc1TkU_00rctr5XXTkQNiT1f3-Sk6URvDfUwNl6Gm-HUpZSircttOxk_Zmg&cid=CAASJORox6xv8kVe_vCkG2H-WfFWi_NFrYs8JUZdEJFHZ5bcym8Zmw&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 13:19:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162742
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Mar 2023 13:19:22 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B592 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 11 Mar 2022 13:19:22 GMT
expires
Sat, 11 Mar 2023 13:19:22 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
162742
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
lvu2p5tdtdf4
hal9000.redintelligence.net/zone/ Frame F911 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/lvu2p5tdtdf4?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtpoiD8gtYr3bLY_z3wPQm5-gA92t6Khg9KT54sUK8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBOABT9DLTvO4VYC4dnon5hHmhaUTcYQwhGI-y0jsnmUlTRZRQFBPFeD9LNkBUmCw-F_5ZWLaTMtdOuX8FXB_I_WQ0CffiLUCkRGhK_Esq38pjdoIzWvgMQOLU6vOqc9xrV_MJHmvSqIUNW3XGLdnzPWoqxSFYTsZ5EHK-JU3qYdkBgZNEPOSjSJGvAbBpI0R9aP4tdRcrDqexDDO2c2YSinJxasQdL7-ZpC9MwRMChaPoE_7RKTQOoaDngOh9oxF1aITT0Y6vgi3YA-9hqE18MybaucFJDm8cE0FuH98QXY-9APABM6Ou7GWAuAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJORox6xv8kVe_vCkG2H-WfFWi_NFrYs8JUZdEJFHZ5bcym8Zmw%26sig%3DAOD64_3V3TBGs_3sBTM2g3KnCjaOL69c0g%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-ANQH8fKkQu-5JKKP5Ygo9lBadM1dUfUZnCzFAgZNN6g9eKge_S3b7aPFn0KjV-2xTDOS0j5RNeUhj4nqjLfs4Zcpozz3hOKRYMzI5R95af6glZIHRVpI0MuZXS3KCyANUm84wD9FEKOSNjpeyXQWqK8ox4Ng%26cry%3D1%26dbm_d%3DAKAmf-AOtfsKQFva-RgCo-vnFMmL_rMA7VRRBX8h6NTVbISy_u_LNvfRFGUvjyEvQXD2hkqJa3HiY32BnS9y7-RmCjvhC4n11A9F2QroC3h46jYO63zIUKwvgWVUgbEWWXPBh-POD-IWSP2nN4GrhZ7cKRGrIoHN14qthLNLQAyWqwvajE2s3O2TVGJibFs7OPWwYe0ZibYYCINSJ8Qppn8BhmRGBxKVOUbNAilNQrN_Jpu5i4vB5IYDyYtpoWgmyWaKbI8icuGSv2mDEEfQLBT6zyXXW-6F_rHYLhc0z38GwTCcDqW_Po-g9dakuRboPBldCfoRFOLC3sIUdVOYgRdcu-2eTCu2ki8EeZGuE0Re-amFA6NYZ9hU4y-rZvN1JDhY5Y3aA5u1sFmjqI9vKFTq2fPR0dHXPgSvtdONUF9YIz-SK0u_9Jp5tqcl1S6q3JoxLguwqwy1fH0A_sCRjMaL3sNTrTsW2A%26adurl%3D
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
177c62e1e94a67cd07a9c7a8a29df3e09ee7b9b8c4e180a113f4b3f76b612c95

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:44 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3962
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 3F7E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuV2E0H97v0YrmY88JWvGg9cUFOMdaMqVGtnJIX7Z3MbwSUmGa8cgAsj2CeisqrkVh0TT8suR9b5a0VNhhrtckPbw&sig=Cg0ArKJSzNzFHHoEQknaEAE&cid=CAASF-RonsdrW9VxOciYDDJdKEtjNj9vPM0Q&id=lidar2&mcvt=1001&p=939,1289,1189,1589&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220309&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2232668132&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647167503140&rpt=247&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
request.php
hal90008.redintelligence.net/ Frame F911 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/request.php?zone=lvu2p5tdtdf4&nw=20&renderingType=javascript&namespace=89b3e3de41&subid=&uid=fb20115c621abee2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtpoiD8gtYr3bLY_z3wPQm5-gA92t6Khg9KT54sUK8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBOABT9DLTvO4VYC4dnon5hHmhaUTcYQwhGI-y0jsnmUlTRZRQFBPFeD9LNkBUmCw-F_5ZWLaTMtdOuX8FXB_I_WQ0CffiLUCkRGhK_Esq38pjdoIzWvgMQOLU6vOqc9xrV_MJHmvSqIUNW3XGLdnzPWoqxSFYTsZ5EHK-JU3qYdkBgZNEPOSjSJGvAbBpI0R9aP4tdRcrDqexDDO2c2YSinJxasQdL7-ZpC9MwRMChaPoE_7RKTQOoaDngOh9oxF1aITT0Y6vgi3YA-9hqE18MybaucFJDm8cE0FuH98QXY-9APABM6Ou7GWAuAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJORox6xv8kVe_vCkG2H-WfFWi_NFrYs8JUZdEJFHZ5bcym8Zmw%26sig%3DAOD64_3V3TBGs_3sBTM2g3KnCjaOL69c0g%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-ANQH8fKkQu-5JKKP5Ygo9lBadM1dUfUZnCzFAgZNN6g9eKge_S3b7aPFn0KjV-2xTDOS0j5RNeUhj4nqjLfs4Zcpozz3hOKRYMzI5R95af6glZIHRVpI0MuZXS3KCyANUm84wD9FEKOSNjpeyXQWqK8ox4Ng%26cry%3D1%26dbm_d%3DAKAmf-AOtfsKQFva-RgCo-vnFMmL_rMA7VRRBX8h6NTVbISy_u_LNvfRFGUvjyEvQXD2hkqJa3HiY32BnS9y7-RmCjvhC4n11A9F2QroC3h46jYO63zIUKwvgWVUgbEWWXPBh-POD-IWSP2nN4GrhZ7cKRGrIoHN14qthLNLQAyWqwvajE2s3O2TVGJibFs7OPWwYe0ZibYYCINSJ8Qppn8BhmRGBxKVOUbNAilNQrN_Jpu5i4vB5IYDyYtpoWgmyWaKbI8icuGSv2mDEEfQLBT6zyXXW-6F_rHYLhc0z38GwTCcDqW_Po-g9dakuRboPBldCfoRFOLC3sIUdVOYgRdcu-2eTCu2ki8EeZGuE0Re-amFA6NYZ9hU4y-rZvN1JDhY5Y3aA5u1sFmjqI9vKFTq2fPR0dHXPgSvtdONUF9YIz-SK0u_9Jp5tqcl1S6q3JoxLguwqwy1fH0A_sCRjMaL3sNTrTsW2A%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=2261923533642&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/lvu2p5tdtdf4?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtpoiD8gtYr3bLY_z3wPQm5-gA92t6Khg9KT54sUK8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBOABT9DLTvO4VYC4dnon5hHmhaUTcYQwhGI-y0jsnmUlTRZRQFBPFeD9LNkBUmCw-F_5ZWLaTMtdOuX8FXB_I_WQ0CffiLUCkRGhK_Esq38pjdoIzWvgMQOLU6vOqc9xrV_MJHmvSqIUNW3XGLdnzPWoqxSFYTsZ5EHK-JU3qYdkBgZNEPOSjSJGvAbBpI0R9aP4tdRcrDqexDDO2c2YSinJxasQdL7-ZpC9MwRMChaPoE_7RKTQOoaDngOh9oxF1aITT0Y6vgi3YA-9hqE18MybaucFJDm8cE0FuH98QXY-9APABM6Ou7GWAuAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJORox6xv8kVe_vCkG2H-WfFWi_NFrYs8JUZdEJFHZ5bcym8Zmw%26sig%3DAOD64_3V3TBGs_3sBTM2g3KnCjaOL69c0g%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-ANQH8fKkQu-5JKKP5Ygo9lBadM1dUfUZnCzFAgZNN6g9eKge_S3b7aPFn0KjV-2xTDOS0j5RNeUhj4nqjLfs4Zcpozz3hOKRYMzI5R95af6glZIHRVpI0MuZXS3KCyANUm84wD9FEKOSNjpeyXQWqK8ox4Ng%26cry%3D1%26dbm_d%3DAKAmf-AOtfsKQFva-RgCo-vnFMmL_rMA7VRRBX8h6NTVbISy_u_LNvfRFGUvjyEvQXD2hkqJa3HiY32BnS9y7-RmCjvhC4n11A9F2QroC3h46jYO63zIUKwvgWVUgbEWWXPBh-POD-IWSP2nN4GrhZ7cKRGrIoHN14qthLNLQAyWqwvajE2s3O2TVGJibFs7OPWwYe0ZibYYCINSJ8Qppn8BhmRGBxKVOUbNAilNQrN_Jpu5i4vB5IYDyYtpoWgmyWaKbI8icuGSv2mDEEfQLBT6zyXXW-6F_rHYLhc0z38GwTCcDqW_Po-g9dakuRboPBldCfoRFOLC3sIUdVOYgRdcu-2eTCu2ki8EeZGuE0Re-amFA6NYZ9hU4y-rZvN1JDhY5Y3aA5u1sFmjqI9vKFTq2fPR0dHXPgSvtdONUF9YIz-SK0u_9Jp5tqcl1S6q3JoxLguwqwy1fH0A_sCRjMaL3sNTrTsW2A%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
b631526f714df2128b0710c305fb7a3b5aedd8c3cbff56e49e22a0e9391bdd71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:44 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
71852900055976100757591011897008
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
863
Expires
Sun, 13 Mar 2022 10:31:44 +0100
xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
pagead2.googlesyndication.com/bg/ Frame B592 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 09:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Mar 2023 09:29:08 GMT
view.aspx
pb.media01.eu/ Frame 61E6
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=71852900055976100757591011897008&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=71852900055976100757591011897008&actionid=981741&produktid=&dt_url=
0
36 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=71852900055976100757591011897008&actionid=981741&produktid=&dt_url=
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=lvu2p5tdtdf4&nw=20&renderingType=javascript&namespace=89b3e3de41&subid=&uid=fb20115c621abee2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtpoiD8gtYr3bLY_z3wPQm5-gA92t6Khg9KT54sUK8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBOABT9DLTvO4VYC4dnon5hHmhaUTcYQwhGI-y0jsnmUlTRZRQFBPFeD9LNkBUmCw-F_5ZWLaTMtdOuX8FXB_I_WQ0CffiLUCkRGhK_Esq38pjdoIzWvgMQOLU6vOqc9xrV_MJHmvSqIUNW3XGLdnzPWoqxSFYTsZ5EHK-JU3qYdkBgZNEPOSjSJGvAbBpI0R9aP4tdRcrDqexDDO2c2YSinJxasQdL7-ZpC9MwRMChaPoE_7RKTQOoaDngOh9oxF1aITT0Y6vgi3YA-9hqE18MybaucFJDm8cE0FuH98QXY-9APABM6Ou7GWAuAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJORox6xv8kVe_vCkG2H-WfFWi_NFrYs8JUZdEJFHZ5bcym8Zmw%26sig%3DAOD64_3V3TBGs_3sBTM2g3KnCjaOL69c0g%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-ANQH8fKkQu-5JKKP5Ygo9lBadM1dUfUZnCzFAgZNN6g9eKge_S3b7aPFn0KjV-2xTDOS0j5RNeUhj4nqjLfs4Zcpozz3hOKRYMzI5R95af6glZIHRVpI0MuZXS3KCyANUm84wD9FEKOSNjpeyXQWqK8ox4Ng%26cry%3D1%26dbm_d%3DAKAmf-AOtfsKQFva-RgCo-vnFMmL_rMA7VRRBX8h6NTVbISy_u_LNvfRFGUvjyEvQXD2hkqJa3HiY32BnS9y7-RmCjvhC4n11A9F2QroC3h46jYO63zIUKwvgWVUgbEWWXPBh-POD-IWSP2nN4GrhZ7cKRGrIoHN14qthLNLQAyWqwvajE2s3O2TVGJibFs7OPWwYe0ZibYYCINSJ8Qppn8BhmRGBxKVOUbNAilNQrN_Jpu5i4vB5IYDyYtpoWgmyWaKbI8icuGSv2mDEEfQLBT6zyXXW-6F_rHYLhc0z38GwTCcDqW_Po-g9dakuRboPBldCfoRFOLC3sIUdVOYgRdcu-2eTCu2ki8EeZGuE0Re-amFA6NYZ9hU4y-rZvN1JDhY5Y3aA5u1sFmjqI9vKFTq2fPR0dHXPgSvtdONUF9YIz-SK0u_9Jp5tqcl1S6q3JoxLguwqwy1fH0A_sCRjMaL3sNTrTsW2A%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=2261923533642&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Sun, 13 Mar 2022 11:31:44 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Sun, 13 Mar 2022 10:31:43 GMT
content-length
0

Redirect headers

Server
nginx/1.17.5
Date
Sun, 13 Mar 2022 10:31:44 GMT
Content-Type
application/javascript
Content-Length
0
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=71852900055976100757591011897008&actionid=981741&produktid=&dt_url=
Host
pv.medialead.de
Proxy-Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA9:EC90_91EFC182:01BB_622DC810_BFAF532:F725
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40027
request_content.php
hal90008.redintelligence.net/ Frame 61F1 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/request_content.php?s=71852900055976100757591011897008&a=309c087b
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=lvu2p5tdtdf4&nw=20&renderingType=javascript&namespace=89b3e3de41&subid=&uid=fb20115c621abee2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtpoiD8gtYr3bLY_z3wPQm5-gA92t6Khg9KT54sUK8C4QASC52_MmYJXikIKgB8gBCakCGPGLRMhOsj6oAwGqBOABT9DLTvO4VYC4dnon5hHmhaUTcYQwhGI-y0jsnmUlTRZRQFBPFeD9LNkBUmCw-F_5ZWLaTMtdOuX8FXB_I_WQ0CffiLUCkRGhK_Esq38pjdoIzWvgMQOLU6vOqc9xrV_MJHmvSqIUNW3XGLdnzPWoqxSFYTsZ5EHK-JU3qYdkBgZNEPOSjSJGvAbBpI0R9aP4tdRcrDqexDDO2c2YSinJxasQdL7-ZpC9MwRMChaPoE_7RKTQOoaDngOh9oxF1aITT0Y6vgi3YA-9hqE18MybaucFJDm8cE0FuH98QXY-9APABM6Ou7GWAuAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJORox6xv8kVe_vCkG2H-WfFWi_NFrYs8JUZdEJFHZ5bcym8Zmw%26sig%3DAOD64_3V3TBGs_3sBTM2g3KnCjaOL69c0g%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-ANQH8fKkQu-5JKKP5Ygo9lBadM1dUfUZnCzFAgZNN6g9eKge_S3b7aPFn0KjV-2xTDOS0j5RNeUhj4nqjLfs4Zcpozz3hOKRYMzI5R95af6glZIHRVpI0MuZXS3KCyANUm84wD9FEKOSNjpeyXQWqK8ox4Ng%26cry%3D1%26dbm_d%3DAKAmf-AOtfsKQFva-RgCo-vnFMmL_rMA7VRRBX8h6NTVbISy_u_LNvfRFGUvjyEvQXD2hkqJa3HiY32BnS9y7-RmCjvhC4n11A9F2QroC3h46jYO63zIUKwvgWVUgbEWWXPBh-POD-IWSP2nN4GrhZ7cKRGrIoHN14qthLNLQAyWqwvajE2s3O2TVGJibFs7OPWwYe0ZibYYCINSJ8Qppn8BhmRGBxKVOUbNAilNQrN_Jpu5i4vB5IYDyYtpoWgmyWaKbI8icuGSv2mDEEfQLBT6zyXXW-6F_rHYLhc0z38GwTCcDqW_Po-g9dakuRboPBldCfoRFOLC3sIUdVOYgRdcu-2eTCu2ki8EeZGuE0Re-amFA6NYZ9hU4y-rZvN1JDhY5Y3aA5u1sFmjqI9vKFTq2fPR0dHXPgSvtdONUF9YIz-SK0u_9Jp5tqcl1S6q3JoxLguwqwy1fH0A_sCRjMaL3sNTrTsW2A%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=2261923533642&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
ecb2c263569e4a90ff051652e6dd3dcd148a591ff1b8412ae692414d547b0241

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/

Response headers

Date
Sun, 13 Mar 2022 10:31:44 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sun, 13 Mar 2022 10:31:44 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2051
Connection
close
Content-Type
text/html; charset=utf-8
native.png
ad-server.eu/wm/pb/ Frame F911
Redirect Chain
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=71852900055976100757591011897008
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:37:19 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Sun, 13 Mar 2022 10:31:44 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA9:EBCC_91EFC182:01BB_622DC810_C2C2DB2:7DE1
X-IPLB-Instance
40028
Strict-Transport-Security
max-age=15768000
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
cshow.php
www.awin1.com/ Frame F911 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=71852900055976100757591011897008&pv=1
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-94-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:44 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cshow.php
www.awin1.com/ Frame F911 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=71852900055976100757591011897008&pv=1
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-94-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:44 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1DB5 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Sat, 12 Mar 2022 13:26:12 GMT
expires
Sun, 13 Mar 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
75932
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame F911 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e616c353ac56bd9b110e8454e004ace19e8af57048bc40beca45b7d9abb55d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame B592 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Be_B0EMgtYsH6EfuC9u8Pn6m4-AwAAAAAOAHgBAI&bg=!ZGelZyPNAAb7UztL-1M7ACkAdvg8WiPbw1YJoh1Kob_AoA4MpZpzz_b_DUUKYv_QQtPaC3qLdh4DWwIAAABjUgAAAAJoAQeZAxjtfw-vL97ZKePNtY7J6qnL_gGc1ICRk7RXzOdjYvH5LR8mSBc5phevvsymWuHnH-rGs-7suVhzVwESYXOEE2DWlGb10lZoujekVp66RozBxuCOC-8IOCI485qz2fbbOX4ddFJa76tWi5BOVD4v4o9EPoqsdnHmLbOjMzPgbCnKouemwkCUF7wnztrbJ_kdCn-Lvph8eAQPpbyguD-7mYUdG7dfal4_K-YTcV-O1BlufrrMENMcCeqjXsFQM7BYBMwOaVlUCflqtKFqzs_4paldmllkRx28yyksDO3fyxZu-AF3-bE1Abs-PWbG05NdyNyszKLZdTm07dLWb9CEEZk6ko5OJQrHCx_gDv3cjQbmiBv5klDq_KXJSZBkf1apPHiuPbLoB5S9Bw-n_44Ep13nLqk5zUCdXFZQrraqFj1ILexF-Wshe9y_1FeSD6oP3a9-YLgsNrT6dG1y8U0gweFp9aAUg4S6MhbL2LbhMsuXvvH4NlKrJh068svn_Em9uBn206mXoG6Jhll5ob2pfxo-24fyrqDZ6DJndWDY7LoN6ATLZCVj8CXxx7Yl8MCwRzPQ5jfPOPp_zJA4Mh_Srr_i9Qob_0dxHdzzcaTkRrCrbzv9xvxRhffq2C74TJJc1iNkH5J6tRZFspZ5dsxoTc0_BByv4px9XbMb6ViNyGPMBb4TiIGyC60kR7W-F3vyYoQgrRF6k3ah7yF8GCs0Ev-TCoIdpMZaYZ9dUhgooFksQo6CVPNqTP0u9H_MgTKxuZfxZT09ZXdeD9YsApaKnFPkG2H-rKB6_Km0hPLbuKDB3ZJ02sxHA2WO-jkLh-0-lZJWjV6TYiIYCnWESGAz4cArwz4qtFRVzNhjWbtcb1pX7gn6YPSdT5Ny_sbgYQmYdoDuLps1-J81tGqBLbbWbBmRQMoN7u5jR-I0ATSxOVxilX5m7cmYZhUsgZ6aticvZpdN3B9-X1DJEQ-mnm7Q6WtNknhKOU6XsYogwB1wMsEpYZoF8o9No798MJX6UO3cs-7UbaDSyYW4hLVXqisDIyqtFK5dxgHIIlc
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 61F1 		4 KB
649 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=71852900055976100757591011897008&a=309c087b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
97efeda8567c33ed3cd7eb616868f1282f50e8ca9ec1ebe3ab632b0913dbdc26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 13 Mar 2022 10:13:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 13 Mar 2022 10:31:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Mar 2022 10:31:44 GMT
/
hal9000.redintelligence.net/scale/ Frame 61F1 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=71852900055976100757591011897008&a=309c087b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
6aa29b43cf5f135f71f94386bf85bf5c6a72046283995c01bb528bb410f8ba75

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:44 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
25412
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 61F1 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/native_ad_globus_baumarkt_1200x627.jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=71852900055976100757591011897008&a=309c087b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
1a2c3c62263500f4a1b2c2acf9d63ccf033cdb7daa16e23d9fe33ced9c72bfbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:44 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
21235
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 61F1 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=71852900055976100757591011897008&a=309c087b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
ed1bfafb4f6fd582f878c4cfe2d545b42365ab7f10659a41c86c8c51cac5d88d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:44 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
27287
Vary
Accept-Encoding
Content-Type
image/png
viewability
hal90008.redintelligence.net/ Frame 61F1 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/viewability?s=71852900055976100757591011897008&a=73791cf8&vb=m
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=71852900055976100757591011897008&a=309c087b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/request_content.php?s=71852900055976100757591011897008&a=309c087b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 13 Mar 2022 10:31:44 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 1DB5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKLrp42vaJA19U_ur1itTeI&google_cver=1&google_push=AYg5qPI3CO7W1jvXQ526WJd6VxphkA0s3L_SRqRKk5MepK50tSHjye8-QSLqInDLmvl7PXBWBOWazLcMpT8GohWHXnkZK63qX_iT
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMwOTU5NTQ1MjUzNDY4NTQxNw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKLrp42vaJA19U_ur1itTeI&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKLrp42vaJA19U_ur1itTeI&google_cver=1
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKLrp42vaJA19U_ur1itTeI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 1DB5 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAb-4DjIAAVpvAY6rtoqFLQ&google_cver=1&google_push=AYg5qPJmYKeMPfx8t1iSyIW47fszQihwQMoZ4Y2o55Mrt1baAefO-sXOymo0ugs2uT704TxWg8gcpypqSPxLLre7iD8uUg2TKely
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1DB5
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOlGcv6HITpd5cgjsMz61jI&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOlGcv6HITpd5cgjsMz61jI&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aXBmOTRLNmkxTnRsdk81&google_gid=CAESEOlGcv6HITpd5cgjsMz61jI&google_cver=1&google_push=AYg5qPKZ6f263nJvZELu5I-zEX8NDLawDHo55yGowiGmYaO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aXBmOTRLNmkxTnRsdk81&google_gid=CAESEOlGcv6HITpd5cgjsMz61jI&google_cver=1&google_push=AYg5qPKZ6f263nJvZELu5I-zEX8NDLawDHo55yGowiGmYaOdg0zqBjSORDz_xZtxMfJrN7xI5dq27pAY1wkhkHLvxof1MU9NeRs
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 13 Mar 2022 10:31:44 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0ae965e2f8a6b4310@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aXBmOTRLNmkxTnRsdk81&google_gid=CAESEOlGcv6HITpd5cgjsMz61jI&google_cver=1&google_push=AYg5qPKZ6f263nJvZELu5I-zEX8NDLawDHo55yGowiGmYaOdg0zqBjSORDz_xZtxMfJrN7xI5dq27pAY1wkhkHLvxof1MU9NeRs
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1DB5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENeDDmUtR39uXSEABuvfdIA&google_cver=1&google_push=AYg5qPLrsqhKHMuY0pfxTnuvviobpXKp0CnfPLzcopmCMdOBa4aRI49UPx_iXbV0ZvBKESAdIZzI1AVwLUh-hsuB...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLrsqhKHMuY0pfxTnuvviobpXKp0CnfPLzcopmCMdOBa4aRI49UPx_iXbV0ZvBKESAdIZzI1AVwLUh-hsuBh8caMpV3-Sw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLrsqhKHMuY0pfxTnuvviobpXKp0CnfPLzcopmCMdOBa4aRI49UPx_iXbV0ZvBKESAdIZzI1AVwLUh-hsuBh8caMpV3-Sw
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 13 Mar 2022 10:31:45 GMT
Server
MT3 4256 109297d master zrh-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLrsqhKHMuY0pfxTnuvviobpXKp0CnfPLzcopmCMdOBa4aRI49UPx_iXbV0ZvBKESAdIZzI1AVwLUh-hsuBh8caMpV3-Sw
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 13 Mar 2022 10:31:44 GMT
pixel
cm.g.doubleclick.net/ Frame 1DB5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMXyRJPkbYKyiOjxnqlaTkM&google_cver=1&google_push=AYg5qPIPDqh4pN9cgWZbqeJt3IEgI8UdSl9yzyiDpH7pzzXQH2zk8yC7GhOYPUosMYM26p33jn0gRHZS6ZRD9Swsmn20...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMXyRJPkbYKyiOjxnqlaTkM&google_cver=1&google_push=AYg5qPIPDqh4pN9cgWZbqeJt3IEgI8UdSl9yzyiDpH7pzzXQH2zk8yC7GhOYPUosMYM26p33jn0gRHZS6ZRD9S...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIPDqh4pN9cgWZbqeJt3IEgI8UdSl9yzyiDpH7pzzXQH2zk8yC7GhOYPUosMYM26p33jn0gRHZS6ZRD9Swsmn20QVdsJvFN&google_hm=uXus4HtaS9qTkiF2Qobomw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIPDqh4pN9cgWZbqeJt3IEgI8UdSl9yzyiDpH7pzzXQH2zk8yC7GhOYPUosMYM26p33jn0gRHZS6ZRD9Swsmn20QVdsJvFN&google_hm=uXus4HtaS9qTkiF2Qobomw==
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIPDqh4pN9cgWZbqeJt3IEgI8UdSl9yzyiDpH7pzzXQH2zk8yC7GhOYPUosMYM26p33jn0gRHZS6ZRD9Swsmn20QVdsJvFN&google_hm=uXus4HtaS9qTkiF2Qobomw==
Date
Sun, 13 Mar 2022 10:31:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 1DB5
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHXg9SRCT5o-T--5_23zPp8&google_cver=1&google_push=AYg5qPIR1TSbcIMI1lwxg8UeKs2XJfVo7NHJJ5L5Z3jg9KrFZGlbPIx1YbYY2rL0KH-NINoWcAkizt-3uNN9m0580voTC28...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHXg9SRCT5o-T--5_23zPp8&google_cver=1&google_push=AYg5qPIR1TSbcIMI1lwxg8UeKs2XJfVo7NHJJ5L5Z3jg9KrFZGlbPIx1YbYY2rL0KH-NINoWcAkizt-3uNN9m0580voTC...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIR1TSbcIMI1lwxg8UeKs2XJfVo7NHJJ5L5Z3jg9KrFZGlbPIx1YbYY2rL0KH-NINoWcAkizt-3uNN9m0580voTC286KVI9
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIR1TSbcIMI1lwxg8UeKs2XJfVo7NHJJ5L5Z3jg9KrFZGlbPIx1YbYY2rL0KH-NINoWcAkizt-3uNN9m0580voTC286KVI9
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIR1TSbcIMI1lwxg8UeKs2XJfVo7NHJJ5L5Z3jg9KrFZGlbPIx1YbYY2rL0KH-NINoWcAkizt-3uNN9m0580voTC286KVI9
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 1DB5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJmi2jU6klHhn74MCggbP7U&google_cver=1&google_push=AYg5qPI4WbT2_X5_ffqQe80OPMuSNABAukBj3Ef82upmVv58fgdf5VAR0gGbe1ZQSn4-1fJsHYd5Zykj...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0NjI3NTU3OTk0MjE2OTI3Ng&google_push=AYg5qPI4WbT2_X5_ffqQe80OPMuSNABAukBj3Ef82upmVv58fgdf5VAR0gGbe1ZQSn4-1fJsHYd5Zy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0NjI3NTU3OTk0MjE2OTI3Ng&google_push=AYg5qPI4WbT2_X5_ffqQe80OPMuSNABAukBj3Ef82upmVv58fgdf5VAR0gGbe1ZQSn4-1fJsHYd5ZykjMk8gANk-gJjdFi49xbwx
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI0NjI3NTU3OTk0MjE2OTI3Ng&google_push=AYg5qPI4WbT2_X5_ffqQe80OPMuSNABAukBj3Ef82upmVv58fgdf5VAR0gGbe1ZQSn4-1fJsHYd5ZykjMk8gANk-gJjdFi49xbwx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 1DB5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KAzDjNo7VscRhxg9BDtvOjMB0nv_uUUZ0tTGaYSnhxJYLFmt-_xW341II8_e2oVymSUswn
Requested by
Host: 2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
URL: https://2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 10:31:44 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame A183 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030801&jk=301711144975138&bg=!d3SldDDNAAb7UztL-1M7ACkAdvg8Wql9hv4fPAVt7YvUxFBhGG6mhcfybxOVtKWXffkTRyNlLBcLAwIAAABnUgAAAAJoAQcKAJV6Mc3f3coT9Yufa1dlcyiYkCc0iLYKuPBcC4gnrN-Eaop8MiaroM6kzlHIl0xBeSy-paeIXM4IDKZliOce8NJU_gnb-N6Y2hl7izBnuPmTfOa1V_KAPpFXP-U5rfigB29wfu_aWbfbHA2iu5O_ktRekBqIEhGteSFiOrhe4-VlMf1OPSdf1WjCOlScSsdpS8MjjNrC_ZkC53gBWCOfxo6ADsH4xDcevMTTTTd5N_oriwfKoSf_9nSjdiuEAUuAh-6rmuCrNrVJqqxeagtZn3Phu56o-fhu92qD0MhJpsrTlik7T_0fboujx4Q50odE3JQL3yXutU70VOoQv2Wlj_7g35vv1psI5OozXfoVyUBMCJryifXU97MkdWcspk1nEFwQ3I493WmwE78ogeMxKtukeU6_FwDxXnS2Ien5AtduviTvT5FUmdpa4_Q42p58uBzLXwcBts4YjdzTec4VBEjL_C6jPNlxuKYS7SuL-cmAmPfUTuSCwzC0EQ0fdH2jqX3sEEy4dK6gczJN2VQ_TDfgreIXO7YV81I0kEOwaY6GfFWCyVDpNFU8hLjP4Hkbs9nUPXvnWl9GO8JMfZ1hQMlwAjjHtJUStLZPb8v3U0Qg2AvfUyulECdyWq3w9Vl_0AIUEGoV2DJ6oQbW7exdmbdCQC-PKKXHgBTAF7_ajLWtg-g_rjG98g5mprtfmMxE4DuA3EoJ0GUIB1VcO4AgAs0NnS_5Bb9DWaNpPSJwjgZtpGVRDUK2bdLuLOIx4AbEGJXavmVzwa7_rTGgmlDCk8HqArbCe2Y1WcUgXsJh6sQBhgXVc5WpT7FFqkhPDsIovAkTsPmnDBT8evQpAouX1J0L1Z3wD4zgDLgW_TK5i-KWPji0dRT3ZsErz11u1JfN2VCXJ5qSAHbZI7A2ar6XU5OkoBBq4dQWZkyfLeqy2eD7PIHhWrsQ0YFlW87BFJzkQjtHnO_W2I3pvC9ffOx3bDYRCIdm-RsqO0g8wzKaDjHe8ncYO2wRO5-pP_J5qbs-9qtKf7ScgnZ7Z0Qn2MhcpjC0IrtKjhQtRO7CQXzOX7HhqHmoLVpipA1CgOVPNwcOAj1Ca7r4StW-oKJuHd0z7sj78cBWaw8SCcRv5z-L800_6mLaB_QXx1xDTwUToThCMpggqloTZy_vbbBD-aXvHTcGxjU3x-46BurxRTRkRvj4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 80F0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030801&jk=4210770730355657&bg=!T0ylTAjNAAb7UztL-1M7ACkAdvg8WupQv9r8wwEmdBwUpXK0A71-G_hJ4VkeHjmk22Gzvb5IF_jlPQIAAACEUgAAAAJoAQcKAEv3DbdPKj7BabzAz95SF7Jy0SIkzc-7WRGv7p5QhsiBmScPenX3nU8ceCCAVI5lXYAMlYPgCNcs3mA9AItY74dwBeUkdUigJF5MfD6ZAu_XKaJ3tYgB7iCMbCZuKZbt2LhuYwaCgtu9uCeGViHrqxIQM2pq9f0qJL5_PBf1DzRG2wABGUhziFtLBia1-2nx43S95hQwxCMa6mz4fN5LKyzWt_dPJcGWhRrH7wqKSUeQ3heWtF8aUT97z4Kt4eYJKKHtyPw5xseQz8YyhnPFRv3smcrXAzFcK1LduqLQqf2zR4wrymJ1pGSVvSnmnYYoqxrtT0jxwkJ-i0cDSDaDROr3q5zLNUvod-O6KjCJjrzYX8lFkZsA5f5NACWhgxJ-9DTvOq9RRbVnvrBDZNICQIUsOfJKo7mwLzmHKFxZ4_iE_TXuYr-mh_XCL1U4tmkQvdmqWOKrCB5ORGWvGyQyrOxOTWHkdxov9tLMY2MxAneI8MezIu_TTGBcn6D9xFvZBCDr5JTibs2yVO4CXetzDxW4_bIlBeVj92-fbnbhm_GgLCMMoMFGyfUnuBDos2AQAO5ooYv7vIb2EsJ03MI38p9VnzGj4xgNctjMd7n14JwQ-xYVSZOtgtNRF3Fow-nfpddPIV6-EpMBVqv5D8irNswLzdea5Zk_8XXaM41sB32iyes4Z3ETTI3kLVhW8nMBSlP1zer6m8GeAtgsiwwwktuWoA3N-nCfIC4BSsV7Q-v55EmVPTcO_50PiKPWrGtGOpbWxGbWWT8cxLTylzhfSYdCFiLqdPzuGlZeMNNAUbHmdzIq7FLcN0w2NzEduWnwxPcn7FNzYG6AMMJ58GVPCmC7SnbL6PgfAYLxELf3uDfFHSZ6B8adCtuxtwQMft5ixKUKriqWpcWNVyK1RCBnunzNYZpJuuBs1NMHCMF1Lm2q2NgDomxcWOfzqSu6ePpsoG0SC9RX4K5mNWcVdXk8fkxxcIZ4IWLCinyPonMAREBZY3lss_cOJf7dF_JEqjLh887yAAzIpAsmbfiOtT4Qg5hNGhTXrvxm7zLlQ1SZHQvaZgJhugcCT42-YPyZBFWtsp1-PTTtAc6mGzsfm0d2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Mar 2022 10:31:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame 865A 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 13 Mar 2022 10:31:45 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 13 Mar 2022 10:31:44 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ Frame 61F1 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v19/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90008.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 18:04:09 GMT
x-content-type-options
nosniff
age
318455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 17:37:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Mar 2023 18:04:09 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ Frame 61F1 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v19/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90008.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 18:03:30 GMT
x-content-type-options
nosniff
age
318494
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 17:39:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Mar 2023 18:03:30 GMT
collect
h.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: h.clarity.ms
URL: https://h.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://nets4.com
date
Sun, 13 Mar 2022 10:31:46 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 function| structuredClone object| oncontextlost object| oncontextrestored object| CloudflareApps object| zarazData object| zaraz object| dataLayer object| __CF$cv$params object| __cfQR string| GoogleAnalyticsObject function| ga object| __cfBeacon function| clarity object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery object| Popper object| bootstrap object| _0x4eef function| _0xf565 boolean| _purpleadsWasLoaded object| _purpleads object| a2a_config object| a2a function| a2a_show_dropdown function| a2a_miniLeaveDelay function| a2a_init object| icons string| svg_tag_open string| svg_tag_close undefined| svg_src undefined| svg_src_default number| a2apage_init object| _0x4517 function| _0x585f boolean| _purpleAdsDisplayInit string| purpleadsInstanceId object| purpleadsAgent object| L function| mytextcopyFunction object| map object| marker object| popup object| _leaflet_events function| submitForm boolean| __cfRLUnblockHandlers object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client undefined| color object| recaptcha object| closure_lm_21805

51 Cookies

Domain/Path Name / Value
.nets4.com/ Name: _ga
Value: GA1.2.1312843398.1647167500
.nets4.com/ Name: _gid
Value: GA1.2.901498445.1647167500
.nets4.com/ Name: _gat
Value: 1
www.clarity.ms/ Name: CLID
Value: 37ddc69b256b410299e180d220ed0294.20220313.20230313
.nets4.com/ Name: __cf_bm
Value: NJLbx5Vul8Wht2ZXmftQnoB_LmZSzFnUPqw34j8Eahk-1647167500-0-AZhfj24FXuGoXEpev4KeuUgFdnuX8Yg+wq62vpGaj1ZImN4HUsRcD8QaM2ZRcV67qDPJzwN+KqxS3mCAs4CXONjkE0X8wSAAC5eVNBA5AGpCX1SRLHaVa0d60ykOwPNEGg==
.nets4.com/ Name: _clck
Value: 1yvhi18|1|ezq|0
.nets4.com/ Name: _clsk
Value: akmazo|1647167500948|1|1|h.clarity.ms/collect
.c.bing.com/ Name: SRM_B
Value: 003CA7597F3E6ED90046B63F7E556F47
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 003CA7597F3E6ED90046B63F7E556F47
.c.clarity.ms/ Name: ANONCHK
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUmpYfRT9wzWDJTgMt5mCpdNBkYs_nK7CCK6itZygphCHLDcOkHuslGUH3oSvWk
.casalemedia.com/ Name: CMID
Value: Yi3IDk7X9JUGhnCcR6qUaAAA
.casalemedia.com/ Name: CMPS
Value: 3274
.casalemedia.com/ Name: CMPRO
Value: 1103
.casalemedia.com/ Name: CMST
Value: Yi3IDmItyA4A
.adnxs.com/ Name: uuid2
Value: 1410841610829892734
.casalemedia.com/ Name: CMRUM3
Value: 2d622dc80e2760CAESECQx__UuNuZglljIjN5GU7k
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C$Md:R/z!]tbPl1M>e)ZlrFUfJ+tGXxpCC`zhvU?AELRnC8`Sl2H<NE<)oaRt(-r4a1z*bpRz*qF1`*b^`j)k_3s
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 3b58a4cbc94b9715
.nets4.com/ Name: __gads
Value: ID=6bf49801c8b0f0f7:T=1647167501:S=ALNI_Ma-2pTd4Th25scBsEIeyhjqF7kSIg
pb.media01.eu/ Name: ASP.NET_SessionId
Value: l0xu2r3m3ut1k1nzr0p1whhh
pb.media01.eu/ Name: DTU
Value: C2C97D293B5C126F84FEE263D37B1815
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 7246275579942169276
.yahoo.com/ Name: A3
Value: d=AQABBA_ILWICEFfQXLkU-OtETbK-6WyGkHAFEgEBAQEZL2I3YgAAAAAA_eMAAA&S=AQAAAjfOKmEBu-7kSy7HPfwx9BM
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1647167503622,"clickCookie":false}}
.awin1.com/ Name: awpv18692
Value: 296283|1647167503|c7111370-a2b8-11ec-892c-22623498ce3d
.awin1.com/ Name: awpv14098
Value: 412871|1647167503|c7116191-a2b8-11ec-8df2-22307a82f47e
.turn.com/ Name: uid
Value: 4309595452534685417
.simpli.fi/ Name: suid
Value: 5C964958223F48A89FFC7F9C8931A585
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22D9286ECB-3637-4C16-BF53-D119EFE5BA17%22%7D
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4ba235ce-d577-4322-bac4-4afb85905177-003%22%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4ba235ce-d577-4322-bac4-4afb85905177-003%22%7D
.tidaltv.com/ Name: tidal_ttid
Value: 14e60690-947c-4cc9-ad2b-c7a54e4fc8b8
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjA1tTI0sgAAlutZPgkAAAA="
.spotxchange.com/ Name: audience
Value: c7683bf4-a2b8-11ec-b99f-192cb16e0206
.awin1.com/ Name: awpv22610
Value: 296283|1647167504|c77a0e70-a2b8-11ec-8df2-22307a82f47e
.awin1.com/ Name: awpv11830
Value: 296283|1647167504|c77a3580-a2b8-11ec-892c-22623498ce3d
.awin1.com/ Name: AWSESS
Value: 357066:2338577
.quantserve.com/ Name: d
Value: EG4BCQHTJYEA
.quantserve.com/ Name: mc
Value: 622dc810-d4c7a-495ab-6fb76
.w55c.net/ Name: wfivefivec
Value: ipf94K6i1NtlvO5
.w55c.net/ Name: matchgoogle
Value: 5
.de17a.com/ Name: guid2
Value: 1.625117972977003571
.bidswitch.net/ Name: tuuid
Value: b97bace0-7b5a-4bda-9392-21764286e89b
.bidswitch.net/ Name: c
Value: 1647167505
.bidswitch.net/ Name: tuuid_lu
Value: 1647167505
.bidswitch.net/ Name: google_push
Value: AYg5qPIPDqh4pN9cgWZbqeJt3IEgI8UdSl9yzyiDpH7pzzXQH2zk8yC7GhOYPUosMYM26p33jn0gRHZS6ZRD9Swsmn20QVdsJvFN
.mathtag.com/ Name: uuid
Value: 7fa3622d-c811-4600-9976-fedd518acef7
.mathtag.com/ Name: mt_mop
Value: 4:1647167505

4 Console Messages

Source Level URL
Text
other warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030801.js(Line 17)
Message:
<link rel="webbundle"> is deprecated. See migration guide at https://bit.ly/3rpDuEX.
other warning URL: https://nets4.com/domain/jesus.co
Message:
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3217454138234025&correlator=3531863666794276&wbsu=3aa1f46f-90ab-4faa-ba6c-fa63efefa45a&callback=googletag.wbn1&eid=31064926%2C31065293%2C31060545%2C31065455%2C31064624&output=wbn&gdfp_req=1&vrg=2022030801&ptt=17&impl=fif&sc=1&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=4203880072&sfv=1-0-38&ecs=20220313&fsapi=false&eri=4&cookie_enabled=1&abxe=1&dt=1647167501926&dlt=1647167501430&idt=480&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=294&adys=2045&ucis=fkokrfwtenuq&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fjesus.co&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1312843398.1647167500&ga_sid=1647167502&ga_hid=1310200072&ga_fc=true&btvi=1&nvt=1: WebBundle format "b1" is deprecated. See migration guide at https://bit.ly/3rpDuEX.
other warning URL: https://nets4.com/domain/jesus.co
Message:
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3217454138234025&correlator=3531863666794276&wbsu=3aa1f46f-90ab-4faa-ba6c-fa63efefa45a&callback=googletag.wbn1&eid=31064926%2C31065293%2C31060545%2C31065455%2C31064624&output=wbn&gdfp_req=1&vrg=2022030801&ptt=17&impl=fif&sc=1&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=4203880072&sfv=1-0-38&ecs=20220313&fsapi=false&eri=4&cookie_enabled=1&abxe=1&dt=1647167501926&dlt=1647167501430&idt=480&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=294&adys=2045&ucis=fkokrfwtenuq&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fjesus.co&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1312843398.1647167500&ga_sid=1647167502&ga_hid=1310200072&ga_fc=true&btvi=1&nvt=1: urn:uuid resource URL in WebBundles is deprecated. See migration guide at https://bit.ly/3rpDuEX.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPICpAkPPvplbUfhOUlFmjn7fb3D7AnnG-s67KNZvmF-iT2c7TQDhVNClkH8z9IrnnsAriweN-YnYk6TdAv2IXYuiiB00SQ_
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23a21fe3ea42696fcc14fdc866388b53.safeframe.googlesyndication.com
2445e01f0531f2b2a887231415d0530d.safeframe.googlesyndication.com
25d7d4b3a2f46d903cf09f4aebf2a577.safeframe.googlesyndication.com
540b893fe6af5ae4cbc70fa62bb6f302.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
5e4a4d08a576fabd6d7653ea67d1e7cf.safeframe.googlesyndication.com
8019191.fls.doubleclick.net
8666f22fc78f877a8b9220fc13224bf1.safeframe.googlesyndication.com
a.tile.openstreetmap.org
a1.awin1.com
ad-server.eu
ad.turn.com
ad4m.at
ads.travelaudience.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adv.office-partner.de
ajax.googleapis.com
analytics.webgains.io
api.purpleads.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
b.tile.openstreetmap.org
c.bing.com
c.clarity.ms
c.tile.openstreetmap.org
c1.adform.net
c61c4286d9364a29cba7d2b145acd244.safeframe.googlesyndication.com
c891191bb9ecedeba0a042dc3ca1b4e5.safeframe.googlesyndication.com
cdn.purpleads.io
cdnjs.cloudflare.com
cloudflareinsights.com
cm.g.doubleclick.net
cms.quantserve.com
d5p.de17a.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
h.clarity.ms
hal9000.redintelligence.net
hal900021.redintelligence.net
hal900024.redintelligence.net
hal900028.redintelligence.net
hal90008.redintelligence.net
ib.adnxs.com
img.nets4.com
medialead.de
nets4.com
pagead2.googlesyndication.com
pb.media01.eu
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
r.turn.com
s.ad.smaato.net
s0.2mdn.net
s0.nets4.com
securepubads.g.doubleclick.net
static-de.ad4mat.net
static.addtoany.com
static.cloudflareinsights.com
sync.1rx.io
sync.mathtag.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.tidaltv.com
tpc.googlesyndication.com
track.webgains.com
ui2.awin.com
um.simpli.fi
us-u.openx.net
uuid
www.ad-server.eu
www.awin1.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
cm.g.doubleclick.net

104.92.106.130
104.92.94.3
108.157.214.118
138.201.63.116
138.201.63.150
138.201.84.252
142.250.184.194
142.250.184.226
142.250.185.102
142.250.185.194
144.76.238.55
145.239.193.130
151.101.2.110
169.50.137.184
18.194.22.119
18.197.240.17
18.66.248.50
185.29.132.241
185.33.220.216
185.94.180.126
2.21.141.232
2001:678:cb4:bbbb::11
204.79.197.200
213.155.156.181
213.19.147.45
2600:1901:0:76b9::
2600:9000:225f:e800:1b:5138:8a40:93a1
2606:4700:10::6816:47c5
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700::6810:125e
2606:4700::6810:5f41
2620:116:800d:21:36a9:ecb:e518:b308
2620:1ec:27::cafe:1425
2a00:1288:80:807::1
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:808::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2008
2a00:1450:4001:810::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:830::2001
2a00:1450:4001:830::200a
2a02:fa8:8806:12::1370
2a04:4e42:400::649
2a04:4e42:600::649
2a05:d018:24:b002:fd0c:6a07:bd55:e3a8
2a05:d018:d29:3601:b73:5e1d:a8b6:5551
2a06:98c1:3121::7
2a0b:4d07:101::1
34.227.128.233
35.190.0.66
35.244.159.8
37.157.6.246
46.236.13.147
52.142.114.2
52.224.31.34
52.30.107.253
54.76.176.197
88.198.250.30
88.99.165.19
94.23.99.218
95.100.153.115
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
04923c5e207caf6c7f88f1e723ee1e7e6e46d701d42ce4dfd45dad4ebd0c78e8
096cfb56ab0d5ca611f0511fb95e8451322f44a0b9c2514eee76869c267d206d
0a03908890ad86d977ed3c126f30724071c8729279c7a47d052f6743159f5e75
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb978d5472963fc09d519246511b7b146dac5e9033348bb1feef925410d6c45
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0e4ee29eaf66bf9f1df2cbaeb71819cfbbeb22aac7e36fc9b02f2f04e511c9e3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13977410c5d04cd79154d66ab78bd610f7bcba84a5ebeb673defbe750d7623e0
144a80a98d18cf0f7f84176d9ccac08f200db3dc231b281862cffe3803cf49df
146bdc3c0d9ffce08f611fd426c9f5a6d9d003c7aac7008064f5a41664f9f46a
1500b60e9892d70bec1c05722802959fe7babc02c8e268c3b10a108bb9070013
15f97543ff4d546609111ebf1c117bbe16c5fe852fa7e826204b74566e91a8f7
15f9c75454fbc8c7a512938af4ebbe852cd2fe82b8bd32ec98222a231b8a7e12
177c62e1e94a67cd07a9c7a8a29df3e09ee7b9b8c4e180a113f4b3f76b612c95
17a97981604a1fe56f8804e77655010e70cbfbbac2c66e03a303e876dfd72640
192fba245c012468da2443940a99f9ca13257f2a57f1932d5736c318e8a92d6b
1a2c3c62263500f4a1b2c2acf9d63ccf033cdb7daa16e23d9fe33ced9c72bfbe
1d2d6cda758ae9f4f0d97d348293dfe0eaa3b36a3ddc8467f0ec99ebea7a57ed
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1ebd9ef5e1ff89780334c05eec1b416c72578ff66d763166ef65a82f4791d0cb
215568fc549dd57a2be6a6e7ecaec66ef0307923832ed445deded31cbe258655
21af66f64bb18b1159ee363a933d5630e27419c83915d4d5ef42d8154f3921da
21f07320c24e26e1fad8927ea34e6c82c4c53e8e235dac2e0cb8378a82632ed3
2255ec4c3254a41b448889224b2cc5c32f8d6f8a6165d3c58aa6523f86c0957c
22d7e00449ca81f34b0926fe4573ec056a674d959ad42d7fa0ad680e90f27992
230f27646f2460a7e13106d06ec50cb822acf254ae08fba4058aa06ca57b9dab
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029
24dbcced82a1b52b704d4353e10b04602cba0ad3ae83112b7d3520dc7a5df0c4
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25cbb0598f62d55b16729065a0955ce9efcdfb096c7f11fec31e731dcfa11e8a
264f5c640339f042dd729062cfc04c17f8ea0f29882b538e3848ed8f10edb4da
268314ab319caf7c48f031375ae04f67c9e5bb1bb633072694628fb0ea2591b0
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
2a3656cc3dc3ed53e485cf84e47918685e694198f3f97f06f16533e6d86b04ce
2ca375d8fe3464aaefcbf4f826970f9cc795c5875741cfe05afa53937ade429c
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e616c353ac56bd9b110e8454e004ace19e8af57048bc40beca45b7d9abb55d2
2edfb8e5a246cc2bcf5bc25c9f7cf90ea68ab2d8e555869908ca750b8c4a1f75
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
349620e1a7233d74138f3c20c21b9e518440d61d3a6087894638405b45c3cee1
350bebaeb7e2ae8396b259b6b7c98a92d0748299c5b06fb97b5d3a7b69429115
35a325444a0bc4175c8ce57a68c40668f032fdda466aeaa609a23193d6eb43fb
36ae7cd197f222a180957b29c08cdc6440561a9fae3aeeb757ec42a63d90d972
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38bf08369b9d72ce4d22d5b555e9e5ee2e7a5fab8980ba2787f47d89d55e2c99
3b322c9030883acdb559f857024b4ef3ab7574712b635b6e3db135749e32e1fe
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
3c865f9ba19b80bbab61230ac6f099d6c605af2b21615415338a9bfa471c863a
3d8e0bf009dc4593891079ba62a08eb9e8fc165dd367158823e41facbf0494cd
40e978ebe9f3ec208164c8b123cc96a0951060daf1182c0c4e230695c61f1f04
42209466a0cee1f96840538c1199f541720c02d34fa7f6cf499019a2b22a477f
4480fa1b105970ac52f944596b9ce6c6ab0adf0790e84511b66f93ed471cf480
45782083d293574ae5c2febb453d76d965ff2f0c144e816a4e6814fd9814a973
4737c095b2fe07c3277576ec1875b043639cdf54d6527ede7109908abc6d299a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1
499d742344f4b69df1c45273acccf5c6941269f48276e4d52cdabdfbb77a7904
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb70b777e2e28b115fb3154f38891a6fd251dec72c0173c79c97df3f32a897a
4fef239ebd936e96f316dee1aca599952e7adaaba26fab72b45328871855ac4b
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
516fadf20aefdc9565d38ff12fd35aa4262d20408dace2f5849cd191119496c0
51d1824c15484bf9e5f7eaecda2f6fcd87ac497425e14e21b36daa2bab07279c
51dcc2b5c50fa27a20b0c05bdf26f5b496b6bda930b087ccd0ae4856e68628e2
527b4867bcc7b8a38fac16fea9cc147439ccbe2bb0e23d194e152d1f8d65d154
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc
539f15bad34896844475a238302138e3ae85c29209532264254bdc28daaa3edb
54c706dae9926641af2e18a59361fb06195084976f0dbbafc0214adc8ccdfcd2
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56386db6fedf5475ff6ac57939cfaac58722f519fdce666cee7494b993c84e81
574c3a5cca85f4114085b6841596d62f00d7c892c7b03f28cbfa301deb1dc437
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
587259314084a04755f0dfb2d0f0e9f07bdf03a575352e366e308d2e19cfc70a
5aa62593f059da36f7a9c7afabb0e0b9e6d35b60340684d40672e36e7205b4ec
5e7a58fa4a0eb39a6258df9ea0ea084c7d77a0ccf52caa03ffcac50d27f2e52b
61098cc685e1ee432a4f0898efcc830dd9375b97788ee674519c774e418b6361
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64cc219a5d11213dd0ae339608cebdfa99869a9f0010b236f7bf42b893757b69
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
690a225808e1830ad763cf573a3a0fef011a000267d34b5776f922e79531a7e9
691d4bd7b9b31f9ab1b1837e7d956e0e3041ef63c1ee0edee8ca6208a4234efd
6aa29b43cf5f135f71f94386bf85bf5c6a72046283995c01bb528bb410f8ba75
6ad584690f7fa3e788ea1df9a6a567211be5d9d627908e9339e84e99efe70126
6bb6407cde0b1ec326dc517b9db18feb3248ad68900ad9bae04db186a707da17
6ce9c974eddd008645e638d66c7029179ae19c8b271365d4501e82e6e9d54c13
6e4554aebd04601666c4f5f429267fd7518ba1f7658c0f66450fc79aa12c1908
704f6f54ae77cd5ea0a0bf47ebb70727a9bd76a311d7e54788ad3dc79b366739
70d75afdf2c4ec977f52f0977d52e4137863e37c88ed4cc45a2a40b038abd8e1
722c5b95144aaf980dafacd36b1df0a3a0cff78962e8eee8f56e40c423f00b6f
7bbf02d07a9047481f569d2705cd1a395da1c314f0b19cc96558ba97c132b6ce
7d851fa6f8a004b6b8929316ffecb82459ac179ad247192431c7279dd600c39e
7f44df6024871e07a9dce8999ff5aa6292613928aee3600d398384cabea67095
868599f683532d79366bfe9d89e2071bccf655ad0e67a2ca9b379c03ffb3a5e6
8b4fa49a1fc6f0c438705bcb65f85d81b05adb553adf3d2a2f2837c29f5a9aa2
8c6738b987d7226be8dd8628a78a7b8d0de03d1b3883146c547bbf8659df820d
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
915b59897b21e9be15863aa5620b17d476996da229da123482a584bdec59b197
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
946568e52dfc8128302488404fed54469e7f8a2de085f2617ad97c00402e41d9
947e22d9ed05fbe3f5ed3c4ee35618a1910a85968f48a22c0277f9936f2eb769
947f287476fbc9b0c4ca3fc97b70fb7cb6e7d85204d48c5da1b7df38d9fabee8
94bd10db36c3bc5c0bf38ffc55585c96abcc31f8e9957ed6e0c87c9c5dd42f77
9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b
972bb3d2fed74ca3b0bf9b43dadcda8c373ee8780816ba9b2ef6bd05da724138
97efeda8567c33ed3cd7eb616868f1282f50e8ca9ec1ebe3ab632b0913dbdc26
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b91a220e9397e5c490918cd2d49dd3db349e276ee15c824f89d6c9a554ecf66
9ea21905a7edfa4ceda705f977891d5e100f9709318836cfacbab47ad3321ff1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a60406d427e511fb8b6f6a483e4b6f028101e150ed2447d38d5d98418afcb466
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a83cacad35cab9d5df069442d67efabf7c2a71dc4d78d2f6b8044bf332b50fff
a9765a17e251c504631928177f8caac5462c7f105aef5b2385ea96fe591d6818
aaac48be454622fb624348d4cd72ff1983d195ed341e39f25655bf181eb2e44a
aef780d4bc2115d3b8eb19d469e750879ca2a97bd4f921753d14b0c73352cb9a
b028d17ab2e8d0fbb2e1a8fbd4e48b45b8b4da712f6e9521615140392235c06e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4b4d5e67f4e69cce189da35aec15fd98da62b25d00e3b37f9a51a0facbee9bf
b4b84531c5dc764af9161a56997edf9b4c67e661d9108c6d346ca6944c10716d
b631526f714df2128b0710c305fb7a3b5aedd8c3cbff56e49e22a0e9391bdd71
b98df999bf23647121d5b612d14265d9d1a35e7dfd12f9c3d0bf46394b1a10eb
bafa1db2a6708b6401e11e0b2ac4c5bb6eddf4c25e5a83b7eb391fe42ab34a2f
bc8854601f38c9e4fd09873ba3edf5ed493e51d3187205690d91c73054116e42
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bcd3e5551b1b124d71a393467a4f48238ae52dfc3843f793c374b684574faf3f
bdd767560960de0c7a15970ea3b16451cd57550d82babe95dc4aae0caf38f277
bf8731cd02a2e9466c545c3b8a76496a9550af2816014533927223bbb51cf2ce
c00983dee008b49458960478c1cb482043faa725f62c00717915fabddb69bfa6
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c20db37b0415137d094d2f4b92c2db53064084af00af9638521af4a60e3202b5
c299cd7441c413e1fe1d6906628f36bdc1142e35fb5907ce8fefa36213db2dda
c47693176093dad0dfafc4a0b1ab372a994818e9690a7ed0219c3ef021128d91
c5de476e2821c786cd2f8605323df45a1035e6ff01a613219ec96fc034a863bc
c60dd9372c9ff3fb4a9ad4c841dea15b5f625094870c20c892f1c57092f14534
c6cd28b8f48cd9c890723dbd16c6847083e7c322af81fc3da91b9730ac576658
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
c837347a297c1a35852aa375392cc74950a2b868214e8b1909c4637b8b63ee24
c87dc7d9c212984118785676c741a202f5cac746b7b003298a930ed56316e51f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cca36826c839c9b3779224cba3025ee800a077f7de6ce8edb7501cc3d1125447
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf07f4e2b9da5553441038123a2ff2fb6312d9561dc698248f6d59718a956432
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d1f2d2e5202f3a1baa8751d93b62cb65f8ea0f5b16d64d78a00b4eff91f9091c
d2b59825f8e99fb2dc98d6be2a590fea1d87ddf24d33acc0ceefedbf4b760ff2
d47ba8428cacc9252d052784dc6573ba82a5bde0a942c7a80850436a81eabc59
d5140090ecc6779cabe638c5e55c8235006b86f1bcab23d89abcf02e163ad3d9
d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5
d64a80887c78bdcf8f7e98331022b155ce3ec4eb75e254e1d15a15663e80192e
d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e
d85aa20f051e49b97778c825c881639067f6f5fe70965391cc5098977c6df79f
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
d970eb0d01e5cc2cc4d6582c21de247cc49537cbdc5ac5bfe831f91b185b93c0
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
d9a9a19991050ee3bc32c91ed4df32051a445d9175f6fa45228d123ce0b42ecf
dbf6e5b75a285d830029955456eccf8419055e96d252f56a53dfc613cdd74a78
dc96ff8709fb90541d88f19f338e82407556aeb4719befe3a637c53955bfe6cf
dca6b47d1b1344b8dd75f53684acb1030b705199079a5419e9db1140a4361e19
dd1892cb87a74dac682a6207344909a96f23d342670b32063a4f4bae614805dd
dea6d9b977b06e1be6dbf3fc5118a1d8bfca410f14b6c4ad64ec07c057d4783c
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e865ba2ca00e11081a85a9c02951a24ff5ad447974bfaf3daa5356339bc02b6c
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
eb768c34f5b170271948a59c94651c37fd1214d64e1bd8863f134c508b905de7
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
ec4e04bf6aa1d19b00d36e194a14e06ffc6e75ec1cad535230beee9adc322e82
ecb2c263569e4a90ff051652e6dd3dcd148a591ff1b8412ae692414d547b0241
ed1bfafb4f6fd582f878c4cfe2d545b42365ab7f10659a41c86c8c51cac5d88d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff717678e5e48fe42ffb6ce1ab2ff63d78a07a6c31eeaaeb8232267469f9a57
f0f382f3320ade05dd14f969ff7dd9d894c6a6571165ab6d7fcdade2f4836dfc
f12f9c973246403ba908674bd2848ac00239354fa1521217c5c103c1c0f5200f
f2978863218394b3c44f1458d9dde2eb0af779d06b95bb96e3a1aea49803c129
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f70751d4b3f5d5c9f208ea16e8cbcac3c6abf1bda80357da3fcd21dde4333449
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f96caee1cf100b342e61f134b36c0673d6a1d5bf9eecbc302f3a32de281b8163
f98ff8ab059bdef9ea7fe9165a4e74fce15166abdbb8dd25307b7b7d9ac26ddd
fa5a146917b566cc193446e536691259f7ef5506fb99fe5f17937a23b2e6d3c3
fad88df6f78eca6556822fb4a8d589ac6b8e89a95434f05cc13a452d2f63b6ac
fd05ef9807b98a27b9e65f2b5ba48ed0f3924630b80d1361aac1eaef3976072c
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e